| x.s788n.com/click?pid=6&offer_id=686&ref_id=a25e01218d6371032626d8af4eb38Fym_4a8c9935_4fc4400d&sub1=4a8c9935&sub8= | 188.114.97.1 | 302 Found | 0 B |
URL User Request GET HTTP/2x.s788n.com/click?pid=6&offer_id=686&ref_id=a25e01218d6371032626d8af4eb38Fym_4a8c9935_4fc4400d&sub1=4a8c9935&sub8= IP188.114.97.1:443
CertificateIssuerLet's Encrypt Subjects788n.com Fingerprint7B:57:28:7D:08:B1:32:B9:AF:EE:21:E5:18:A8:A6:96:C0:D6:63:AB ValidityMon, 01 Apr 2024 03:04:14 GMT - Sun, 30 Jun 2024 03:04:13 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?pid=6&offer_id=686&ref_id=a25e01218d6371032626d8af4eb38Fym_4a8c9935_4fc4400d&sub1=4a8c9935&sub8= HTTP/1.1
Host: x.s788n.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Thu, 02 May 2024 21:52:46 GMT
content-length: 0
location: https://go.bluelinknow.com/t/clk?id=vKH9LMLsvqfyVwC2&s1=66340b2e39813200015ab9ee&s2=4a8c9935&s8=
x-adjust-use-original-forwarded-for: 1
set-cookie: afclick=66340b2e39813200015ab9ee; expires=Fri, 02 May 2025 21:52:46 GMT; secure; SameSite=None
afoffers={"686":1714686766}; expires=Fri, 02 May 2025 21:52:46 GMT; secure; SameSite=None
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nBRDIVgxp%2FF1X5ScOPWNlp2ttfM7SdscKlsvrlNaRmRpcf%2Bz0OxpPkOGvJjbZKrZoeKsx3w0IDOXHxl%2BafHU6JvwNSCQrwlOr%2BqcgUiYdwTMetdLEYO88%2B2gxxuaGg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87db3d844a2a7127-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| go.bluelinknow.com/t/clk?id=vKH9LMLsvqfyVwC2&s1=66340b2e39813200015ab9ee&s2=4a8c9935&s8= | 54.243.225.205 | 302 Found | 0 B |
URL User Request GET HTTP/2go.bluelinknow.com/t/clk?id=vKH9LMLsvqfyVwC2&s1=66340b2e39813200015ab9ee&s2=4a8c9935&s8= IP54.243.225.205:443
CertificateIssuerAmazon Subject*.redlinknow.com Fingerprint79:82:ED:1B:55:67:44:54:B9:21:32:61:9D:61:C9:1A:2F:AF:97:76 ValiditySun, 17 Dec 2023 00:00:00 GMT - Tue, 14 Jan 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /t/clk?id=vKH9LMLsvqfyVwC2&s1=66340b2e39813200015ab9ee&s2=4a8c9935&s8= HTTP/1.1
Host: go.bluelinknow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Thu, 02 May 2024 21:52:47 GMT
content-type: text/html; charset=utf-8
content-length: 0
location: https://flaredownload.com/en_us/unlock-content-now?&subid=8f9683bc-1ffa-4450-95a2-62ca40531570&networkid=200347&publisher=4a8c9935&isNewTr=1&stream=&subsource=
server: nginx/1.14.2
cache-control: no-transform
x-frame-options: SAMEORIGIN
vary: Accept-Language, Cookie, Origin
content-language: en
set-cookie: uip="[\"l6sLx8g\"\054 {\"Yv74\": \"xy3aRrl\"}]:1s2eMB:Roz_tnE5BrycxJbiPisIqdHYbug"; expires=Sat, 01 Jun 2024 21:52:47 GMT; Max-Age=2592000; Path=/
ydt_a31a0322edef4efaa328c3e667d70925="[\"8f9683bc-1ffa-4450-95a2-62ca40531570\"]:1s2eMB:PM4cOjvKy5o7B7dGGyNZ5UK_5NA"; expires=Sat, 01 Jun 2024 23:52:47 GMT; Max-Age=2599200; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2
|
|
| flaredownload.com/assets/hl-1ce00f64.js | 104.21.19.111 | 200 OK | 1.1 kB |
URL GET HTTP/3flaredownload.com/assets/hl-1ce00f64.js IP104.21.19.111:443
Requested byhttps://flaredownload.com/en_us/unlock-content-now?&subid=8f9683bc-1ffa-4450-95a2-62ca40531570&networkid=200347&publisher=4a8c9935&isNewTr=1&stream=&subsource= CertificateIssuerGoogle Trust Services LLC Subjectflaredownload.com FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50 ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT
File typeASCII text, with very long lines (305) Hash78a9504a05183785e2753cdfd3cd1f8c fd82ab2cfb812608e8f23df024f29e2e19395824 e91c3fd916da5ff8e1d06b75bf67745fc2865edddfdec054d68339eb816d4186
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/hl-1ce00f64.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-d9848c4e.js
Cookie: visitInfo::6573=c5081eb4f71b3e83a40f29fac1124e037f56902dab686688b93b637c8b4795bca%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A6573%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%227cb763c0bfc785466b79c98c35a44c5f%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%224a8c9935%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%228f9683bc-1ffa-4450-95a2-62ca40531570%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 02 May 2024 21:52:48 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=1286
access-control-allow-origin: *
etag: W/"6630d038-506"
last-modified: Tue, 30 Apr 2024 11:04:24 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZnRFkhM9pvtCaC8IVeB8Tx69a1Y8i0szs1zDKa8HTOfyTMNlKd5wb3Mp32dksJVmwsU9ygrSCoyZeKULuDRdaRAmuX4ZXB3tMxh5iUw4gK6hRsj4fWCaA5pp2PKm1Gpkd%2F6Pfa5c4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
server: cloudflare
