Report - go.bluelinknow.com/t/clk?id=6XHa797TmwfYQRhr&s1=663dbbbb7dedf40001036c94&s2=3099d1f0&s8=guide-du-routard-maroc-2023-24.pdf&rl=XD2v&redirect-from=qMHYEQETLvuvMGuY&rcode=R02&rseq=R02

Report Overview

Submitted URL
go.bluelinknow.com/t/clk?id=6XHa797TmwfYQRhr&s1=663dbbbb7dedf40001036c94&s2=3099d1f0&s8=guide-du-routard-maroc-2023-24.pdf&rl=XD2v&redirect-from=qMHYEQETLvuvMGuY&rcode=R02&rseq=R02
IP
34.233.9.147
ASN
#14618 AMAZON-AES
Submitted
2024-05-10 06:17:20
Access
public
Website Title
Unlock your favorite content now!
Final URL
flaredownload.com/en_us/unlock-content-now-1?&subid=f1d1b3bf-3747-41d2-bc77-46f997fc1325&networkid=200347&publisher=3099d1f0&isNewTr=1&stream=guide-du-routard-maroc-2023-24.pdf&email=&subsource=&subsource=
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
82

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
event.secureanalytic.com	30491	2019-05-02	2021-07-14	2024-05-08	529 B	1.6 kB	172.67.204.164
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-05-10	446 B	9.4 kB	142.250.74.106
secureanalytic.com	13422	2019-05-02	2015-12-31	2024-05-04	449 B	9.6 kB	188.114.97.1
go.bluelinknow.com	unknown	2021-03-08	2021-07-12	2024-03-18	1.4 kB	1.5 kB	107.23.36.102
flaredownload.com	unknown	2024-01-18	2024-01-19	2024-04-18	34 kB	1.2 MB	172.67.186.1
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-05-09	883 B	300 kB	142.250.74.168

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-09	medium	flaredownload.com	Sinkholed
2024-05-09	medium	flaredownload.com	Sinkholed
2024-05-09	medium	flaredownload.com	Sinkholed
2024-05-09	medium	flaredownload.com	Sinkholed
2024-05-09	medium	flaredownload.com	Sinkholed
2024-05-09	medium	flaredownload.com	Sinkholed
2024-05-09	medium	flaredownload.com	Sinkholed
2024-05-09	medium	flaredownload.com	Sinkholed
2024-05-09	medium	flaredownload.com	Sinkholed
2024-05-09	medium	flaredownload.com	Sinkholed
2024-05-09	medium	flaredownload.com	Sinkholed
2024-05-09	medium	flaredownload.com	Sinkholed
2024-05-09	medium	flaredownload.com	Sinkholed
2024-05-09	medium	flaredownload.com	Sinkholed
2024-05-09	medium	flaredownload.com	Sinkholed
2024-05-09	medium	flaredownload.com	Sinkholed
2024-05-09	medium	flaredownload.com	Sinkholed
2024-05-09	medium	flaredownload.com	Sinkholed
2024-05-09	medium	flaredownload.com	Sinkholed
2024-05-09	medium	flaredownload.com	Sinkholed
2024-05-09	medium	flaredownload.com	Sinkholed
2024-05-09	medium	flaredownload.com	Sinkholed
2024-05-09	medium	flaredownload.com	Sinkholed
2024-05-09	medium	flaredownload.com	Sinkholed
2024-05-09	medium	flaredownload.com	Sinkholed
2024-05-09	medium	flaredownload.com	Sinkholed
2024-05-09	medium	flaredownload.com	Sinkholed
2024-05-09	medium	flaredownload.com	Sinkholed
2024-05-09	medium	flaredownload.com	Sinkholed
2024-05-09	medium	flaredownload.com	Sinkholed
2024-05-09	medium	flaredownload.com	Sinkholed
2024-05-09	medium	flaredownload.com	Sinkholed
2024-05-09	medium	flaredownload.com	Sinkholed
2024-05-09	medium	flaredownload.com	Sinkholed
2024-05-09	medium	flaredownload.com	Sinkholed
2024-05-09	medium	flaredownload.com	Sinkholed
2024-05-09	medium	flaredownload.com	Sinkholed
2024-05-09	medium	flaredownload.com	Sinkholed
2024-05-09	medium	flaredownload.com	Sinkholed
2024-05-09	medium	flaredownload.com	Sinkholed
2024-05-09	medium	flaredownload.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (26)

	URL	Size	First Seen	Last Seen
	flaredownload.com/assets/hl-edb2da2a.js	1.4 kB	2024-04-18	2024-05-20
Pretty URL flaredownload.com/assets/hl-edb2da2a.js IP 172.67.186.1 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-04-18 12:16:43 Last Seen2024-05-20 15:31:33 Times Seen176 Hash 0fb9d8a5fba7f6a569da52896f965ea3 6e57202028341c2674083acf9e428817c6725c6c 30137b4b0317a40d0c195fff2b2cd054bb39adf2fb94d357f269cb36e3c11581 Loading...

	www.google-analytics.com/analytics.js	4.7 kB	2023-04-11	2024-05-20
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-20 16:05:38 Times Seen350719 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	flaredownload.com/assets/hl-ca68ddb2.js	5.1 kB	2024-05-08	2024-05-10
Pretty URL flaredownload.com/assets/hl-ca68ddb2.js IP 172.67.186.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 16:08:35 Last Seen2024-05-10 09:23:08 Times Seen19 Hash e0b467d48e3bf86c07aa3095520e3c60 b70a69375b927464b619a61e95a03430b1d1ef36 06e1b571b8ea2b758f4bd81f25188eaecbdda1029501a978f3930152d21717c4 Loading...

	flaredownload.com/assets/hl-de833af9.js	690 B	2023-11-04	2024-05-20
Pretty URL flaredownload.com/assets/hl-de833af9.js IP 172.67.186.1 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2023-11-04 19:20:12 Last Seen2024-05-20 15:31:33 Times Seen189 Hash 07f4201d4f772dc3825f3399bb217552 e70c0af48037b02ab9ea515952b889f9eb7bcdb1 5103bcdb5637c56d4a70564479cef8e07ec2d3f00620b428cdb36c28c430d906 Loading...

	flaredownload.com/assets/hl-174bb060.js	915 B	2024-05-08	2024-05-10
Pretty URL flaredownload.com/assets/hl-174bb060.js IP 172.67.186.1 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-05-08 16:08:35 Last Seen2024-05-10 09:23:08 Times Seen17 Hash ce9f015c5392d10d2d7a8b47f6822242 e130d81382e2aaadc45dad4abca7e655bd50256e 38e1364f58042850a7ed41e380f1da1365d88fb19fca72b6d714fc7926efd7ee Loading...

	flaredownload.com/assets/hl-6ba4f92f.js	1.3 kB	2024-05-08	2024-05-10
Pretty URL flaredownload.com/assets/hl-6ba4f92f.js IP 172.67.186.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 16:08:35 Last Seen2024-05-10 08:17:21 Times Seen7 Hash 11f9926c0e5d7529a5a24f9b2cea59e3 48dd9daa4c82ca9c4ad902ddca2935925d7e10d9 884567ca50d93d4979e20ce365653120cdefcf2ea607b1b75559b48577a82a90 Loading...

	flaredownload.com/en_us/sandbox%20eval%20code	147 B	2023-04-11	2024-05-20
Pretty URL flaredownload.com/en_us/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-20 16:05:38 Times Seen351234 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	flaredownload.com/assets/hl-cb9a6390.js	1.9 kB	2024-05-09	2024-05-10
Pretty URL flaredownload.com/assets/hl-cb9a6390.js IP 172.67.186.1 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-05-09 08:53:09 Last Seen2024-05-10 09:23:08 Times Seen6 Hash c11465a4b9785bc4e718152e2b2cd0b0 08fce87403ceeba09ba82d377f0e66edd99cec25 810fdaacd8577bdf84ea6e40598e2a69557e78f1642d616b82a0323229dde3b0 Loading...

	flaredownload.com/assets/hl-3f88d0c7.js	426 B	2024-05-09	2024-05-10
Pretty URL flaredownload.com/assets/hl-3f88d0c7.js IP 172.67.186.1 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-05-09 08:53:09 Last Seen2024-05-10 09:23:08 Times Seen6 Hash dbb4eb62b9cdc13b69496fae9e5c3c49 fd380eb7447f24b19523d9b21906909fa866c530 733eec8237a8bad659f2d122e4b9da423d2805b24365825eda7a7e2a734c7d0b Loading...

	flaredownload.com/assets/hl-1d2dcd13.js	2.8 kB	2024-05-08	2024-05-10
Pretty URL flaredownload.com/assets/hl-1d2dcd13.js IP 172.67.186.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 16:08:34 Last Seen2024-05-10 09:23:08 Times Seen16 Hash fde45abc6a6bb5d05caae33f6f5e1fd6 40bbf887a3ac624c4f0f59f77a95323b396ac50a 1c0416b4d6eeb452dac84a3f093336d5f6309c33cd23092f5643cd7ac22d4872 Loading...

	flaredownload.com/assets/hl-ac0f3d90.js	268 kB	2024-05-08	2024-05-10
Pretty URL flaredownload.com/assets/hl-ac0f3d90.js IP 172.67.186.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 16:08:34 Last Seen2024-05-10 09:23:08 Times Seen29 Hash 144400b2159179d446f86490a79c7be9 a756e385940bb142be7c6d54ac37565dd245d82a 46a6e9359ddb1f887d8c865e0caf2037c83aec329aeca13d504aeb81e17d49e6 Loading...

	flaredownload.com/assets/hl-10816a60.js	1.4 kB	2024-05-08	2024-05-10
Pretty URL flaredownload.com/assets/hl-10816a60.js IP 172.67.186.1 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-05-08 16:08:35 Last Seen2024-05-10 09:23:08 Times Seen16 Hash 82447af11a6cc28997cb6718e7bed942 b9372d51e62ad1453e46426c333a484a9f8b729f da5e970a76a908a1bf26f956e854adc09c3a7b20c60d7e97275f6d3014c8c023 Loading...

	flaredownload.com/assets/hl-8521ea14.js	3.2 kB	2024-05-08	2024-05-10
Pretty URL flaredownload.com/assets/hl-8521ea14.js IP 172.67.186.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 16:08:35 Last Seen2024-05-10 09:23:08 Times Seen14 Hash b19166f011b811f0545dd319e223139f 5702c263de7255960026cc60fb8070ade825efc8 f8e13134e874ec1258918e31b14ce2015fbbe117822902a546d026d9d4679907 Loading...

	flaredownload.com/assets/hl-0a51a8ee.js	418 B	2024-05-08	2024-05-10
Pretty URL flaredownload.com/assets/hl-0a51a8ee.js IP 172.67.186.1 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-05-08 16:08:35 Last Seen2024-05-10 09:23:08 Times Seen18 Hash a9059598c68fa422e736795b4a8fe6be 32907bd711b42f18c0792ca8d4eaeb7f1a6ee51f 70018ec9ec28a9001d60b38cdfaa94dfb0f69f1990d83ce6e248df41606024b4 Loading...

	flaredownload.com/assets/hl-9e26154a.js	1.3 kB	2024-05-09	2024-05-10
Pretty URL flaredownload.com/assets/hl-9e26154a.js IP 172.67.186.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-09 08:53:09 Last Seen2024-05-10 09:23:08 Times Seen6 Hash 25e3ab9c1222a26da5055d926d8b69fe 936335e92210e385223a8d59231fd849bef34c3c 93986b3ba8e7715488c0c51afe463eb494433cf543729d329a7b05cc38a629f8 Loading...

	flaredownload.com/assets/hl-be61e397.js	780 B	2024-05-08	2024-05-10
Pretty URL flaredownload.com/assets/hl-be61e397.js IP 172.67.186.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 16:08:35 Last Seen2024-05-10 08:17:21 Times Seen11 Hash bfa9cb2394b197ac7142712649a4e204 211a5a893b499a01ca584cc4e5ba6757046e963a 563c18159bfd480bd4501243a05bc0bb7de0faef6222174bc59401110ab9a856 Loading...

	flaredownload.com/assets/hl-3bcd5885.js	616 B	2024-05-08	2024-05-10
Pretty URL flaredownload.com/assets/hl-3bcd5885.js IP 172.67.186.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 16:08:35 Last Seen2024-05-10 09:23:08 Times Seen15 Hash 91f13034f53da0ac54e4b46fba314d39 cdbad13d71a203f387a5e4f463efde8b8bce07a5 3893253c45fcd3d259dfded23a81852bc8adac040cd6e4478649510e09cff1a8 Loading...