cf-ray: 87db3d8da9e90b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| flaredownload.com/assets/hl-6f73767e.js | 104.21.19.111 | 200 OK | 887 B |
URL GET HTTP/3flaredownload.com/assets/hl-6f73767e.js IP104.21.19.111:443
Requested byhttps://flaredownload.com/en_us/unlock-content-now?&subid=8f9683bc-1ffa-4450-95a2-62ca40531570&networkid=200347&publisher=4a8c9935&isNewTr=1&stream=&subsource= CertificateIssuerGoogle Trust Services LLC Subjectflaredownload.com FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50 ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT
File typeASCII text, with very long lines (1263), with no line terminators Hash5168e2bd6ea61c61ffc85070695db0a0 015634c336e6b853b1459cc2f915cf32286d966d bc6e2004c6005453b32fa7483ca27faf09c39e08c6c64be3642bd58dd864541d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/hl-6f73767e.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/en_us/unlock-content-now?&subid=8f9683bc-1ffa-4450-95a2-62ca40531570&networkid=200347&publisher=4a8c9935&isNewTr=1&stream=&subsource=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 02 May 2024 21:52:48 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=1264
access-control-allow-origin: *
etag: W/"6630d038-4f0"
last-modified: Tue, 30 Apr 2024 11:04:24 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LeqJ6AXDVsnEEsJdXOcM0cRD5xtn%2BPQHhZukrBQpNT8EvmpCHrsJLnj0dIaQtSMGEfA1JkxpZ62bPsGr0QU5WVWdugMxcK4NmO0%2FJLhvGv57SAs%2BEE2PAk3SqOdVd661dOIEC9gDOg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
server: cloudflare
cf-ray: 87db3d8e4a850b69-OSL
content-encoding: br
|
|
| www.googletagmanager.com/gtag/js?id=UA-195162716-6 | 142.250.74.168 | 200 OK | 74 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=UA-195162716-6 IP142.250.74.168:443
Requested byhttps://flaredownload.com/en_us/unlock-content-now?&subid=8f9683bc-1ffa-4450-95a2-62ca40531570&networkid=200347&publisher=4a8c9935&isNewTr=1&stream=&subsource= CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintFC:B1:16:E0:D8:F3:2B:F3:AB:33:E5:E1:23:57:F4:48:66:FD:4D:52 ValidityMon, 08 Apr 2024 06:34:55 GMT - Mon, 01 Jul 2024 06:34:54 GMT
File typeJavaScript source, ASCII text, with very long lines (4179) Hashc764b9fe3d76bde33ccdd296217fa169 82c053ba8c8c6616178464ed1f3d53319e11c250 f6674a99d17aed405ae7a925a5990ba7a320750ad1eca79208cffe8e0d2e0f3b
GET /gtag/js?id=UA-195162716-6 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 02 May 2024 21:52:48 GMT
expires: Thu, 02 May 2024 21:52:48 GMT
cache-control: private, max-age=900
last-modified: Thu, 02 May 2024 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 74290
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| flaredownload.com/assets/hl-d9848c4e.js | 104.21.19.111 | 200 OK | 96 kB |
URL GET HTTP/3flaredownload.com/assets/hl-d9848c4e.js IP104.21.19.111:443
Requested byhttps://flaredownload.com/en_us/unlock-content-now?&subid=8f9683bc-1ffa-4450-95a2-62ca40531570&networkid=200347&publisher=4a8c9935&isNewTr=1&stream=&subsource= CertificateIssuerGoogle Trust Services LLC Subjectflaredownload.com FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50 ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hashbc391c99295126181f9f7d4f7df0a3a7 26cdaa77397971dfdcec4ea470232af8a75ccee5 887814e7c041b00843e836ce38cbd9a0815681b9e8f26dc4c35f218484b91c06
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/hl-d9848c4e.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/en_us/unlock-content-now?&subid=8f9683bc-1ffa-4450-95a2-62ca40531570&networkid=200347&publisher=4a8c9935&isNewTr=1&stream=&subsource=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 02 May 2024 21:52:47 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=265778
access-control-allow-origin: *
etag: W/"6630d038-40e32"
last-modified: Tue, 30 Apr 2024 11:04:24 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AXaYywz%2BD6PkXjYJ1hTc%2FUWzRt5aq5H0gPbX%2Bcw3NMwSzFilbPQIJTQWHQuwAd6qPZEMz2MUK0E5M%2FIHPMZdoCNp%2FobTAb19DO6AUAWvOoZY12iU5zsjDXSxUPRU2Ytkp1qKNjvz0g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: REVALIDATED
server: cloudflare
cf-ray: 87db3d8b68320b69-OSL
content-encoding: br
|
|
| www.googletagmanager.com/gtag/js?id=G-CK9NSGSVJF&l=dataLayer&cx=c | 142.250.74.168 | 200 OK | 90 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=G-CK9NSGSVJF&l=dataLayer&cx=c IP142.250.74.168:443
Requested byhttps://flaredownload.com/en_us/unlock-content-now?&subid=8f9683bc-1ffa-4450-95a2-62ca40531570&networkid=200347&publisher=4a8c9935&isNewTr=1&stream=&subsource= CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintFC:B1:16:E0:D8:F3:2B:F3:AB:33:E5:E1:23:57:F4:48:66:FD:4D:52 ValidityMon, 08 Apr 2024 06:34:55 GMT - Mon, 01 Jul 2024 06:34:54 GMT