	unknown	162 B	2024-04-06	2024-05-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-06 17:32:25 Last Seen2024-05-19 11:40:14 Times Seen27 Hash e193bf714b31c897879cd92880a395e0 723115770c90558282dee4dbcfde3175c2a30a1f e0ab77eab014566a6194727273a32d9d4586baf3ab126564e0d30ed4a8c53db3 Loading...

	flaredownload.com/assets/hl-e2569f25.js	5.0 kB	2024-05-08	2024-05-10
Pretty URL flaredownload.com/assets/hl-e2569f25.js IP 172.67.186.1 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-05-08 16:08:35 Last Seen2024-05-10 09:23:08 Times Seen15 Hash 62f7b5943cadd0ff69005e709ff9f991 cc981680bdb61f0873d91f269cebae11d0313c5b 2ed09085a6412312c65ce9a455f47e4ff786d31b9d13acb553e829dfa9a12c61 Loading...

	flaredownload.com/assets/hl-20774a98.js	385 B	2024-05-09	2024-05-10
Pretty URL flaredownload.com/assets/hl-20774a98.js IP 172.67.186.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-09 08:53:09 Last Seen2024-05-10 09:23:08 Times Seen7 Hash 1cef0c8f233d1740eacb3bee353af571 201ebb0db776acb401d45ad41c3227e562ca36cd c5fd0224271b9580a9f918940b57baeb737be74140a3b2fbd351897fb869be73 Loading...

	flaredownload.com/assets/hl-35a77ba0.js	72 kB	2024-04-18	2024-05-20
Pretty URL flaredownload.com/assets/hl-35a77ba0.js IP 172.67.186.1 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-04-18 12:16:42 Last Seen2024-05-20 15:31:33 Times Seen189 Hash f87da472e47dc575b6cb8dc377d18916 bff262654ae71f3be0a658cfbe5a53c787c05d55 5c38207c92f3650eaef6616521c8b1e0a03ceb384030f1c2b67cb75e25925ca8 Loading...

	secureanalytic.com/scripts/push/script/02eyoyxdkz?url=flaredownload.com	8.1 kB	2024-05-02	2024-05-20
Pretty URL secureanalytic.com/scripts/push/script/02eyoyxdkz?url=flaredownload.com IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 23:53:13 Last Seen2024-05-20 15:31:33 Times Seen84 Hash f0fab3cc04750bba62119045aad0cca4 c4bac1f34757d7d9553b0f9d23b1d419e908e62e 4590979b3d0fa22e8974e8b9d80124d0f02b6accbb154ff6e9c67b59e9fcf2c6 Loading...

	www.googletagmanager.com/gtag/js?id=UA-195162716-6	208 kB	2024-05-10	2024-05-10
Pretty URL www.googletagmanager.com/gtag/js?id=UA-195162716-6 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 08:17:21 Last Seen2024-05-10 08:17:22 Times Seen2 Hash 445655bc19b4ef472e98fb9be5ff0ac5 ac8ce05e66d96f896da9c3944e0719a7e076000f d2c8da528bee32c81104260b0d04bcfbdc427cb8b6b9b5f0787dd282e0b071f7 Loading...

	www.googletagmanager.com/gtag/js?id=G-CK9NSGSVJF&l=dataLayer&cx=c	257 kB	2024-05-10	2024-05-10
Pretty URL www.googletagmanager.com/gtag/js?id=G-CK9NSGSVJF&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 08:17:21 Last Seen2024-05-10 08:17:21 Times Seen2 Hash 4d6b2612806ac303cd31a6096145bed8 d52e437b47d2484e9a25bed2a4b3b8c8bba0b333 f11315bce480a23c4785d6d03ddff8cdcb4087ef11b37c8a0c8419b27d9b4c06 Loading...

	flaredownload.com/assets/hl-e8f6c714.js	561 B	2024-05-08	2024-05-10
Pretty URL flaredownload.com/assets/hl-e8f6c714.js IP 172.67.186.1 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-05-08 16:08:34 Last Seen2024-05-10 09:23:08 Times Seen19 Hash 08609a6fe6041939e6a3c8c2b08d6cb7 c0798b503bfdf44e70131f4b7b625a7c3ed37087 2d883c786dda057a8e7cd9d10323177d3ff709cd9e179800ecb7c84ef546dc93 Loading...

	flaredownload.com/assets/hl-f1b986bc.js	1.9 kB	2024-05-08	2024-05-10
Pretty URL flaredownload.com/assets/hl-f1b986bc.js IP 172.67.186.1 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-05-08 16:08:35 Last Seen2024-05-10 09:23:08 Times Seen16 Hash 2513dcb5ea3631b78496d56a1c8d7e9b c27b476069f6e67d22486fc20bd0f9fe841525d9 50ccfdf72d808f79166a95f190508636d3f5846abd39deb2ef6f05143421b2ee Loading...

HTTP Transactions (48)

URL IP Response Size

go.bluelinknow.com/t/clk?id=6XHa797TmwfYQRhr&s1=663dbbbb7dedf40001036c94&s2=3099d1f0&s8=guide-du-routard-maroc-2023-24.pdf&rl=XD2v&redirect-from=qMHYEQETLvuvMGuY&rcode=R02&rseq=R02

107.23.36.102

302 Found

0 B

URL User Request GET HTTP/2
go.bluelinknow.com/t/clk?id=6XHa797TmwfYQRhr&s1=663dbbbb7dedf40001036c94&s2=3099d1f0&s8=guide-du-routard-maroc-2023-24.pdf&rl=XD2v&redirect-from=qMHYEQETLvuvMGuY&rcode=R02&rseq=R02
IP
107.23.36.102:443
ASN
#14618 AMAZON-AES

Certificate
IssuerAmazon
Subject*.redlinknow.com
Fingerprint79:82:ED:1B:55:67:44:54:B9:21:32:61:9D:61:C9:1A:2F:AF:97:76
ValiditySun, 17 Dec 2023 00:00:00 GMT - Tue, 14 Jan 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /t/clk?id=6XHa797TmwfYQRhr&s1=663dbbbb7dedf40001036c94&s2=3099d1f0&s8=guide-du-routard-maroc-2023-24.pdf&rl=XD2v&redirect-from=qMHYEQETLvuvMGuY&rcode=R02&rseq=R02 HTTP/1.1
Host: go.bluelinknow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Fri, 10 May 2024 06:16:54 GMT
content-type: text/html; charset=utf-8
content-length: 0
location: https://go.bluelinknow.com/t/clk?id=l7HRkLkUB4HXBdC0&s1=663dbbbb7dedf40001036c94&s2=3099d1f0&s8=guide-du-routard-maroc-2023-24.pdf&rl=v2ryiWXy&redirect-from=qMHYEQETLvuvMGuY&rcode=R02&rseq=R02,R02
server: nginx/1.14.2
cache-control: no-transform
x-frame-options: SAMEORIGIN
vary: Accept-Language, Cookie, Origin
content-language: en
set-cookie: ydt_a31a0322edef4efaa328c3e667d70925="[]:1s5JYs:JzzWc4jBQoqFTQbsbbq-Wf1_bvU"; expires=Sun, 09 Jun 2024 08:16:54 GMT; Max-Age=2599200; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2

go.bluelinknow.com/t/clk?id=l7HRkLkUB4HXBdC0&s1=663dbbbb7dedf40001036c94&s2=3099d1f0&s8=guide-du-routard-maroc-2023-24.pdf&rl=v2ryiWXy&redirect-from=qMHYEQETLvuvMGuY&rcode=R02&rseq=R02,R02

107.23.36.102

302 Found

0 B

URL User Request GET HTTP/2
go.bluelinknow.com/t/clk?id=l7HRkLkUB4HXBdC0&s1=663dbbbb7dedf40001036c94&s2=3099d1f0&s8=guide-du-routard-maroc-2023-24.pdf&rl=v2ryiWXy&redirect-from=qMHYEQETLvuvMGuY&rcode=R02&rseq=R02,R02
IP
107.23.36.102:443
ASN
#14618 AMAZON-AES

Certificate
IssuerAmazon
Subject*.redlinknow.com
Fingerprint79:82:ED:1B:55:67:44:54:B9:21:32:61:9D:61:C9:1A:2F:AF:97:76
ValiditySun, 17 Dec 2023 00:00:00 GMT - Tue, 14 Jan 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /t/clk?id=l7HRkLkUB4HXBdC0&s1=663dbbbb7dedf40001036c94&s2=3099d1f0&s8=guide-du-routard-maroc-2023-24.pdf&rl=v2ryiWXy&redirect-from=qMHYEQETLvuvMGuY&rcode=R02&rseq=R02,R02 HTTP/1.1
Host: go.bluelinknow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: ydt_a31a0322edef4efaa328c3e667d70925="[]:1s5JYs:JzzWc4jBQoqFTQbsbbq-Wf1_bvU"
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
date: Fri, 10 May 2024 06:16:54 GMT
content-type: text/html; charset=utf-8
content-length: 0
location: https://flaredownload.com/en_us/unlock-content-now-1?&subid=f1d1b3bf-3747-41d2-bc77-46f997fc1325&networkid=200347&publisher=3099d1f0&isNewTr=1&stream=guide-du-routard-maroc-2023-24.pdf&email=&subsource=&subsource=
server: nginx/1.14.2
cache-control: no-transform
x-frame-options: SAMEORIGIN
vary: Accept-Language, Cookie, Origin
content-language: en
set-cookie: uip="[\"JgcoFhi\"\054 {\"Bl60\": \"DoW0Jw8\"}]:1s5JYs:ZyMsD43cGm2Z_w-ohY4qnxg49eE"; expires=Sun, 09 Jun 2024 06:16:54 GMT; Max-Age=2592000; Path=/
ydt_a31a0322edef4efaa328c3e667d70925="[\"f1d1b3bf-3747-41d2-bc77-46f997fc1325\"]:1s5JYs:jd2WCJ8qtPxEmAjsbrSQadPgaBQ"; expires=Sun, 09 Jun 2024 08:16:54 GMT; Max-Age=2599200; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2

flaredownload.com/assets/hl-0a51a8ee.js

172.67.186.1

200 OK

2.8 kB

URL GET HTTP/3
flaredownload.com/assets/hl-0a51a8ee.js
IP
172.67.186.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=f1d1b3bf-3747-41d2-bc77-46f997fc1325&networkid=200347&publisher=3099d1f0&isNewTr=1&stream=guide-du-routard-maroc-2023-24.pdf&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
JavaScript source, ASCII text, with very long lines (8560)
Size
2.8 kB (2806 bytes)
Hash
9bc2170b25a8e27d799fddb9eb4ab79c
38f418f902e83ac8a0a03013c6400c3256529bb9
405f50fb5f87b573156664c6d76b16803b6367973f48fdd41ec91ddd71a4604a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-0a51a8ee.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=f1d1b3bf-3747-41d2-bc77-46f997fc1325&networkid=200347&publisher=3099d1f0&isNewTr=1&stream=guide-du-routard-maroc-2023-24.pdf&email=&subsource=&subsource=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 06:16:56 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=419
access-control-allow-origin: *
etag: W/"663b4ae5-1a3"
last-modified: Wed, 08 May 2024 09:50:29 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ORmQ%2FOKu5fMezXrqjI6%2BLBaLqUmOshA7eLqzyN4Ef2Lr7ukQdhe94IYVC91veq6RmeC9Jv6qpjOXP1SLyKWWhsjUJwWla%2FQ6MaIKCqjxFe3mh0eT%2FoZsdlsILLUfECPV6Ozy%2FOzkLA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 9
server: cloudflare
cf-ray: 8817cda619a4b51e-OSL

flaredownload.com/visit/get-data?landingId=7748&subid=f1d1b3bf-3747-41d2-bc77-46f997fc1325&networkid=200347&publisher=3099d1f0&isNewTr=1&stream=guide-du-routard-maroc-2023-24.pdf&email=&subsource=

172.67.186.1

200 OK

30 kB

URL GET HTTP/3
flaredownload.com/visit/get-data?landingId=7748&subid=f1d1b3bf-3747-41d2-bc77-46f997fc1325&networkid=200347&publisher=3099d1f0&isNewTr=1&stream=guide-du-routard-maroc-2023-24.pdf&email=&subsource=
IP
172.67.186.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=f1d1b3bf-3747-41d2-bc77-46f997fc1325&networkid=200347&publisher=3099d1f0&isNewTr=1&stream=guide-du-routard-maroc-2023-24.pdf&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
JSON text data
Size
30 kB (29625 bytes)
Hash
314611d19df56c1372e1a622d0045af0
fd695080ac65aa5efdfc24dbf6b3a49535f3baab
f9dbb26436b26ff3055302dccb94fefa6b749de45651557529f06d992c1592bf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /visit/get-data?landingId=7748&subid=f1d1b3bf-3747-41d2-bc77-46f997fc1325&networkid=200347&publisher=3099d1f0&isNewTr=1&stream=guide-du-routard-maroc-2023-24.pdf&email=&subsource= HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
sentry-trace: ffd824dbd082477e96fc4dacc530e81c-83d5cc7f119c46e2-0
baggage: sentry-environment=production,sentry-public_key=9056b383582c444792eb65c1726488d9,sentry-trace_id=ffd824dbd082477e96fc4dacc530e81c,sentry-sample_rate=0.1,sentry-sampled=false
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=f1d1b3bf-3747-41d2-bc77-46f997fc1325&networkid=200347&publisher=3099d1f0&isNewTr=1&stream=guide-du-routard-maroc-2023-24.pdf&email=&subsource=&subsource=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 06:16:55 GMT
content-type: application/json; charset=UTF-8
set-cookie: visitInfo::7748=ce852bd1710f404d624929fcd4a26895ffa91bdbbfb52d3a967ffdcd36c65820a%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%2208df08742e619d25f47ac10d2de5b7b8%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%223099d1f0%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22f1d1b3bf-3747-41d2-bc77-46f997fc1325%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D; path=/; HttpOnly; SameSite=Lax
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LSa1p08pKH9WUdaW56rqDaWlaqs0%2BJb5BORwvri8U8MMW3WVkfGgkd%2BKh9CLEeYFLwSrqS%2BqwXhhdFVjs9PY7wh%2FeEmzmRhPIJfWBDX4TuhoveOqtlC5956LoeyoVxaN9do6mw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8817cda4afa5b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

flaredownload.com/assets/hl-de833af9.js

172.67.186.1

200 OK

75 kB

URL GET HTTP/3
flaredownload.com/assets/hl-de833af9.js
IP
172.67.186.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=f1d1b3bf-3747-41d2-bc77-46f997fc1325&networkid=200347&publisher=3099d1f0&isNewTr=1&stream=guide-du-routard-maroc-2023-24.pdf&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
gzip compressed data, from Unix
Size
75 kB (75253 bytes)
Hash
215f2df636deed20a684bb33e4383746
42b312c42ef6da316c801cf70fa5dde722dec824
c7fcb7b0bfe324aee9f540b7373ef3fb9c2995ade4fbcf6abbd7add56ce99a1a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-de833af9.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-6ba4f92f.js
Cookie: visitInfo::7748=ce852bd1710f404d624929fcd4a26895ffa91bdbbfb52d3a967ffdcd36c65820a%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%2208df08742e619d25f47ac10d2de5b7b8%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%223099d1f0%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22f1d1b3bf-3747-41d2-bc77-46f997fc1325%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 06:16:56 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=691
access-control-allow-origin: *
etag: W/"663b4ae5-2b3"
last-modified: Wed, 08 May 2024 09:50:29 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hXG9xPe%2FaK7QB6QyHLtkhD5qE2L%2BbxQDHkhg3k1Mqw%2Bx7yVF20XWFdM2205dMgfdxRWyy2XHbnhAdL3tC%2Bl%2FND7QJsHw2mQnlkQ%2FkgKrHLAkn8teUwq0cM5app6tXMjfocgYDYKLEw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 9
server: cloudflare
cf-ray: 8817cda6ba39b51e-OSL
alt-svc: h3=":443"; ma=86400

flaredownload.com/favicon.ico

172.67.186.1

200 OK

2.5 kB

URL GET HTTP/3
flaredownload.com/favicon.ico
IP
172.67.186.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=f1d1b3bf-3747-41d2-bc77-46f997fc1325&networkid=200347&publisher=3099d1f0&isNewTr=1&stream=guide-du-routard-maroc-2023-24.pdf&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel
Size
2.5 kB (2457 bytes)
Hash
1ba2ae710d927f13d483fd5d1e548c9b
c0605efed936ee2600284e6480521d06fa64f872
db74ab0b78338c1f778f8398c45f4103c99aea0e845a3118a7750b4eeafd3445

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=f1d1b3bf-3747-41d2-bc77-46f997fc1325&networkid=200347&publisher=3099d1f0&isNewTr=1&stream=guide-du-routard-maroc-2023-24.pdf&email=&subsource=&subsource=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 06:16:55 GMT
content-type: image/x-icon
last-modified: Wed, 13 Sep 2023 08:04:59 GMT
etag: W/"65016d2b-10be"
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kAYCsTvrw%2FRvctdmyEzsg0nESpF%2FC6kf7Lti%2FBiCTmkK4JNxFdejOb9eouCoLx8fAMbaaI%2Bij3hCBMMhssJRZdU1Ncy80g6LakcRtQUvcajLSvXIdeHyBw2%2Fu20zl80%2BT1wCiA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8817cda558adb51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

flaredownload.com/assets/hl-6ba4f92f.js

172.67.186.1

200 OK

95 kB

URL GET HTTP/3
flaredownload.com/assets/hl-6ba4f92f.js
IP
172.67.186.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=f1d1b3bf-3747-41d2-bc77-46f997fc1325&networkid=200347&publisher=3099d1f0&isNewTr=1&stream=guide-du-routard-maroc-2023-24.pdf&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
gzip compressed data, from Unix
Size
95 kB (95237 bytes)
Hash
9a8493d128373afa344746a77c9c2218
29266cbb7b5800fae3216bd10017a8dfba5ebf9a
01ff428ead05df5be0ebfb64e01991d10849aaedd1390d6398079ec4687d970d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-6ba4f92f.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=f1d1b3bf-3747-41d2-bc77-46f997fc1325&networkid=200347&publisher=3099d1f0&isNewTr=1&stream=guide-du-routard-maroc-2023-24.pdf&email=&subsource=&subsource=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 06:16:56 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=1286
access-control-allow-origin: *
etag: W/"663b4ae5-506"
last-modified: Wed, 08 May 2024 09:50:29 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9lo1fv%2F%2B2F90EDHdUzdXYxdsUbTQx8dbJwj4CkSEUm2OwttCqVnNTLPwppSXhn6JHzPjABTXcy2TLF42OLxU%2FAvJ6VP6SngSN4iHlKwKBio8eL1Tly7h60qSrkRUsidfj1FxRCY%2Bvw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 9
server: cloudflare
cf-ray: 8817cda629afb51e-OSL
alt-svc: h3=":443"; ma=86400

www.googletagmanager.com/gtag/js?id=G-CK9NSGSVJF&l=dataLayer&cx=c

142.250.74.168

200 OK

90 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-CK9NSGSVJF&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=f1d1b3bf-3747-41d2-bc77-46f997fc1325&networkid=200347&publisher=3099d1f0&isNewTr=1&stream=guide-du-routard-maroc-2023-24.pdf&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type
JavaScript source, ASCII text, with very long lines (5955)
Size
90 kB (90529 bytes)
Hash
4d6b2612806ac303cd31a6096145bed8
d52e437b47d2484e9a25bed2a4b3b8c8bba0b333
f11315bce480a23c4785d6d03ddff8cdcb4087ef11b37c8a0c8419b27d9b4c06

HTTP Headers

GET /gtag/js?id=G-CK9NSGSVJF&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 10 May 2024 06:16:56 GMT
expires: Fri, 10 May 2024 06:16:56 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 90529
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

event.secureanalytic.com/register/event_log/v9e179lqez

172.67.204.164

200 OK

0 B

URL POST HTTP/2
event.secureanalytic.com/register/event_log/v9e179lqez
IP
172.67.204.164:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=f1d1b3bf-3747-41d2-bc77-46f997fc1325&networkid=200347&publisher=3099d1f0&isNewTr=1&stream=guide-du-routard-maroc-2023-24.pdf&email=&subsource=&subsource=
Certificate
IssuerLet's Encrypt
Subjectsecureanalytic.com
FingerprintE8:56:22:9E:5D:B8:81:BD:9C:20:0E:24:64:BE:C4:CA:4E:D6:C9:63
ValidityFri, 29 Mar 2024 10:27:40 GMT - Thu, 27 Jun 2024 10:27:39 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /register/event_log/v9e179lqez HTTP/1.1
Host: event.secureanalytic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/
Content-type: application/json
Content-Length: 114
Origin: https://flaredownload.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 10 May 2024 06:16:56 GMT
content-length: 0
expires: 0
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
x-pushplatformapp-params: 
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
x-pushplatformapp-alert: pushPlatformApp.pushSubscription.deleted
x-frame-options: SAMEORIGIN
access-control-expose-headers: Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-content-type-options: nosniff
permissions-policy: camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kz0UAbjS2XFNmYrcxhKElhYferBinBal9lcpaGfVsw0CB%2B97J1kpiIBTKV0ZTlbycHVODi5UhwX1cwICbZY%2B68cYVeT5iKYIHm%2FYsfhFdM01bnmZ7uZDIs3Cn3d2LEhKl6QGNOAcgik1628%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8817cda8ff1a0b49-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

flaredownload.com/assets/hl-9e26154a.js

172.67.186.1

200 OK

11 kB

URL GET HTTP/3
flaredownload.com/assets/hl-9e26154a.js
IP
172.67.186.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=f1d1b3bf-3747-41d2-bc77-46f997fc1325&networkid=200347&publisher=3099d1f0&isNewTr=1&stream=guide-du-routard-maroc-2023-24.pdf&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
gzip compressed data, from Unix
Size
11 kB (10905 bytes)
Hash
f0df94013cc66160ebdf0aa57fe8b2c8
e2a6388db326be9b653e2edf5c795b363abfe677
48fca70189f04fd18407108a390968dc525a49dffa6d011a6da3e12cc9e970d7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-9e26154a.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-ca68ddb2.js
Cookie: visitInfo::7748=ce852bd1710f404d624929fcd4a26895ffa91bdbbfb52d3a967ffdcd36c65820a%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%2208df08742e619d25f47ac10d2de5b7b8%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%223099d1f0%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22f1d1b3bf-3747-41d2-bc77-46f997fc1325%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 06:16:56 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=1339
access-control-allow-origin: *
etag: W/"663b4ae5-53b"
last-modified: Wed, 08 May 2024 09:50:29 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H2wuD5BjXEF0QuJSbkOVeok5p2R19ncvdcFQZG2BAVwsVR1YHeJGplD0SKW4dBG3LOjPWUHHWlFVGZs9d9jtVdK3iYCz5uWQTmBgRYXQzWhHtBhdpRaEbVaUknaI6a9MRbjyavXyZA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 9
server: cloudflare
cf-ray: 8817cda91d13b51e-OSL
alt-svc: h3=":443"; ma=86400

flaredownload.com/assets/hl-20774a98.js

172.67.186.1

200 OK

743 B

URL GET HTTP/3
flaredownload.com/assets/hl-20774a98.js
IP
172.67.186.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=f1d1b3bf-3747-41d2-bc77-46f997fc1325&networkid=200347&publisher=3099d1f0&isNewTr=1&stream=guide-du-routard-maroc-2023-24.pdf&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
gzip compressed data, from Unix
Size
743 B (743 bytes)
Hash
9d250613c5593bf6893f005fa8d79e5c
cf57fbf87d386203d7698dacd4cce2f78ebfe079
1f4cc6cfeaf90473ecc1358a634ea27c8877127e3c1322b579e05a4beb3a6fd5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-20774a98.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=f1d1b3bf-3747-41d2-bc77-46f997fc1325&networkid=200347&publisher=3099d1f0&isNewTr=1&stream=guide-du-routard-maroc-2023-24.pdf&email=&subsource=&subsource=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 06:16:56 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=386
access-control-allow-origin: *
etag: W/"663b4ae5-182"
last-modified: Wed, 08 May 2024 09:50:29 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ee72%2FOu8xGNzOzBAJmfGWRe1nCsQogKXmdA5EhAdR7psEzGrTMa2KMPXaKw5hgBgH2vNWBHQ0k7XaCYhI%2FSGLKizsnwFRso7Fsw2EPaA2iTpRuVhy0H0ltIt5PTL%2FO%2FzQMRoiHFn2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 8
server: cloudflare
cf-ray: 8817cda97d8ab51e-OSL
alt-svc: h3=":443"; ma=86400

flaredownload.com/prod/images/18e8c55ad549933e62ee40b8c7adbdd0.png

172.67.186.1

200 OK

3.2 kB

URL GET HTTP/3
flaredownload.com/prod/images/18e8c55ad549933e62ee40b8c7adbdd0.png
IP
172.67.186.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=f1d1b3bf-3747-41d2-bc77-46f997fc1325&networkid=200347&publisher=3099d1f0&isNewTr=1&stream=guide-du-routard-maroc-2023-24.pdf&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
PNG image data, 100 x 100, 8-bit colormap, non-interlaced
Size
3.2 kB (3235 bytes)
Hash
18e8c55ad549933e62ee40b8c7adbdd0
f7bc824a4c70a4babc07b21fcbd413885128e92e
69bec757694a537e73efba217eaca74df87935a063fe5c6a25f22c7e196f6520