File typeJavaScript source, ASCII text, with very long lines (5955) Hash87efbddf1d010e65c52c29e4c6458d1d 7c9c2bd77b8c803a1c007c2b5eeeb31d678549e3 cf7fab2bb9537dd3b24f3d655777da58f7f6f6ffd20991af91f4fef8b9d99b5b
GET /gtag/js?id=G-CK9NSGSVJF&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 02 May 2024 21:52:48 GMT
expires: Thu, 02 May 2024 21:52:48 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 89717
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| flaredownload.com/assets/hl-edb2da2a.js | 104.21.19.111 | 200 OK | 15 kB |
URL GET HTTP/3flaredownload.com/assets/hl-edb2da2a.js IP104.21.19.111:443
Requested byhttps://flaredownload.com/en_us/unlock-content-now?&subid=8f9683bc-1ffa-4450-95a2-62ca40531570&networkid=200347&publisher=4a8c9935&isNewTr=1&stream=&subsource= CertificateIssuerGoogle Trust Services LLC Subjectflaredownload.com FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50 ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT
File typeJavaScript source, ASCII text, with very long lines (1410), with no line terminators Hash0fb9d8a5fba7f6a569da52896f965ea3 6e57202028341c2674083acf9e428817c6725c6c 30137b4b0317a40d0c195fff2b2cd054bb39adf2fb94d357f269cb36e3c11581
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/hl-edb2da2a.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/en_us/unlock-content-now?&subid=8f9683bc-1ffa-4450-95a2-62ca40531570&networkid=200347&publisher=4a8c9935&isNewTr=1&stream=&subsource=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 02 May 2024 21:52:48 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=1413
access-control-allow-origin: *
etag: W/"6630d038-585"
last-modified: Tue, 30 Apr 2024 11:04:24 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ErS4f%2F0QsBFBq8ErNEZGDAZq3FWlK2Homif0axYbS7ybb8yLsVbg8FUaFthr8eIoz6GIFunFh7KXj4Z4xAlfjDVoJgBD4x%2B0UewXmQRR%2FlMbwRTisaWiWKlnWSfyfd9KdFuce%2FX%2FJg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
server: cloudflare
cf-ray: 87db3d8d99d00b69-OSL
content-encoding: br
|
|
| flaredownload.com/prod/images/fd770a0f13896c5ac8a09bc7a642de92.png | 104.21.19.111 | 200 OK | 3.2 kB |
URL GET HTTP/3flaredownload.com/prod/images/fd770a0f13896c5ac8a09bc7a642de92.png IP104.21.19.111:443
Requested byhttps://flaredownload.com/en_us/unlock-content-now?&subid=8f9683bc-1ffa-4450-95a2-62ca40531570&networkid=200347&publisher=4a8c9935&isNewTr=1&stream=&subsource= CertificateIssuerGoogle Trust Services LLC Subjectflaredownload.com FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50 ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT
File typePNG image data, 100 x 100, 8-bit colormap, non-interlaced Hash18e8c55ad549933e62ee40b8c7adbdd0 f7bc824a4c70a4babc07b21fcbd413885128e92e 69bec757694a537e73efba217eaca74df87935a063fe5c6a25f22c7e196f6520
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /prod/images/fd770a0f13896c5ac8a09bc7a642de92.png HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/en_us/unlock-content-now?&subid=8f9683bc-1ffa-4450-95a2-62ca40531570&networkid=200347&publisher=4a8c9935&isNewTr=1&stream=&subsource=
Cookie: visitInfo::6573=c5081eb4f71b3e83a40f29fac1124e037f56902dab686688b93b637c8b4795bca%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A6573%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%227cb763c0bfc785466b79c98c35a44c5f%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%224a8c9935%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%228f9683bc-1ffa-4450-95a2-62ca40531570%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D; _ga_CK9NSGSVJF=GS1.1.1714686768.1.0.1714686768.0.0.0; _ga=GA1.1.418617194.1714686769
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 02 May 2024 21:52:48 GMT
content-type: image/png
content-length: 3235
last-modified: Tue, 30 Apr 2024 11:23:17 GMT
etag: "6630d4a5-ca3"
access-control-allow-origin: *
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=44ZWUvY%2F5jVZWr1boPX1XgecxnfKsqMfeKkdFfArg0vWYsWC6PvbPOCutdBvwAGkBB5FjkIJwPxQEUXyeplkhwxvjlc7vTiTgfuJq90d%2FQAmTLDBSnK8UZNayMleAQze3kZB3DQ%2BAA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 0
accept-ranges: bytes
server: cloudflare
cf-ray: 87db3d921dfd0b69-OSL
alt-svc: h3=":443"; ma=86400
|
|
| flaredownload.com/prod/images/da11c15fabd9787f963615c6708cf278.png | 104.21.19.111 | 200 OK | 971 B |
URL GET HTTP/3flaredownload.com/prod/images/da11c15fabd9787f963615c6708cf278.png IP104.21.19.111:443