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /prod/images/18e8c55ad549933e62ee40b8c7adbdd0.png HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=f1d1b3bf-3747-41d2-bc77-46f997fc1325&networkid=200347&publisher=3099d1f0&isNewTr=1&stream=guide-du-routard-maroc-2023-24.pdf&email=&subsource=&subsource=
Cookie: visitInfo::7748=ce852bd1710f404d624929fcd4a26895ffa91bdbbfb52d3a967ffdcd36c65820a%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%2208df08742e619d25f47ac10d2de5b7b8%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%223099d1f0%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22f1d1b3bf-3747-41d2-bc77-46f997fc1325%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D; _ga_CK9NSGSVJF=GS1.1.1715321816.1.0.1715321816.0.0.0; _ga=GA1.1.1078446802.1715321817
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 06:16:56 GMT
content-type: image/png
content-length: 3235
last-modified: Mon, 24 Apr 2023 09:10:42 GMT
etag: "64464792-ca3"
access-control-allow-origin: *
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FtW6i1x0eJ6HoreNg7BTITNxk4QdaJFVOgdNKHSWjCrSswvyrssE4H2S4LWrnxOcT0YMNZHDU6MkgUvrdh%2BlpJYW7U2Gp75nqJ9msZ8gZkLoa12Kbeb5LQfBP9mWKmIiWR9xJJa9HA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 8
accept-ranges: bytes
server: cloudflare
cf-ray: 8817cdaaef36b51e-OSL
alt-svc: h3=":443"; ma=86400

flaredownload.com/prod/images/2f40fa92fce11c340f70807da03ac0b2.png

172.67.186.1

200 OK

971 B

URL GET HTTP/3
flaredownload.com/prod/images/2f40fa92fce11c340f70807da03ac0b2.png
IP
172.67.186.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=f1d1b3bf-3747-41d2-bc77-46f997fc1325&networkid=200347&publisher=3099d1f0&isNewTr=1&stream=guide-du-routard-maroc-2023-24.pdf&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
PNG image data, 111 x 75, 8-bit colormap, non-interlaced
Size
971 B (971 bytes)
Hash
2f40fa92fce11c340f70807da03ac0b2
89ef777357b185dee8937a3da0983f39f156fb10
44990fb54269fdec9302792e2c01543679151dbfb279e63089e28656884b3794

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /prod/images/2f40fa92fce11c340f70807da03ac0b2.png HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=f1d1b3bf-3747-41d2-bc77-46f997fc1325&networkid=200347&publisher=3099d1f0&isNewTr=1&stream=guide-du-routard-maroc-2023-24.pdf&email=&subsource=&subsource=
Cookie: visitInfo::7748=ce852bd1710f404d624929fcd4a26895ffa91bdbbfb52d3a967ffdcd36c65820a%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%2208df08742e619d25f47ac10d2de5b7b8%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%223099d1f0%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22f1d1b3bf-3747-41d2-bc77-46f997fc1325%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D; _ga_CK9NSGSVJF=GS1.1.1715321816.1.0.1715321816.0.0.0; _ga=GA1.1.1078446802.1715321817
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 06:16:56 GMT
content-type: image/png
content-length: 971
last-modified: Thu, 13 Jan 2022 13:22:43 GMT
etag: "61e027a3-3cb"
access-control-allow-origin: *
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HVXxjRq8LSvj%2FF7sV13cmWWG3O9kt24btWiolaNMOdRIUSYroyhYXzM4mALPZ2Cy3EsZzRBe9M8ISz0xZRUm%2F7EbGQTQTE%2FAIJA58sTZ2KOg5jZPXuMLvUJUOf%2BT4XcQJnMceMKUNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 8
accept-ranges: bytes
server: cloudflare
cf-ray: 8817cdaaef37b51e-OSL
alt-svc: h3=":443"; ma=86400

flaredownload.com/assets/hl-10816a60.js

172.67.186.1

200 OK

7.0 kB

URL GET HTTP/3
flaredownload.com/assets/hl-10816a60.js
IP
172.67.186.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=f1d1b3bf-3747-41d2-bc77-46f997fc1325&networkid=200347&publisher=3099d1f0&isNewTr=1&stream=guide-du-routard-maroc-2023-24.pdf&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
gzip compressed data, from Unix
Size
7.0 kB (7012 bytes)
Hash
e0099a72ade929308102a608b7f79ab5
382459c27a442e20c4dda8f59bd78c10c9acc445
b56ac699e2d22e9bdc56f3fc3a922348784fbe957db4f7f2c96aafb33ba73e5e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-10816a60.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=f1d1b3bf-3747-41d2-bc77-46f997fc1325&networkid=200347&publisher=3099d1f0&isNewTr=1&stream=guide-du-routard-maroc-2023-24.pdf&email=&subsource=&subsource=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 06:16:56 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=1364
access-control-allow-origin: *
etag: W/"663b4ae5-554"
last-modified: Wed, 08 May 2024 09:50:29 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5tA1phAbXndpch9mnQh66hiC%2FWvYzfwIHCuAlqS26%2FH0Nvr16GXr9VFGj1R4RGGWXV1xtJJCqGyzltGqf5N0id6AW%2BgHqjFgsKX7IO5wE8CqnrZu5sqXyXi%2FVOPC2Q4ns382sC1NxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 8
server: cloudflare
cf-ray: 8817cda98da2b51e-OSL

flaredownload.com/assets/hl-3f88d0c7.js

172.67.186.1

200 OK

8.1 kB

URL GET HTTP/3
flaredownload.com/assets/hl-3f88d0c7.js
IP
172.67.186.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=f1d1b3bf-3747-41d2-bc77-46f997fc1325&networkid=200347&publisher=3099d1f0&isNewTr=1&stream=guide-du-routard-maroc-2023-24.pdf&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
gzip compressed data, from Unix
Size
8.1 kB (8128 bytes)
Hash
abf07c382f5f3d813ea4b5fe6816d828
dab516a658887f9435593ba1b8598a57e5124326
84ee140c652f0baa62e9e9f67955317cbf0a090eed580a08350f12bdc2695bb9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-3f88d0c7.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-20774a98.js
Cookie: visitInfo::7748=ce852bd1710f404d624929fcd4a26895ffa91bdbbfb52d3a967ffdcd36c65820a%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%2208df08742e619d25f47ac10d2de5b7b8%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%223099d1f0%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22f1d1b3bf-3747-41d2-bc77-46f997fc1325%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 06:16:56 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=427
access-control-allow-origin: *
etag: W/"663b4ae5-1ab"
last-modified: Wed, 08 May 2024 09:50:29 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zg6RxL1vEYIz29MTaYL1bLuTiOW8t4eNyU77JbKDX63auF8RtqMKGWOLhRXLBMBhW7cBnaVefY4NpjSCexlCLVtCN8z9S8BjlUGLg9g5LklW7YlFlqPPZS6GBoRU3xbPiQfFzFcTtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 8
server: cloudflare
cf-ray: 8817cdaa0e66b51e-OSL
alt-svc: h3=":443"; ma=86400

flaredownload.com/assets/hl-174bb060.js

172.67.186.1

200 OK

13 kB

URL GET HTTP/3
flaredownload.com/assets/hl-174bb060.js
IP
172.67.186.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=f1d1b3bf-3747-41d2-bc77-46f997fc1325&networkid=200347&publisher=3099d1f0&isNewTr=1&stream=guide-du-routard-maroc-2023-24.pdf&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
gzip compressed data, from Unix
Size
13 kB (13196 bytes)
Hash
ecd6afadaa4fa96f706ad686aae415ed
6bacd83599b2d8b49968793821d45591db7f2f73
a252a297eaef42626b57b8eb6101031cec924fb97b7ea452a342bd4c530bf8ce

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-174bb060.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=f1d1b3bf-3747-41d2-bc77-46f997fc1325&networkid=200347&publisher=3099d1f0&isNewTr=1&stream=guide-du-routard-maroc-2023-24.pdf&email=&subsource=&subsource=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 06:16:56 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=916
access-control-allow-origin: *
etag: W/"663b4ae5-394"
last-modified: Wed, 08 May 2024 09:50:29 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aBF41In3%2FakrGcl1umG1XKIHXKYk9Ny2Cb9h3JMyU9HPtVo4ueyra2B6p8JB%2FPPt36q%2FTyf%2BG1xszRnuTlcKU1qv0SPFXBVq6Ukg2IQBhmu6bqWVTLQe57nuZZc31%2FNt2tN0kIVVmg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 8
server: cloudflare
cf-ray: 8817cda97d90b51e-OSL

flaredownload.com/prod/images/18e8c55ad549933e62ee40b8c7adbdd0.png

172.67.186.1

200 OK

3.2 kB

URL GET HTTP/3
flaredownload.com/prod/images/18e8c55ad549933e62ee40b8c7adbdd0.png
IP
172.67.186.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=f1d1b3bf-3747-41d2-bc77-46f997fc1325&networkid=200347&publisher=3099d1f0&isNewTr=1&stream=guide-du-routard-maroc-2023-24.pdf&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
PNG image data, 100 x 100, 8-bit colormap, non-interlaced
Size
3.2 kB (3235 bytes)
Hash
18e8c55ad549933e62ee40b8c7adbdd0
f7bc824a4c70a4babc07b21fcbd413885128e92e
69bec757694a537e73efba217eaca74df87935a063fe5c6a25f22c7e196f6520

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /prod/images/18e8c55ad549933e62ee40b8c7adbdd0.png HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=f1d1b3bf-3747-41d2-bc77-46f997fc1325&networkid=200347&publisher=3099d1f0&isNewTr=1&stream=guide-du-routard-maroc-2023-24.pdf&email=&subsource=&subsource=
Cookie: visitInfo::7748=ce852bd1710f404d624929fcd4a26895ffa91bdbbfb52d3a967ffdcd36c65820a%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%2208df08742e619d25f47ac10d2de5b7b8%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%223099d1f0%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22f1d1b3bf-3747-41d2-bc77-46f997fc1325%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D; _ga_CK9NSGSVJF=GS1.1.1715321816.1.0.1715321816.0.0.0; _ga=GA1.1.1078446802.1715321817
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 06:16:56 GMT
content-type: image/png
content-length: 3235
last-modified: Mon, 24 Apr 2023 09:10:42 GMT
etag: "64464792-ca3"
access-control-allow-origin: *
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FtW6i1x0eJ6HoreNg7BTITNxk4QdaJFVOgdNKHSWjCrSswvyrssE4H2S4LWrnxOcT0YMNZHDU6MkgUvrdh%2BlpJYW7U2Gp75nqJ9msZ8gZkLoa12Kbeb5LQfBP9mWKmIiWR9xJJa9HA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 8
accept-ranges: bytes
server: cloudflare
cf-ray: 8817cdab5fc8b51e-OSL
alt-svc: h3=":443"; ma=86400

flaredownload.com/prod/images/2f40fa92fce11c340f70807da03ac0b2.png

172.67.186.1

200 OK

971 B

URL GET HTTP/3
flaredownload.com/prod/images/2f40fa92fce11c340f70807da03ac0b2.png
IP
172.67.186.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=f1d1b3bf-3747-41d2-bc77-46f997fc1325&networkid=200347&publisher=3099d1f0&isNewTr=1&stream=guide-du-routard-maroc-2023-24.pdf&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
PNG image data, 111 x 75, 8-bit colormap, non-interlaced
Size
971 B (971 bytes)
Hash
2f40fa92fce11c340f70807da03ac0b2
89ef777357b185dee8937a3da0983f39f156fb10
44990fb54269fdec9302792e2c01543679151dbfb279e63089e28656884b3794

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /prod/images/2f40fa92fce11c340f70807da03ac0b2.png HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=f1d1b3bf-3747-41d2-bc77-46f997fc1325&networkid=200347&publisher=3099d1f0&isNewTr=1&stream=guide-du-routard-maroc-2023-24.pdf&email=&subsource=&subsource=
Cookie: visitInfo::7748=ce852bd1710f404d624929fcd4a26895ffa91bdbbfb52d3a967ffdcd36c65820a%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%2208df08742e619d25f47ac10d2de5b7b8%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%223099d1f0%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22f1d1b3bf-3747-41d2-bc77-46f997fc1325%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D; _ga_CK9NSGSVJF=GS1.1.1715321816.1.0.1715321816.0.0.0; _ga=GA1.1.1078446802.1715321817
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 06:16:56 GMT
content-type: image/png
content-length: 971
last-modified: Thu, 13 Jan 2022 13:22:43 GMT
etag: "61e027a3-3cb"
access-control-allow-origin: *
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HVXxjRq8LSvj%2FF7sV13cmWWG3O9kt24btWiolaNMOdRIUSYroyhYXzM4mALPZ2Cy3EsZzRBe9M8ISz0xZRUm%2F7EbGQTQTE%2FAIJA58sTZ2KOg5jZPXuMLvUJUOf%2BT4XcQJnMceMKUNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 8
accept-ranges: bytes
server: cloudflare
cf-ray: 8817cdab5fccb51e-OSL
alt-svc: h3=":443"; ma=86400

flaredownload.com/assets/hl-b93b9165.woff2

172.67.186.1

200 OK

8.0 kB

URL GET HTTP/3
flaredownload.com/assets/hl-b93b9165.woff2
IP
172.67.186.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=f1d1b3bf-3747-41d2-bc77-46f997fc1325&networkid=200347&publisher=3099d1f0&isNewTr=1&stream=guide-du-routard-maroc-2023-24.pdf&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7988, version 1.0
Size
8.0 kB (7988 bytes)
Hash
087457026965f98466618a478c4b1b07
00b024ccb35e3694de662d180d6ea7f56de6d654
b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-b93b9165.woff2 HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-78f24724.css
Cookie: visitInfo::7748=ce852bd1710f404d624929fcd4a26895ffa91bdbbfb52d3a967ffdcd36c65820a%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%2208df08742e619d25f47ac10d2de5b7b8%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%223099d1f0%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22f1d1b3bf-3747-41d2-bc77-46f997fc1325%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D; _ga_CK9NSGSVJF=GS1.1.1715321816.1.0.1715321816.0.0.0; _ga=GA1.1.1078446802.1715321817
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 06:16:56 GMT
content-type: application/octet-stream
content-length: 7988
last-modified: Wed, 08 May 2024 09:50:29 GMT
etag: "663b4ae5-1f34"
access-control-allow-origin: *
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h%2FIErYmznj2Wmn5R8iqI%2BHVAx0O%2B8pvmNUITGykpDBTIeV1mptPNCxSlx7v8RFRnQvEThAfw6UAMU2EuS6e02m2cmVCbEFu%2FVxOTmDFsGtIZWvHGJ43q7%2BoV5FkX5uSRoE%2B0NQtDug%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 8
accept-ranges: bytes
server: cloudflare
cf-ray: 8817cdab8817b51e-OSL
alt-svc: h3=":443"; ma=86400

flaredownload.com/assets/hl-41e46faf.woff2

172.67.186.1

200 OK

7.9 kB

URL GET HTTP/3
flaredownload.com/assets/hl-41e46faf.woff2
IP
172.67.186.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=f1d1b3bf-3747-41d2-bc77-46f997fc1325&networkid=200347&publisher=3099d1f0&isNewTr=1&stream=guide-du-routard-maroc-2023-24.pdf&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7900, version 1.0
Size
7.9 kB (7900 bytes)
Hash
9ed361bba8488aeb2797b82befda20f1
6f80d965a066aff81c0a344d4b7297bd009cc099
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-41e46faf.woff2 HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-78f24724.css
Cookie: visitInfo::7748=ce852bd1710f404d624929fcd4a26895ffa91bdbbfb52d3a967ffdcd36c65820a%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%2208df08742e619d25f47ac10d2de5b7b8%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%223099d1f0%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22f1d1b3bf-3747-41d2-bc77-46f997fc1325%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D; _ga_CK9NSGSVJF=GS1.1.1715321816.1.0.1715321816.0.0.0; _ga=GA1.1.1078446802.1715321817
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 06:16:56 GMT
content-type: application/octet-stream
content-length: 7900
last-modified: Wed, 08 May 2024 09:50:29 GMT
etag: "663b4ae5-1edc"
access-control-allow-origin: *
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kyOTn%2F10%2B9wD1ve3b4rPWB7sAgnFfniUgQZEY6ej57m4Yba7fqEu9FjjF8PAwQ25XwEYpESpQpCyN7Dy9OYGWtpfCLDl2uijEcdN5hcMEsEBJ%2Bb44kPL7wWOMGrYiu1bJ7rn0xc4uA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 8
accept-ranges: bytes
server: cloudflare
cf-ray: 8817cdab9820b51e-OSL
alt-svc: h3=":443"; ma=86400

flaredownload.com/lead/prefill

172.67.186.1

200 OK

15 kB

URL POST HTTP/3
flaredownload.com/lead/prefill
IP
172.67.186.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=f1d1b3bf-3747-41d2-bc77-46f997fc1325&networkid=200347&publisher=3099d1f0&isNewTr=1&stream=guide-du-routard-maroc-2023-24.pdf&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
JSON text data
Size
15 kB (15278 bytes)
Hash
469b4dc67eee4f13496c7ba2715efb9f
96bd09b7e53a9fea666b2e54004cf249d4bd4e17
58a8c78e450324ab7e738926547a4fefe1a2d59801c07d7c96ba6e48c53d248b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /lead/prefill HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
sentry-trace: ffd824dbd082477e96fc4dacc530e81c-b15e5cb784e7a2d8-0
baggage: sentry-environment=production,sentry-public_key=9056b383582c444792eb65c1726488d9,sentry-trace_id=ffd824dbd082477e96fc4dacc530e81c
Content-Length: 56
Origin: https://flaredownload.com
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=f1d1b3bf-3747-41d2-bc77-46f997fc1325&networkid=200347&publisher=3099d1f0&isNewTr=1&stream=guide-du-routard-maroc-2023-24.pdf&email=&subsource=&subsource=
Cookie: visitInfo::7748=ce852bd1710f404d624929fcd4a26895ffa91bdbbfb52d3a967ffdcd36c65820a%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%2208df08742e619d25f47ac10d2de5b7b8%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%223099d1f0%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22f1d1b3bf-3747-41d2-bc77-46f997fc1325%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D; _ga_CK9NSGSVJF=GS1.1.1715321816.1.0.1715321816.0.0.0; _ga=GA1.1.1078446802.1715321817
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 06:16:56 GMT
content-type: application/json; charset=UTF-8
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yk6tisSMgguS1PZvLSV6zSPbSnZVSaSqXNT8OWnWPFPjIWGcdm51zKJe%2Fp08hhx2Lh8OFpwwBXcrGU%2F8GIlfFsn3M5F6izZmJp7mDnepsxsXYNoakGfJBG2h1y6OrZjW8NQiSw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8817cdab2f83b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

flaredownload.com/assets/hl-f1b986bc.js

172.67.186.1

200 OK

9.8 kB

URL GET HTTP/3
flaredownload.com/assets/hl-f1b986bc.js
IP
172.67.186.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=f1d1b3bf-3747-41d2-bc77-46f997fc1325&networkid=200347&publisher=3099d1f0&isNewTr=1&stream=guide-du-routard-maroc-2023-24.pdf&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
gzip compressed data, from Unix
Size
9.8 kB (9835 bytes)
Hash
45843bedf855f725047e731390806c9c
98ed6278b390ec7ddd7e8fb2c7052acfe3213879
314ec303b8e8958a794e8cf1a13d92cb47db4c6b1a2a132006da0184feebae2b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-f1b986bc.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=f1d1b3bf-3747-41d2-bc77-46f997fc1325&networkid=200347&publisher=3099d1f0&isNewTr=1&stream=guide-du-routard-maroc-2023-24.pdf&email=&subsource=&subsource=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 06:16:56 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=1923
access-control-allow-origin: *
etag: W/"663b4ae5-783"
last-modified: Wed, 08 May 2024 09:50:29 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sRjNQvRafvnne2c6EeJ%2FxLC1xDOkya78UGqXNRkmUrgsoHYOiRApU33Oy64WddjlTVnC0J%2F11BFbHd5IG%2Bh9lILJso13yZUPkAYLo3Tdu2gJ%2BwxwsOmb4GBOszpBvAZOg%2FB9Kfo7Nw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 8
server: cloudflare
cf-ray: 8817cdab4fa9b51e-OSL

flaredownload.com/assets/hl-e2569f25.js

172.67.186.1

200 OK

8.6 kB

URL GET HTTP/3
flaredownload.com/assets/hl-e2569f25.js
IP
172.67.186.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=f1d1b3bf-3747-41d2-bc77-46f997fc1325&networkid=200347&publisher=3099d1f0&isNewTr=1&stream=guide-du-routard-maroc-2023-24.pdf&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
gzip compressed data, from Unix
Size
8.6 kB (8647 bytes)
Hash
100f024771886601285349ad057ae1b6
8fd50e8ffa18cd104893cee0051655861ad7c08b
b34590e4208e93a2fca4e2fc15c10ecd29e395260c4e92b4c1ab3e19ee5d541d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-e2569f25.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=f1d1b3bf-3747-41d2-bc77-46f997fc1325&networkid=200347&publisher=3099d1f0&isNewTr=1&stream=guide-du-routard-maroc-2023-24.pdf&email=&subsource=&subsource=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 06:16:56 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=5041
access-control-allow-origin: *
etag: W/"663b4ae5-13b1"
last-modified: Wed, 08 May 2024 09:50:29 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QY3TETq4BhCeWnrzRkysu25rOCUpPEwXbGY0aOs2sdFCdyKIR4Y06fUu5fVW1vduRmEvUfj8nXtro9xTphVVYkddYQ3eW8pMj7mGhwicF810JEDMYmWCKQgSresWzISJA1vG6r%2FyUg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 8
server: cloudflare
cf-ray: 8817cda98d9fb51e-OSL

flaredownload.com/assets/hl-1d2dcd13.js

172.67.186.1

200 OK

9.6 kB

URL GET HTTP/3
flaredownload.com/assets/hl-1d2dcd13.js
IP
172.67.186.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=f1d1b3bf-3747-41d2-bc77-46f997fc1325&networkid=200347&publisher=3099d1f0&isNewTr=1&stream=guide-du-routard-maroc-2023-24.pdf&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
gzip compressed data, from Unix
Size
9.6 kB (9647 bytes)
Hash
c70c49cf00635c0b812d026f0793fa94
9d3bd6991741d2e3867174af2ac15055896e027e
c89bcd6972a01540d38ec9da4b66f74e29801e2777ab4a7588098e68bf71ee8a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-1d2dcd13.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=f1d1b3bf-3747-41d2-bc77-46f997fc1325&networkid=200347&publisher=3099d1f0&isNewTr=1&stream=guide-du-routard-maroc-2023-24.pdf&email=&subsource=&subsource=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 06:16:56 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=2842
access-control-allow-origin: *
etag: W/"663b4ae5-b1a"
last-modified: Wed, 08 May 2024 09:50:29 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x3rr2N%2BGITRNMmgJTrfCtzIwuVsszitI8U4R43Tbk50uEXl%2FrgXsKVDM304DdXaL%2BzRALTF2OJwvyLSgWHn%2F%2BSU2d1P7oQKoRGENerDKh7k8ipf1XXnICUFp5XktDWt%2BL3pC%2FTkBRw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 8
server: cloudflare
cf-ray: 8817cdab4fa3b51e-OSL

flaredownload.com/assets/hl-e8f6c714.js

172.67.186.1

200 OK

561 B

URL GET HTTP/3
flaredownload.com/assets/hl-e8f6c714.js
IP
172.67.186.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=f1d1b3bf-3747-41d2-bc77-46f997fc1325&networkid=200347&publisher=3099d1f0&isNewTr=1&stream=guide-du-routard-maroc-2023-24.pdf&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
ASCII text, with very long lines (583), with no line terminators
Size
561 B (561 bytes)
Hash
4dae65fd7c12b1047898c3bc2e480703
49d61cd294e25f3dc0aeaf08a275bd144f7ad31a
cd969cb86a11edc3cd4341030cb195ea31112697eac9127b4c828bff263c1ee3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-e8f6c714.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=f1d1b3bf-3747-41d2-bc77-46f997fc1325&networkid=200347&publisher=3099d1f0&isNewTr=1&stream=guide-du-routard-maroc-2023-24.pdf&email=&subsource=&subsource=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 06:16:56 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=562
access-control-allow-origin: *
etag: W/"663b4ae5-232"
last-modified: Wed, 08 May 2024 09:50:29 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hgdB98wf5PM%2FqlKdyFSrcNLMVqHvkmpmJZnSr5geeRn%2B1mRsr4hg%2F18TYx%2F7HVXCRFOw88osQSWffE7comM5jcHxls86uc6URuEvsr%2BfxlePA0X6VOlhbr%2Fxmtgf4jN72270eBjxMw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 8
server: cloudflare
cf-ray: 8817cda97d8eb51e-OSL

flaredownload.com/assets/hl-d98910d4.css

172.67.186.1

200 OK

78 kB

URL GET HTTP/3
flaredownload.com/assets/hl-d98910d4.css
IP
172.67.186.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=f1d1b3bf-3747-41d2-bc77-46f997fc1325&networkid=200347&publisher=3099d1f0&isNewTr=1&stream=guide-du-routard-maroc-2023-24.pdf&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
ASCII text, with very long lines (65329)
Size
78 kB (77513 bytes)
Hash
a1713c7a8fb53e78bbd5a1c76068791d
c15ca4f1e62bde996f9c72fb4a3e3f584b966741
cd7e4b31039bf939306ab3d38291f59e92069a24744e4b359b557aba0eb5b219