Requested byhttps://flaredownload.com/en_us/unlock-content-now?&subid=8f9683bc-1ffa-4450-95a2-62ca40531570&networkid=200347&publisher=4a8c9935&isNewTr=1&stream=&subsource= CertificateIssuerGoogle Trust Services LLC Subjectflaredownload.com FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50 ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT
File typePNG image data, 111 x 75, 8-bit colormap, non-interlaced Hash2f40fa92fce11c340f70807da03ac0b2 89ef777357b185dee8937a3da0983f39f156fb10 44990fb54269fdec9302792e2c01543679151dbfb279e63089e28656884b3794
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /prod/images/da11c15fabd9787f963615c6708cf278.png HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/en_us/unlock-content-now?&subid=8f9683bc-1ffa-4450-95a2-62ca40531570&networkid=200347&publisher=4a8c9935&isNewTr=1&stream=&subsource=
Cookie: visitInfo::6573=c5081eb4f71b3e83a40f29fac1124e037f56902dab686688b93b637c8b4795bca%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A6573%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%227cb763c0bfc785466b79c98c35a44c5f%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%224a8c9935%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%228f9683bc-1ffa-4450-95a2-62ca40531570%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D; _ga_CK9NSGSVJF=GS1.1.1714686768.1.0.1714686768.0.0.0; _ga=GA1.1.418617194.1714686769
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 02 May 2024 21:52:48 GMT
content-type: image/png
content-length: 971
last-modified: Tue, 30 Apr 2024 11:23:17 GMT
etag: "6630d4a5-3cb"
access-control-allow-origin: *
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=925gqIhi%2B4z9%2BtxpYU2zhqWro6EsP6%2FVDprw9IRfvUaTZiAnH%2Bxpl7f4wuB%2Fz536TTJTkxuiw3AFZCLNlR9Te6lFjNbzyKnhf6ZSsoAXQMOLbARYvo1SREzasMo4tbaxRskN7%2Bym2g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 0
accept-ranges: bytes
server: cloudflare
cf-ray: 87db3d922dff0b69-OSL
alt-svc: h3=":443"; ma=86400
|
|
| flaredownload.com/visit/get-data?landingId=6573&subid=8f9683bc-1ffa-4450-95a2-62ca40531570&networkid=200347&publisher=4a8c9935&isNewTr=1&stream=&subsource= | 104.21.19.111 | 200 OK | 11 kB |
URL GET HTTP/3flaredownload.com/visit/get-data?landingId=6573&subid=8f9683bc-1ffa-4450-95a2-62ca40531570&networkid=200347&publisher=4a8c9935&isNewTr=1&stream=&subsource= IP104.21.19.111:443
Requested byhttps://flaredownload.com/en_us/unlock-content-now?&subid=8f9683bc-1ffa-4450-95a2-62ca40531570&networkid=200347&publisher=4a8c9935&isNewTr=1&stream=&subsource= CertificateIssuerGoogle Trust Services LLC Subjectflaredownload.com FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50 ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT
Hash38bcf8d7b1a2dc93fc2d72f67f64d9a7 b6304f21bfb79baa347bc5122358f0df771b70bb 6365b1f7a156a2884ed36b1517a93e40a12ebb93f77b58a366933ebd9adfe075
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /visit/get-data?landingId=6573&subid=8f9683bc-1ffa-4450-95a2-62ca40531570&networkid=200347&publisher=4a8c9935&isNewTr=1&stream=&subsource= HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
sentry-trace: 0280c89102424cc9b9486a2698a87403-857a783c48bca37f-0
baggage: sentry-environment=production,sentry-public_key=9056b383582c444792eb65c1726488d9,sentry-trace_id=0280c89102424cc9b9486a2698a87403,sentry-sample_rate=0.1,sentry-sampled=false
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/en_us/unlock-content-now?&subid=8f9683bc-1ffa-4450-95a2-62ca40531570&networkid=200347&publisher=4a8c9935&isNewTr=1&stream=&subsource=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 02 May 2024 21:52:48 GMT
content-type: application/json; charset=UTF-8
set-cookie: visitInfo::6573=c5081eb4f71b3e83a40f29fac1124e037f56902dab686688b93b637c8b4795bca%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A6573%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%227cb763c0bfc785466b79c98c35a44c5f%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%224a8c9935%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%228f9683bc-1ffa-4450-95a2-62ca40531570%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D; path=/; HttpOnly; SameSite=Lax
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FgqUZgC21Lr%2B%2Bl8ibLU%2BFnea6av3s2P%2BxojLV4jNMXbb1Z8muM%2FD%2BwEMTzcPrFIHF5DBWqVgyfdaEbhR4nZRShwC0Osln%2FmGKrTE%2Bz5XU5B7jP9dtyBDWG92KmassCVwRLOZrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87db3d8c59020b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| flaredownload.com/assets/hl-41e46faf.woff2 | 104.21.19.111 | 200 OK | 7.9 kB |
URL GET HTTP/3flaredownload.com/assets/hl-41e46faf.woff2 IP104.21.19.111:443