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-d98910d4.css HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=f1d1b3bf-3747-41d2-bc77-46f997fc1325&networkid=200347&publisher=3099d1f0&isNewTr=1&stream=guide-du-routard-maroc-2023-24.pdf&email=&subsource=&subsource=
Cookie: visitInfo::7748=ce852bd1710f404d624929fcd4a26895ffa91bdbbfb52d3a967ffdcd36c65820a%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%2208df08742e619d25f47ac10d2de5b7b8%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%223099d1f0%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22f1d1b3bf-3747-41d2-bc77-46f997fc1325%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 06:16:56 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=77791
access-control-allow-origin: *
etag: W/"663b4ae5-12fdf"
last-modified: Wed, 08 May 2024 09:50:29 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JOn7YO4Okl%2FLx03mPgNlhJCA3i3DwNecMNrDESJ3rlOBDDDspAVPSDZRFKEpAZt%2FU789HIoXmwVe5iDREuriidscD3PkX72ZANIZ3ng57kbwMpsx5f7ZULk1Bl6Q306tHpthxqmgYw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 9
server: cloudflare
cf-ray: 8817cda74ae0b51e-OSL
alt-svc: h3=":443"; ma=86400

flaredownload.com/en_us/unlock-content-now-1?&subid=f1d1b3bf-3747-41d2-bc77-46f997fc1325&networkid=200347&publisher=3099d1f0&isNewTr=1&stream=guide-du-routard-maroc-2023-24.pdf&email=&subsource=&subsource=

172.67.186.1

200 OK

417 B

URL User Request GET HTTP/2
flaredownload.com/en_us/unlock-content-now-1?&subid=f1d1b3bf-3747-41d2-bc77-46f997fc1325&networkid=200347&publisher=3099d1f0&isNewTr=1&stream=guide-du-routard-maroc-2023-24.pdf&email=&subsource=&subsource=
IP
172.67.186.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
HTML document, ASCII text, with very long lines (456), with no line terminators
Size
417 B (417 bytes)
Hash
01e6ef88274ac477c37fd233375ae2cc
d20657936e7a7fb42fa28e667b77c868c1c0713a
84dad8fa7d46f36052654558f0fdafb5f219df5851593db6b0ca63d506e8e5f2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /en_us/unlock-content-now-1?&subid=f1d1b3bf-3747-41d2-bc77-46f997fc1325&networkid=200347&publisher=3099d1f0&isNewTr=1&stream=guide-du-routard-maroc-2023-24.pdf&email=&subsource=&subsource= HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 06:16:55 GMT
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R%2BNHZ1Jojy2wOvXSYAm0W1SktbIxj06AwYvzJpEypx7ICrzAXnyWw9h5ux6LAgLYVFwg9HPwPpF%2B7srGvcBSc4WB%2BzkhG2D9WhwP008YjgWozOPAfF5mT3odihbEQcmndQMvvA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8817cda00ebc56a8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

flaredownload.com/assets/hl-ca68ddb2.js

172.67.186.1

200 OK

5.1 kB

URL GET HTTP/3
flaredownload.com/assets/hl-ca68ddb2.js
IP
172.67.186.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=f1d1b3bf-3747-41d2-bc77-46f997fc1325&networkid=200347&publisher=3099d1f0&isNewTr=1&stream=guide-du-routard-maroc-2023-24.pdf&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
ASCII text, with very long lines (5349), with no line terminators
Size
5.1 kB (5057 bytes)
Hash
20251415039fc8647b996c6077080eb9
0d67038d9449aa3bae7223f07044582331314436
5d77c91ed616d6e9acc516c87d865e5f6f6a566e215af4771110261f5b8dfef5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-ca68ddb2.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-ac0f3d90.js
Cookie: visitInfo::7748=ce852bd1710f404d624929fcd4a26895ffa91bdbbfb52d3a967ffdcd36c65820a%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%2208df08742e619d25f47ac10d2de5b7b8%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%223099d1f0%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22f1d1b3bf-3747-41d2-bc77-46f997fc1325%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 06:16:56 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=5058
access-control-allow-origin: *
etag: W/"663b4ae5-13c2"
last-modified: Wed, 08 May 2024 09:50:29 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UetglSBUEeVzV1EQ6IUVcDHz%2BQoU2DrIyfM1E2zdI0sAGCVEiTjDMnj%2BI5uk2cBLo4DBMu3hS7inrwqnEOhQfGHRR8L35Dt7z4w%2Bb%2FJYiCMA4F0Cvf4K85UtN4V0brWKhb8N192wKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 9
server: cloudflare
cf-ray: 8817cda639bdb51e-OSL

flaredownload.com/assets/hl-ca68ddb2.js

172.67.186.1

200 OK

5.1 kB

URL GET HTTP/3
flaredownload.com/assets/hl-ca68ddb2.js
IP
172.67.186.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=f1d1b3bf-3747-41d2-bc77-46f997fc1325&networkid=200347&publisher=3099d1f0&isNewTr=1&stream=guide-du-routard-maroc-2023-24.pdf&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
ASCII text, with very long lines (5349), with no line terminators
Size
5.1 kB (5057 bytes)
Hash
20251415039fc8647b996c6077080eb9
0d67038d9449aa3bae7223f07044582331314436
5d77c91ed616d6e9acc516c87d865e5f6f6a566e215af4771110261f5b8dfef5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-ca68ddb2.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=f1d1b3bf-3747-41d2-bc77-46f997fc1325&networkid=200347&publisher=3099d1f0&isNewTr=1&stream=guide-du-routard-maroc-2023-24.pdf&email=&subsource=&subsource=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 06:16:56 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=5058
access-control-allow-origin: *
etag: W/"663b4ae5-13c2"
last-modified: Wed, 08 May 2024 09:50:29 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UetglSBUEeVzV1EQ6IUVcDHz%2BQoU2DrIyfM1E2zdI0sAGCVEiTjDMnj%2BI5uk2cBLo4DBMu3hS7inrwqnEOhQfGHRR8L35Dt7z4w%2Bb%2FJYiCMA4F0Cvf4K85UtN4V0brWKhb8N192wKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 9
server: cloudflare
cf-ray: 8817cda619a1b51e-OSL

flaredownload.com/prod/images/f4a32eb2e5f203dab4882f7b7581b06e.png

172.67.186.1

200 OK

9.2 kB

URL GET HTTP/3
flaredownload.com/prod/images/f4a32eb2e5f203dab4882f7b7581b06e.png
IP
172.67.186.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=f1d1b3bf-3747-41d2-bc77-46f997fc1325&networkid=200347&publisher=3099d1f0&isNewTr=1&stream=guide-du-routard-maroc-2023-24.pdf&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced
Size
9.2 kB (9232 bytes)
Hash
f4a32eb2e5f203dab4882f7b7581b06e
8d51933205a3ed27c2c6bd0182142d6f8432d929
83ec91fc25549922aa0f873a3dc6a3e71f83d8b8cd75fb018475762be29a894e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /prod/images/f4a32eb2e5f203dab4882f7b7581b06e.png HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=f1d1b3bf-3747-41d2-bc77-46f997fc1325&networkid=200347&publisher=3099d1f0&isNewTr=1&stream=guide-du-routard-maroc-2023-24.pdf&email=&subsource=&subsource=
Cookie: visitInfo::7748=ce852bd1710f404d624929fcd4a26895ffa91bdbbfb52d3a967ffdcd36c65820a%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%2208df08742e619d25f47ac10d2de5b7b8%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%223099d1f0%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22f1d1b3bf-3747-41d2-bc77-46f997fc1325%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 06:16:56 GMT
content-type: image/png
content-length: 9232
last-modified: Tue, 03 Aug 2021 15:21:51 GMT
etag: "61095f0f-2410"
access-control-allow-origin: *
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Nkj8Yhzkz80mEqdX7JqkqkHtkIYRw%2F0JtoU106KLZttVyxnHwzIImp07LjV2WrQBzo%2FRQ1ei22AFHo5%2FvuM3gb4FCglWYPUFIjyayFOxkSeBeKyFm8Fj3nK%2B7mMwKDWlmbX03MtuUA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 8
accept-ranges: bytes
server: cloudflare
cf-ray: 8817cdaa5eabb51e-OSL
alt-svc: h3=":443"; ma=86400

fonts.googleapis.com/css?family=Roboto:300,400,500,700

142.250.74.106

200 OK

8.7 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Roboto:300,400,500,700
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=f1d1b3bf-3747-41d2-bc77-46f997fc1325&networkid=200347&publisher=3099d1f0&isNewTr=1&stream=guide-du-routard-maroc-2023-24.pdf&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
ASCII text, with very long lines (8956), with no line terminators
Size
8.7 kB (8732 bytes)
Hash
91804c0df51e58b0bf469561e1ac2732
cc5a9023e310b49ef8f8ae32bb89ea774fe116ec
8a8aed46bfb9cdec8e34e76343b7e66796cf09926aef42efdfe5fa8a1fdda8aa

HTTP Headers

GET /css?family=Roboto:300,400,500,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 10 May 2024 06:16:56 GMT
date: Fri, 10 May 2024 06:16:56 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

flaredownload.com/assets/hl-cb9a6390.js

172.67.186.1

200 OK

1.9 kB

URL GET HTTP/3
flaredownload.com/assets/hl-cb9a6390.js
IP
172.67.186.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=f1d1b3bf-3747-41d2-bc77-46f997fc1325&networkid=200347&publisher=3099d1f0&isNewTr=1&stream=guide-du-routard-maroc-2023-24.pdf&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
ASCII text, with very long lines (2072), with no line terminators
Size
1.9 kB (1902 bytes)
Hash
51f31e92f763720c04fecc76755abab3
ce11de3fa7d291c4172988471a678aa6c568f3ee
4f539f4f190f247ed6c26bced0c1a6948503215e25ff3fd372be838f25dbbb3d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-cb9a6390.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=f1d1b3bf-3747-41d2-bc77-46f997fc1325&networkid=200347&publisher=3099d1f0&isNewTr=1&stream=guide-du-routard-maroc-2023-24.pdf&email=&subsource=&subsource=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 06:16:56 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=1903
access-control-allow-origin: *
etag: W/"663b4ae5-76f"
last-modified: Wed, 08 May 2024 09:50:29 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EJ3dqraRLc8En3SYyEHDC%2BYibTrKUDMAthkUM7%2Bba2ddMYOipNiRtJCQNIcuPcQjs2l7PXpcHIxUxWPoMuLHbKsIfRc8pHJal8N7q7qQNcmB9FUz7Dj9pmDAEjHx%2BcnT%2Fyv0IvdEsA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 8
server: cloudflare
cf-ray: 8817cda97d8cb51e-OSL
alt-svc: h3=":443"; ma=86400

flaredownload.com/assets/hl-3bcd5885.js

172.67.186.1

200 OK

616 B

URL GET HTTP/3
flaredownload.com/assets/hl-3bcd5885.js
IP
172.67.186.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=f1d1b3bf-3747-41d2-bc77-46f997fc1325&networkid=200347&publisher=3099d1f0&isNewTr=1&stream=guide-du-routard-maroc-2023-24.pdf&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
ASCII text, with very long lines (636), with no line terminators
Size
616 B (616 bytes)
Hash
7c4ce1f0e8d27a6af8edf023e306ada7
744bf9756d970639fb0ecd0326ecaa423a698494
ae107ad4a9e2538139721bc12136d986b6cbcca032bfb115ce0877718128723f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-3bcd5885.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=f1d1b3bf-3747-41d2-bc77-46f997fc1325&networkid=200347&publisher=3099d1f0&isNewTr=1&stream=guide-du-routard-maroc-2023-24.pdf&email=&subsource=&subsource=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 06:16:56 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=617
access-control-allow-origin: *
etag: W/"663b4ae5-269"
last-modified: Wed, 08 May 2024 09:50:29 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fhvm3yzj%2BZnVUxu1uS4YwHxDo%2BxJ00Bd%2BlGomNKpP6iLlEClbPOwyykdB5p1psiLplXb2fScpjeSMHV4SgBhJG3ZEPZbGaMQjxeQ3Qt9JUJpaM6SBoUu6Oiyjq11OylNfcYcJ09pUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 8
server: cloudflare
cf-ray: 8817cdab4fa7b51e-OSL

flaredownload.com/assets/hl-ac0f3d90.js

172.67.186.1

200 OK

268 kB

URL GET HTTP/3
flaredownload.com/assets/hl-ac0f3d90.js
IP
172.67.186.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=f1d1b3bf-3747-41d2-bc77-46f997fc1325&networkid=200347&publisher=3099d1f0&isNewTr=1&stream=guide-du-routard-maroc-2023-24.pdf&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
268 kB (267685 bytes)
Hash
144400b2159179d446f86490a79c7be9
a756e385940bb142be7c6d54ac37565dd245d82a
46a6e9359ddb1f887d8c865e0caf2037c83aec329aeca13d504aeb81e17d49e6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-ac0f3d90.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=f1d1b3bf-3747-41d2-bc77-46f997fc1325&networkid=200347&publisher=3099d1f0&isNewTr=1&stream=guide-du-routard-maroc-2023-24.pdf&email=&subsource=&subsource=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 06:16:55 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=267708
access-control-allow-origin: *
etag: W/"663b4ae5-415bc"
last-modified: Wed, 08 May 2024 09:50:29 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PmwzkkutEe%2FH6MAi%2B%2F2Yl2Y7OaGeAJtjVWHsTtR6KeNt2rpSb346mn738MX8cV2jgJkJ81UfWzwtBPxP7HzVdYk2nC3V7wTyYq3iEWMfNWqlgkEMBVJglrJQe12C4rlWfsFKswtOTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 8
server: cloudflare
cf-ray: 8817cda3ce80b51e-OSL

flaredownload.com/assets/hl-8521ea14.js

172.67.186.1

200 OK

3.2 kB

URL GET HTTP/3
flaredownload.com/assets/hl-8521ea14.js
IP
172.67.186.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=f1d1b3bf-3747-41d2-bc77-46f997fc1325&networkid=200347&publisher=3099d1f0&isNewTr=1&stream=guide-du-routard-maroc-2023-24.pdf&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
JavaScript source, ASCII text, with very long lines (3246), with no line terminators
Size
3.2 kB (3166 bytes)
Hash
96a3967b148d80524d5d53991dfc35e0
8d4475b0517d2e554a51546b705ec7b2f11d53eb
7fdeb56df8bd63925559d0eba00a69509e1326335da3a27e8554d02505e8c4ca

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-8521ea14.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-ac0f3d90.js
Cookie: visitInfo::7748=ce852bd1710f404d624929fcd4a26895ffa91bdbbfb52d3a967ffdcd36c65820a%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%2208df08742e619d25f47ac10d2de5b7b8%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%223099d1f0%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22f1d1b3bf-3747-41d2-bc77-46f997fc1325%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 06:16:56 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=3167
access-control-allow-origin: *
etag: W/"663b4ae5-c5f"
last-modified: Wed, 08 May 2024 09:50:29 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rDRRWtA6H8wNp9PbCI9p8fuxLy1H27BPMQ0nlcz8enYA5Sz1MSMR9aAOJh%2BBeCA1H%2Bo87OMG5e7MDBjBgW3ouziuh77ooI5MruNm9td5GS26yZL0vwdOIlmDyjxjVZFiIBWusXrgwg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 9
server: cloudflare
cf-ray: 8817cda60988b51e-OSL
alt-svc: h3=":443"; ma=86400

flaredownload.com/assets/hl-be61e397.js

172.67.186.1

200 OK

780 B

URL GET HTTP/3
flaredownload.com/assets/hl-be61e397.js
IP
172.67.186.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=f1d1b3bf-3747-41d2-bc77-46f997fc1325&networkid=200347&publisher=3099d1f0&isNewTr=1&stream=guide-du-routard-maroc-2023-24.pdf&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
ASCII text, with very long lines (823), with no line terminators
Size
780 B (780 bytes)
Hash
dd8f79e0732ee114694864ea0076d284
ac82ff6564a78d607ded72228101bd151ce10820
7cfa3320b8ba9e633a317cb89a1938e15c5fb55a4439c1f6566b9cf631858055

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-be61e397.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=f1d1b3bf-3747-41d2-bc77-46f997fc1325&networkid=200347&publisher=3099d1f0&isNewTr=1&stream=guide-du-routard-maroc-2023-24.pdf&email=&subsource=&subsource=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 06:16:56 GMT
content-type: application/javascript
last-modified: Wed, 08 May 2024 09:50:29 GMT
etag: W/"663b4ae5-30c"
access-control-allow-origin: *
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8s8B5jEOBuUyEI0qdhNhRu11DdAZw7HiQYx7VWf53qCUiRMhSQY%2FS2lXRulXpjpfrOReBnDs84WrcoZeP5%2B1RArNtkzjsCXwr5AZpyT96dS0S%2BpUS2SzYhT6LMbVgdmuO9V6zOBEIg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 8
server: cloudflare
cf-ray: 8817cdab4fa5b51e-OSL

www.googletagmanager.com/gtag/js?id=UA-195162716-6

142.250.74.168

200 OK

208 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=UA-195162716-6
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=f1d1b3bf-3747-41d2-bc77-46f997fc1325&networkid=200347&publisher=3099d1f0&isNewTr=1&stream=guide-du-routard-maroc-2023-24.pdf&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type
JavaScript source, ASCII text, with very long lines (4179)
Size
208 kB (208132 bytes)
Hash
445655bc19b4ef472e98fb9be5ff0ac5
ac8ce05e66d96f896da9c3944e0719a7e076000f
d2c8da528bee32c81104260b0d04bcfbdc427cb8b6b9b5f0787dd282e0b071f7

HTTP Headers

GET /gtag/js?id=UA-195162716-6 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 10 May 2024 06:16:56 GMT
expires: Fri, 10 May 2024 06:16:56 GMT
cache-control: private, max-age=900
last-modified: Fri, 10 May 2024 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 74876
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

flaredownload.com/assets/hl-edb2da2a.js

172.67.186.1

200 OK

1.4 kB

URL GET HTTP/3
flaredownload.com/assets/hl-edb2da2a.js
IP
172.67.186.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=f1d1b3bf-3747-41d2-bc77-46f997fc1325&networkid=200347&publisher=3099d1f0&isNewTr=1&stream=guide-du-routard-maroc-2023-24.pdf&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
JavaScript source, ASCII text, with very long lines (1438), with no line terminators
Size
1.4 kB (1410 bytes)
Hash
862c9cf6fcd7b7f9a63460432c1c4cd4
fd37338a883a89512e82afbc9c5e226b871d4fed
cd09ea827717eb9bf6f24164c61f1c8c8fbf4c41d80b4c9bdf48cefede2e3290

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-edb2da2a.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-ca68ddb2.js
Cookie: visitInfo::7748=ce852bd1710f404d624929fcd4a26895ffa91bdbbfb52d3a967ffdcd36c65820a%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%2208df08742e619d25f47ac10d2de5b7b8%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%223099d1f0%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22f1d1b3bf-3747-41d2-bc77-46f997fc1325%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 06:16:56 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=1413
access-control-allow-origin: *
etag: W/"663b4ae5-585"
last-modified: Wed, 08 May 2024 09:50:29 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QiBLwKiZCCy4c4L%2FG6ntICB2q8ooeoJ8zAUkCWhRcKZ4PpwY9CqKnaIqlmoeVZYuOUkoRogyWu6SwsrlsTfPYfa425gr7FV8dvFr88H1%2F2c6sTg%2BBXU%2BFZkVisJ4GDlLZsrm3cGbrA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 9
server: cloudflare
cf-ray: 8817cda6ba37b51e-OSL
alt-svc: h3=":443"; ma=86400

flaredownload.com/assets/hl-35a77ba0.js

172.67.186.1

200 OK

72 kB

URL GET HTTP/3
flaredownload.com/assets/hl-35a77ba0.js
IP
172.67.186.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=f1d1b3bf-3747-41d2-bc77-46f997fc1325&networkid=200347&publisher=3099d1f0&isNewTr=1&stream=guide-du-routard-maroc-2023-24.pdf&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type

Size
72 kB (71682 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-35a77ba0.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-6ba4f92f.js
Cookie: visitInfo::7748=ce852bd1710f404d624929fcd4a26895ffa91bdbbfb52d3a967ffdcd36c65820a%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%2208df08742e619d25f47ac10d2de5b7b8%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%223099d1f0%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22f1d1b3bf-3747-41d2-bc77-46f997fc1325%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 06:16:56 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=72018
access-control-allow-origin: *
etag: W/"663b4ae5-11952"
last-modified: Wed, 08 May 2024 09:50:29 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5mlsjzSn30JdBHiEPrbWyC8tYkeUnjWL%2BTfP%2B4MUqe5jN%2FX27otGXz9FSG7Ne2NFLYggFa2yGS3O4I59ktW9%2Bw1OK49YGia9ykjUKqehl%2BYaK7R9ssH2w7F%2FfCSioNd0YFr%2BkqbqTw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 9
server: cloudflare
cf-ray: 8817cda6ba38b51e-OSL
alt-svc: h3=":443"; ma=86400

flaredownload.com/assets/hl-ac0f3d90.js

172.67.186.1

200 OK

268 kB

URL GET HTTP/3
flaredownload.com/assets/hl-ac0f3d90.js
IP
172.67.186.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=f1d1b3bf-3747-41d2-bc77-46f997fc1325&networkid=200347&publisher=3099d1f0&isNewTr=1&stream=guide-du-routard-maroc-2023-24.pdf&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
268 kB (267685 bytes)
Hash
144400b2159179d446f86490a79c7be9
a756e385940bb142be7c6d54ac37565dd245d82a
46a6e9359ddb1f887d8c865e0caf2037c83aec329aeca13d504aeb81e17d49e6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-ac0f3d90.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=f1d1b3bf-3747-41d2-bc77-46f997fc1325&networkid=200347&publisher=3099d1f0&isNewTr=1&stream=guide-du-routard-maroc-2023-24.pdf&email=&subsource=&subsource=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 06:16:56 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=267708
access-control-allow-origin: *
etag: W/"663b4ae5-415bc"
last-modified: Wed, 08 May 2024 09:50:29 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PmwzkkutEe%2FH6MAi%2B%2F2Yl2Y7OaGeAJtjVWHsTtR6KeNt2rpSb346mn738MX8cV2jgJkJ81UfWzwtBPxP7HzVdYk2nC3V7wTyYq3iEWMfNWqlgkEMBVJglrJQe12C4rlWfsFKswtOTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 9
server: cloudflare
cf-ray: 8817cda74ae7b51e-OSL

flaredownload.com/assets/hl-78f24724.css

172.67.186.1

200 OK

26 kB

URL GET HTTP/3
flaredownload.com/assets/hl-78f24724.css
IP
172.67.186.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=f1d1b3bf-3747-41d2-bc77-46f997fc1325&networkid=200347&publisher=3099d1f0&isNewTr=1&stream=guide-du-routard-maroc-2023-24.pdf&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
ASCII text, with very long lines (26409), with no line terminators
Size
26 kB (26409 bytes)
Hash
f89cae638a8015aae1089a2222424d0c
2af82acafcc3e922b30bed5dd5516def3003b013
5043dc083072fc72e3ac45b97c961ee95ad1b6ad9d31f5d461dad48e63454371