Requested byhttps://flaredownload.com/en_us/unlock-content-now?&subid=8f9683bc-1ffa-4450-95a2-62ca40531570&networkid=200347&publisher=4a8c9935&isNewTr=1&stream=&subsource= CertificateIssuerGoogle Trust Services LLC Subjectflaredownload.com FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50 ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 7900, version 1.0 Hash9ed361bba8488aeb2797b82befda20f1 6f80d965a066aff81c0a344d4b7297bd009cc099 41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/hl-41e46faf.woff2 HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-78f24724.css
Cookie: visitInfo::6573=c5081eb4f71b3e83a40f29fac1124e037f56902dab686688b93b637c8b4795bca%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A6573%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%227cb763c0bfc785466b79c98c35a44c5f%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%224a8c9935%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%228f9683bc-1ffa-4450-95a2-62ca40531570%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D; _ga_CK9NSGSVJF=GS1.1.1714686768.1.0.1714686768.0.0.0; _ga=GA1.1.418617194.1714686769
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 02 May 2024 21:52:49 GMT
content-type: application/octet-stream
content-length: 7900
last-modified: Tue, 30 Apr 2024 11:04:24 GMT
etag: "6630d038-1edc"
access-control-allow-origin: *
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JCATm8SShkCBS3WuyVWphB6xr0soxkY4mq0Kq4PlVtc8wkyRG7sGEB2YmRtj4HgsQCOoiC2dcuwt8WQYh%2BmLt5g%2FaM3%2BBtnjhtUuGNMr3SC8nlNPC4Az6pz6uq7Qg3ogOYU%2FDlwXcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 87db3d923e0c0b69-OSL
alt-svc: h3=":443"; ma=86400
|
|
| event.secureanalytic.com/register/event_log/v9e179lqez | 188.114.97.1 | 200 OK | 0 B |
URL POST HTTP/2event.secureanalytic.com/register/event_log/v9e179lqez IP188.114.97.1:443
Requested byhttps://flaredownload.com/en_us/unlock-content-now?&subid=8f9683bc-1ffa-4450-95a2-62ca40531570&networkid=200347&publisher=4a8c9935&isNewTr=1&stream=&subsource= CertificateIssuerLet's Encrypt Subjectsecureanalytic.com FingerprintE8:56:22:9E:5D:B8:81:BD:9C:20:0E:24:64:BE:C4:CA:4E:D6:C9:63 ValidityFri, 29 Mar 2024 10:27:40 GMT - Thu, 27 Jun 2024 10:27:39 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /register/event_log/v9e179lqez HTTP/1.1
Host: event.secureanalytic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://flaredownload.com/
Origin: https://flaredownload.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 02 May 2024 21:52:49 GMT
content-length: 0
expires: 0
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-headers: content-type
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
access-control-allow-methods: POST
x-frame-options: SAMEORIGIN
access-control-expose-headers: Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-content-type-options: nosniff
permissions-policy: camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
access-control-max-age: 1800
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yMot6RffCRy53VI6TM5Ycg4tl70dpZqnKDkXgZd0FwNTMFXdAQoxz%2BZ46TQ3%2Fw31AS1lVquVFEaFCz8Q0k6L69nsyGPqpksq8x3coxJ9EcurxrN0hu4oTke7D0%2FOC9%2Fhm7P9hjwgtlfckDw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87db3d91ff5cb50f-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| flaredownload.com/assets/hl-6f73767e.js | 104.21.19.111 | 200 OK | 415 B |
URL GET HTTP/3flaredownload.com/assets/hl-6f73767e.js IP104.21.19.111:443
Requested byhttps://flaredownload.com/en_us/unlock-content-now?&subid=8f9683bc-1ffa-4450-95a2-62ca40531570&networkid=200347&publisher=4a8c9935&isNewTr=1&stream=&subsource= CertificateIssuerGoogle Trust Services LLC Subjectflaredownload.com FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50 ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT
File typeASCII text, with very long lines (1263), with no line terminators Hash5168e2bd6ea61c61ffc85070695db0a0 015634c336e6b853b1459cc2f915cf32286d966d bc6e2004c6005453b32fa7483ca27faf09c39e08c6c64be3642bd58dd864541d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/hl-6f73767e.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-9b82fb7e.js
Cookie: visitInfo::6573=c5081eb4f71b3e83a40f29fac1124e037f56902dab686688b93b637c8b4795bca%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A6573%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%227cb763c0bfc785466b79c98c35a44c5f%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%224a8c9935%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%228f9683bc-1ffa-4450-95a2-62ca40531570%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 02 May 2024 21:52:48 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=1264
access-control-allow-origin: *
etag: W/"6630d038-4f0"
last-modified: Tue, 30 Apr 2024 11:04:24 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LeqJ6AXDVsnEEsJdXOcM0cRD5xtn%2BPQHhZukrBQpNT8EvmpCHrsJLnj0dIaQtSMGEfA1JkxpZ62bPsGr0QU5WVWdugMxcK4NmO0%2FJLhvGv57SAs%2BEE2PAk3SqOdVd661dOIEC9gDOg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 0
server: cloudflare
cf-ray: 87db3d904c010b69-OSL
content-encoding: br
|
|
| flaredownload.com/assets/hl-08811a43.js | 104.21.19.111 | 200 OK | 4.4 kB |
URL GET HTTP/3flaredownload.com/assets/hl-08811a43.js IP104.21.19.111:443
Requested byhttps://flaredownload.com/en_us/unlock-content-now?&subid=8f9683bc-1ffa-4450-95a2-62ca40531570&networkid=200347&publisher=4a8c9935&isNewTr=1&stream=&subsource= CertificateIssuerGoogle Trust Services LLC Subjectflaredownload.com FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50 ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT
File typeJavaScript source, ASCII text, with very long lines (1922), with no line terminators Hashb3cc658ff9142451c0996b8387b9d0a8 e3c6e04ce8075674ff655e2c40972357de28b831 452f2f0c2d36818e3fef0ce6f98c9bcbf9a04430f36bb20128c46b402f0dd401
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/hl-08811a43.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-a4d1bde7.js
Cookie: visitInfo::6573=c5081eb4f71b3e83a40f29fac1124e037f56902dab686688b93b637c8b4795bca%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A6573%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%227cb763c0bfc785466b79c98c35a44c5f%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%224a8c9935%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%228f9683bc-1ffa-4450-95a2-62ca40531570%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D; _ga_CK9NSGSVJF=GS1.1.1714686768.1.0.1714686768.0.0.0; _ga=GA1.1.418617194.1714686769
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 02 May 2024 21:52:49 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=1923
access-control-allow-origin: *
etag: W/"6630d038-783"
last-modified: Tue, 30 Apr 2024 11:04:24 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5yeJK8hwCK70Ljgp9ruqkI3uTQPi4SVhqNxfk46dhuPXfaU6k7hHZuGVFdJ4maCdsHif2t9kp0%2FvFyln8MammmwL8f1HWVuR9R5NpjBgGrt1ISx835Gd2NoMAU2ywUC2wIXXk2UyLw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 0
server: cloudflare
cf-ray: 87db3d928e3d0b69-OSL
content-encoding: br
|
|
| flaredownload.com/assets/hl-10019e0a.js | 104.21.19.111 | 200 OK | 12 kB |
URL GET HTTP/3flaredownload.com/assets/hl-10019e0a.js IP104.21.19.111:443
Requested byhttps://flaredownload.com/en_us/unlock-content-now?&subid=8f9683bc-1ffa-4450-95a2-62ca40531570&networkid=200347&publisher=4a8c9935&isNewTr=1&stream=&subsource= CertificateIssuerGoogle Trust Services LLC Subjectflaredownload.com FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50 ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT
File typeASCII text, with very long lines (915), with no line terminators Hash1e3a1a6723609eeef1ca18aec31ede1d 405b4e4497e97405e5995f09124499ac81fac9e9 bf2961388d2f4dfc52a8de4cb9c8950391e67b7663f19816825b4e94045096b3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/hl-10019e0a.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/en_us/unlock-content-now?&subid=8f9683bc-1ffa-4450-95a2-62ca40531570&networkid=200347&publisher=4a8c9935&isNewTr=1&stream=&subsource=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 02 May 2024 21:52:48 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=916
access-control-allow-origin: *
etag: W/"6630d038-394"
last-modified: Tue, 30 Apr 2024 11:04:24 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xxkkSLAmcA4oxnCGW8DMngCyQ%2BRlS7kyC6fBpa6cInHJarUGC4s1lwZVdLIwzKVfMSsL8IX77uSEi7Od69ySApLoms2kaqSYKNyoPohFq7vwsJJbUxiKq4k3U2s8qPw6NETWF9%2Fpsg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
server: cloudflare
cf-ray: 87db3d90ac6a0b69-OSL
content-encoding: br
|
|
| flaredownload.com/assets/hl-0b0bf188.js | 104.21.19.111 | 200 OK | 9.4 kB |
URL GET HTTP/3flaredownload.com/assets/hl-0b0bf188.js IP104.21.19.111:443
Requested byhttps://flaredownload.com/en_us/unlock-content-now?&subid=8f9683bc-1ffa-4450-95a2-62ca40531570&networkid=200347&publisher=4a8c9935&isNewTr=1&stream=&subsource= CertificateIssuerGoogle Trust Services LLC Subjectflaredownload.com FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50 ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT
File typeASCII text, with very long lines (360), with no line terminators Hash96de889f939ba92725dcd6509ce3a39e c20d3f7ad0871f253b67d8da84fe39b8c73d3c68 803c41be01289bc55301a91007de053c3a90ca4fa4b1cda8c9a7d22141eff9f4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/hl-0b0bf188.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-6f73767e.js
Cookie: visitInfo::6573=c5081eb4f71b3e83a40f29fac1124e037f56902dab686688b93b637c8b4795bca%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A6573%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%227cb763c0bfc785466b79c98c35a44c5f%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%224a8c9935%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%228f9683bc-1ffa-4450-95a2-62ca40531570%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 02 May 2024 21:52:48 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=361
access-control-allow-origin: *
etag: W/"6630d038-169"
last-modified: Tue, 30 Apr 2024 11:04:24 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F83bJvzvcyJgkJ6fbkKUXt%2FgEFGoMnnFoZTZvQJXSEb8RbPTTN2GG080hxNcEjoAex5v2v5u9gHMtFyIpldvqCMYQRPRtkPpBPwB0ootraMXkLAmX%2Fys18uvMoqnb5F0J9vzfRa5Hw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 0
server: cloudflare
cf-ray: 87db3d90cc750b69-OSL
content-encoding: br
|
|
| flaredownload.com/assets/hl-e23d783b.js | 104.21.19.111 | 200 OK | 13 kB |
URL GET HTTP/3flaredownload.com/assets/hl-e23d783b.js IP104.21.19.111:443
Requested byhttps://flaredownload.com/en_us/unlock-content-now?&subid=8f9683bc-1ffa-4450-95a2-62ca40531570&networkid=200347&publisher=4a8c9935&isNewTr=1&stream=&subsource= CertificateIssuerGoogle Trust Services LLC Subjectflaredownload.com FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50 ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT
File typeASCII text, with very long lines (1877), with no line terminators Hash36f589520a75fc40147713ec23bdd82b b0f0f0b43ffa0388561a8670591e4a656e66169d eeca14b6169a558b5b5e618ecddae6eb2de4aeb8a90077795ab183960a2b1593
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/hl-e23d783b.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/en_us/unlock-content-now?&subid=8f9683bc-1ffa-4450-95a2-62ca40531570&networkid=200347&publisher=4a8c9935&isNewTr=1&stream=&subsource=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 02 May 2024 21:52:48 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=1878
access-control-allow-origin: *
etag: W/"6630d038-756"
last-modified: Tue, 30 Apr 2024 11:04:24 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bHn4rXhS7%2Fk2yaUJ0dkR7a%2FLsNa403gq3RtlmrsJahX6o10Z7XiUX6uU0A8jxVylh1A3deFzMJOT%2FHSfN7xPVunmwLgx9TPKfZg1U60%2F2MP3bPWNpzC%2BFLUO5%2FZ3cSpH6%2FbfFelM4w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
server: cloudflare
cf-ray: 87db3d907c420b69-OSL
content-encoding: br
|
|
| flaredownload.com/assets/hl-b93b9165.woff2 | 104.21.19.111 | 200 OK | 8.0 kB |
URL GET HTTP/3flaredownload.com/assets/hl-b93b9165.woff2 IP104.21.19.111:443
Requested byhttps://flaredownload.com/en_us/unlock-content-now?&subid=8f9683bc-1ffa-4450-95a2-62ca40531570&networkid=200347&publisher=4a8c9935&isNewTr=1&stream=&subsource= CertificateIssuerGoogle Trust Services LLC Subjectflaredownload.com FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50 ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 7988, version 1.0 Hash087457026965f98466618a478c4b1b07 00b024ccb35e3694de662d180d6ea7f56de6d654 b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/hl-b93b9165.woff2 HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-78f24724.css
Cookie: visitInfo::6573=c5081eb4f71b3e83a40f29fac1124e037f56902dab686688b93b637c8b4795bca%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A6573%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%227cb763c0bfc785466b79c98c35a44c5f%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%224a8c9935%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%228f9683bc-1ffa-4450-95a2-62ca40531570%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D; _ga_CK9NSGSVJF=GS1.1.1714686768.1.0.1714686768.0.0.0; _ga=GA1.1.418617194.1714686769
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 21:52:49 GMT
content-type: application/octet-stream
content-length: 7988
last-modified: Tue, 30 Apr 2024 11:04:24 GMT
etag: "6630d038-1f34"
access-control-allow-origin: *
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MAHZhg0Uro0jOejcWPmh0vo7sRhyhXOYju0iQr0XxNZFFSCrT8205q1ipqc%2F1WkkzMN605uFTl6hVcIzzG5dFZYXPx9jqc5YWfK7vROO3ModF%2Bp32WZIQiFLbW1%2Fgi5IFWi9iJfHoA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
accept-ranges: bytes
server: cloudflare
cf-ray: 87db3d923e0a0b69-OSL
alt-svc: h3=":443"; ma=86400
|
|
| flaredownload.com/lead/prefill | 104.21.19.111 | 200 OK | 64 B |
URL POST HTTP/3flaredownload.com/lead/prefill IP104.21.19.111:443
Requested byhttps://flaredownload.com/en_us/unlock-content-now?&subid=8f9683bc-1ffa-4450-95a2-62ca40531570&networkid=200347&publisher=4a8c9935&isNewTr=1&stream=&subsource= CertificateIssuerGoogle Trust Services LLC Subjectflaredownload.com FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50 ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hash0a00dc476383c35bcfbc0ea44c3a60ea 36ebdfa0bfa4aa0ec8f4d7417d2112bae7d406db 819bd596583bc3bc638b2fa8d87d80b16551a1d68abb86261795db848cc226d2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /lead/prefill HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
sentry-trace: 0280c89102424cc9b9486a2698a87403-9230d945e548e937-0
baggage: sentry-environment=production,sentry-public_key=9056b383582c444792eb65c1726488d9,sentry-trace_id=0280c89102424cc9b9486a2698a87403,sentry-sample_rate=0.1,sentry-transaction=LandingHome,sentry-sampled=false
Content-Length: 56
Origin: https://flaredownload.com
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/en_us/unlock-content-now?&subid=8f9683bc-1ffa-4450-95a2-62ca40531570&networkid=200347&publisher=4a8c9935&isNewTr=1&stream=&subsource=
Cookie: visitInfo::6573=c5081eb4f71b3e83a40f29fac1124e037f56902dab686688b93b637c8b4795bca%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A6573%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%227cb763c0bfc785466b79c98c35a44c5f%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%224a8c9935%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%228f9683bc-1ffa-4450-95a2-62ca40531570%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D; _ga_CK9NSGSVJF=GS1.1.1714686768.1.0.1714686768.0.0.0; _ga=GA1.1.418617194.1714686769
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 21:52:49 GMT
content-type: application/json; charset=UTF-8
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BtQylcVw8vVbWllTuTYvoFUOWNRHnoaxPHNO8AcuXzTUueKWUTHNh337C6Ud6xRIq0YjdXFQFUGeND1f7kUKKvs6zbYrNeurB5nFEeO0GOWdzUx89aRkNSl2c%2FlB4ZkOW%2FAHGg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87db3d91fddd0b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| flaredownload.com/assets/hl-02495a6a.js | 104.21.19.111 | 200 OK | 426 B |
URL GET HTTP/3flaredownload.com/assets/hl-02495a6a.js IP104.21.19.111:443
Requested byhttps://flaredownload.com/en_us/unlock-content-now?&subid=8f9683bc-1ffa-4450-95a2-62ca40531570&networkid=200347&publisher=4a8c9935&isNewTr=1&stream=&subsource= CertificateIssuerGoogle Trust Services LLC Subjectflaredownload.com FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50 ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT
File typeASCII text, with very long lines (456), with no line terminators Hash047d44e23ee756a959c50f65e5bf1d4f a53215ab0671ad9f389e32edcaf078174e430df1 da2d8aaffaf9e40b0b9107dc66ef091b6fd4b24074e9789015e1bd2bf7ed5a0d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/hl-02495a6a.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-0b0bf188.js
Cookie: visitInfo::6573=c5081eb4f71b3e83a40f29fac1124e037f56902dab686688b93b637c8b4795bca%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A6573%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%227cb763c0bfc785466b79c98c35a44c5f%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%224a8c9935%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%228f9683bc-1ffa-4450-95a2-62ca40531570%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 21:52:48 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=427
access-control-allow-origin: *
etag: W/"6630d038-1ab"
last-modified: Tue, 30 Apr 2024 11:04:24 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GwLv7JDegq%2FdfSocntJubC3iSev7UDEkKf1GVNSHBAFCEhLv%2Fje6GcLZuHlDF6IZAyiWwwCvgHt2twbdSoMKlfnb9KxOnCZjC%2BZvixY4DR%2FaRLBx%2BnshocHK8ZFpfxfbRmmS7lExnw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 0
server: cloudflare
cf-ray: 87db3d90ecca0b69-OSL
content-encoding: br
|
|
| flaredownload.com/assets/hl-de833af9.js | 104.21.19.111 | 200 OK | 690 B |
URL GET HTTP/3flaredownload.com/assets/hl-de833af9.js IP104.21.19.111:443
Requested byhttps://flaredownload.com/en_us/unlock-content-now?&subid=8f9683bc-1ffa-4450-95a2-62ca40531570&networkid=200347&publisher=4a8c9935&isNewTr=1&stream=&subsource= CertificateIssuerGoogle Trust Services LLC Subjectflaredownload.com FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50 ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT
File typeJavaScript source, ASCII text, with