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-78f24724.css HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=f1d1b3bf-3747-41d2-bc77-46f997fc1325&networkid=200347&publisher=3099d1f0&isNewTr=1&stream=guide-du-routard-maroc-2023-24.pdf&email=&subsource=&subsource=
Cookie: visitInfo::7748=ce852bd1710f404d624929fcd4a26895ffa91bdbbfb52d3a967ffdcd36c65820a%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%2208df08742e619d25f47ac10d2de5b7b8%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%223099d1f0%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22f1d1b3bf-3747-41d2-bc77-46f997fc1325%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 06:16:56 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=26547
access-control-allow-origin: *
etag: W/"663b4ae5-67b3"
last-modified: Wed, 08 May 2024 09:50:29 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8V8r00I6BRR54qIioLG2CPrs5lHUq7KAYzN93zYmK%2FRZezSYJ5qRAMpp52NuAHqOJc1gTRk%2BpezJAo8ZJ26AIjGrGDWet0IWHdA9v%2BmlbUqSPkow4lkEbu54iMAbgxiR27e64ROQWg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 8
server: cloudflare
cf-ray: 8817cda96d72b51e-OSL
alt-svc: h3=":443"; ma=86400

flaredownload.com/assets/hl-be61e397.js

172.67.186.1

200 OK

780 B

URL GET HTTP/3
flaredownload.com/assets/hl-be61e397.js
IP
172.67.186.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=f1d1b3bf-3747-41d2-bc77-46f997fc1325&networkid=200347&publisher=3099d1f0&isNewTr=1&stream=guide-du-routard-maroc-2023-24.pdf&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
ASCII text, with very long lines (823), with no line terminators
Size
780 B (780 bytes)
Hash
dd8f79e0732ee114694864ea0076d284
ac82ff6564a78d607ded72228101bd151ce10820
7cfa3320b8ba9e633a317cb89a1938e15c5fb55a4439c1f6566b9cf631858055

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-be61e397.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-e2569f25.js
Cookie: visitInfo::7748=ce852bd1710f404d624929fcd4a26895ffa91bdbbfb52d3a967ffdcd36c65820a%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%2208df08742e619d25f47ac10d2de5b7b8%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%223099d1f0%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22f1d1b3bf-3747-41d2-bc77-46f997fc1325%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D; _ga_CK9NSGSVJF=GS1.1.1715321816.1.0.1715321816.0.0.0; _ga=GA1.1.1078446802.1715321817
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 06:16:56 GMT
content-type: application/javascript
last-modified: Wed, 08 May 2024 09:50:29 GMT
etag: W/"663b4ae5-30c"
access-control-allow-origin: *
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8s8B5jEOBuUyEI0qdhNhRu11DdAZw7HiQYx7VWf53qCUiRMhSQY%2FS2lXRulXpjpfrOReBnDs84WrcoZeP5%2B1RArNtkzjsCXwr5AZpyT96dS0S%2BpUS2SzYhT6LMbVgdmuO9V6zOBEIg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 8
server: cloudflare
cf-ray: 8817cdab6fdcb51e-OSL

flaredownload.com/assets/hl-3bcd5885.js

172.67.186.1

200 OK

616 B

URL GET HTTP/3
flaredownload.com/assets/hl-3bcd5885.js
IP
172.67.186.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=f1d1b3bf-3747-41d2-bc77-46f997fc1325&networkid=200347&publisher=3099d1f0&isNewTr=1&stream=guide-du-routard-maroc-2023-24.pdf&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
ASCII text, with very long lines (636), with no line terminators
Size
616 B (616 bytes)
Hash
7c4ce1f0e8d27a6af8edf023e306ada7
744bf9756d970639fb0ecd0326ecaa423a698494
ae107ad4a9e2538139721bc12136d986b6cbcca032bfb115ce0877718128723f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-3bcd5885.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-e2569f25.js
Cookie: visitInfo::7748=ce852bd1710f404d624929fcd4a26895ffa91bdbbfb52d3a967ffdcd36c65820a%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%2208df08742e619d25f47ac10d2de5b7b8%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%223099d1f0%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22f1d1b3bf-3747-41d2-bc77-46f997fc1325%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D; _ga_CK9NSGSVJF=GS1.1.1715321816.1.0.1715321816.0.0.0; _ga=GA1.1.1078446802.1715321817
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 06:16:56 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=617
access-control-allow-origin: *
etag: W/"663b4ae5-269"
last-modified: Wed, 08 May 2024 09:50:29 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fhvm3yzj%2BZnVUxu1uS4YwHxDo%2BxJ00Bd%2BlGomNKpP6iLlEClbPOwyykdB5p1psiLplXb2fScpjeSMHV4SgBhJG3ZEPZbGaMQjxeQ3Qt9JUJpaM6SBoUu6Oiyjq11OylNfcYcJ09pUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 8
server: cloudflare
cf-ray: 8817cdab6fe8b51e-OSL

flaredownload.com/assets/hl-edb2da2a.js

172.67.186.1

200 OK

1.4 kB

URL GET HTTP/3
flaredownload.com/assets/hl-edb2da2a.js
IP
172.67.186.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=f1d1b3bf-3747-41d2-bc77-46f997fc1325&networkid=200347&publisher=3099d1f0&isNewTr=1&stream=guide-du-routard-maroc-2023-24.pdf&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
JavaScript source, ASCII text, with very long lines (1438), with no line terminators
Size
1.4 kB (1410 bytes)
Hash
862c9cf6fcd7b7f9a63460432c1c4cd4
fd37338a883a89512e82afbc9c5e226b871d4fed
cd09ea827717eb9bf6f24164c61f1c8c8fbf4c41d80b4c9bdf48cefede2e3290

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-edb2da2a.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=f1d1b3bf-3747-41d2-bc77-46f997fc1325&networkid=200347&publisher=3099d1f0&isNewTr=1&stream=guide-du-routard-maroc-2023-24.pdf&email=&subsource=&subsource=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 06:16:56 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=1413
access-control-allow-origin: *
etag: W/"663b4ae5-585"
last-modified: Wed, 08 May 2024 09:50:29 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QiBLwKiZCCy4c4L%2FG6ntICB2q8ooeoJ8zAUkCWhRcKZ4PpwY9CqKnaIqlmoeVZYuOUkoRogyWu6SwsrlsTfPYfa425gr7FV8dvFr88H1%2F2c6sTg%2BBXU%2BFZkVisJ4GDlLZsrm3cGbrA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 9
server: cloudflare
cf-ray: 8817cda629acb51e-OSL
alt-svc: h3=":443"; ma=86400

flaredownload.com/assets/hl-e8f6c714.js

172.67.186.1

200 OK

561 B

URL GET HTTP/3
flaredownload.com/assets/hl-e8f6c714.js
IP
172.67.186.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=f1d1b3bf-3747-41d2-bc77-46f997fc1325&networkid=200347&publisher=3099d1f0&isNewTr=1&stream=guide-du-routard-maroc-2023-24.pdf&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
ASCII text, with very long lines (583), with no line terminators
Size
561 B (561 bytes)
Hash
4dae65fd7c12b1047898c3bc2e480703
49d61cd294e25f3dc0aeaf08a275bd144f7ad31a
cd969cb86a11edc3cd4341030cb195ea31112697eac9127b4c828bff263c1ee3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-e8f6c714.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-20774a98.js
Cookie: visitInfo::7748=ce852bd1710f404d624929fcd4a26895ffa91bdbbfb52d3a967ffdcd36c65820a%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%2208df08742e619d25f47ac10d2de5b7b8%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%223099d1f0%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22f1d1b3bf-3747-41d2-bc77-46f997fc1325%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 06:16:56 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=562
access-control-allow-origin: *
etag: W/"663b4ae5-232"
last-modified: Wed, 08 May 2024 09:50:29 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hgdB98wf5PM%2FqlKdyFSrcNLMVqHvkmpmJZnSr5geeRn%2B1mRsr4hg%2F18TYx%2F7HVXCRFOw88osQSWffE7comM5jcHxls86uc6URuEvsr%2BfxlePA0X6VOlhbr%2Fxmtgf4jN72270eBjxMw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 8
server: cloudflare
cf-ray: 8817cdaa0e5ab51e-OSL

flaredownload.com/assets/hl-cb9a6390.js

172.67.186.1

200 OK

1.9 kB

URL GET HTTP/3
flaredownload.com/assets/hl-cb9a6390.js
IP
172.67.186.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=f1d1b3bf-3747-41d2-bc77-46f997fc1325&networkid=200347&publisher=3099d1f0&isNewTr=1&stream=guide-du-routard-maroc-2023-24.pdf&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
ASCII text, with very long lines (2072), with no line terminators
Size
1.9 kB (1902 bytes)
Hash
51f31e92f763720c04fecc76755abab3
ce11de3fa7d291c4172988471a678aa6c568f3ee
4f539f4f190f247ed6c26bced0c1a6948503215e25ff3fd372be838f25dbbb3d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-cb9a6390.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-20774a98.js
Cookie: visitInfo::7748=ce852bd1710f404d624929fcd4a26895ffa91bdbbfb52d3a967ffdcd36c65820a%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%2208df08742e619d25f47ac10d2de5b7b8%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%223099d1f0%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22f1d1b3bf-3747-41d2-bc77-46f997fc1325%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 06:16:56 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=1903
access-control-allow-origin: *
etag: W/"663b4ae5-76f"
last-modified: Wed, 08 May 2024 09:50:29 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EJ3dqraRLc8En3SYyEHDC%2BYibTrKUDMAthkUM7%2Bba2ddMYOipNiRtJCQNIcuPcQjs2l7PXpcHIxUxWPoMuLHbKsIfRc8pHJal8N7q7qQNcmB9FUz7Dj9pmDAEjHx%2BcnT%2Fyv0IvdEsA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 8
server: cloudflare
cf-ray: 8817cdaa0e58b51e-OSL
alt-svc: h3=":443"; ma=86400

flaredownload.com/assets/hl-35a77ba0.js

172.67.186.1

200 OK

72 kB

URL GET HTTP/3
flaredownload.com/assets/hl-35a77ba0.js
IP
172.67.186.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=f1d1b3bf-3747-41d2-bc77-46f997fc1325&networkid=200347&publisher=3099d1f0&isNewTr=1&stream=guide-du-routard-maroc-2023-24.pdf&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type

Size
72 kB (71682 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-35a77ba0.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=f1d1b3bf-3747-41d2-bc77-46f997fc1325&networkid=200347&publisher=3099d1f0&isNewTr=1&stream=guide-du-routard-maroc-2023-24.pdf&email=&subsource=&subsource=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 06:16:56 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=72018
access-control-allow-origin: *
etag: W/"663b4ae5-11952"
last-modified: Wed, 08 May 2024 09:50:29 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5mlsjzSn30JdBHiEPrbWyC8tYkeUnjWL%2BTfP%2B4MUqe5jN%2FX27otGXz9FSG7Ne2NFLYggFa2yGS3O4I59ktW9%2Bw1OK49YGia9ykjUKqehl%2BYaK7R9ssH2w7F%2FfCSioNd0YFr%2BkqbqTw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 9
server: cloudflare
cf-ray: 8817cda629b3b51e-OSL
alt-svc: h3=":443"; ma=86400

secureanalytic.com/scripts/push/script/02eyoyxdkz?url=flaredownload.com

188.114.97.1

200 OK

8.1 kB

URL GET HTTP/2
secureanalytic.com/scripts/push/script/02eyoyxdkz?url=flaredownload.com
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=f1d1b3bf-3747-41d2-bc77-46f997fc1325&networkid=200347&publisher=3099d1f0&isNewTr=1&stream=guide-du-routard-maroc-2023-24.pdf&email=&subsource=&subsource=
Certificate
IssuerLet's Encrypt
Subjectsecureanalytic.com
FingerprintE8:56:22:9E:5D:B8:81:BD:9C:20:0E:24:64:BE:C4:CA:4E:D6:C9:63
ValidityFri, 29 Mar 2024 10:27:40 GMT - Thu, 27 Jun 2024 10:27:39 GMT

File type
JavaScript source, ASCII text, with very long lines (8385), with no line terminators
Size
8.1 kB (8143 bytes)
Hash
b45c7286594795de3b392f6f8942604d
51239b08544394e811b8fdcc3bdc1df3832256e5
d1cfecd1075f9a9eea50304717a1fbd7cf2601c2d2bc80c698d4136846fdbef7

HTTP Headers

GET /scripts/push/script/02eyoyxdkz?url=flaredownload.com HTTP/1.1
Host: secureanalytic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 06:16:56 GMT
content-type: application/javascript;charset=UTF-8
content-length: 2521
content-encoding: gzip
expires: 0
cache-control: max-age=14400, must-revalidate
x-xss-protection: 1; mode=block
pragma: no-cache
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-content-type-options: nosniff
permissions-policy: camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-cache-status: HIT
age: 8
last-modified: Fri, 10 May 2024 06:16:48 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NSrAAXveFdYLxqX%2FxUouBspvhqyEl0BS55y2vky0LYL%2FecOgP2IpT6ixDLTGxddMixteCYkrC8suYGaQAsC6ZhySnn1jbboWP5CDBWkPWZmY6PXdUj83Ub4m6dOidzISXBde7xA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8817cda6dc6eb52d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (26)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML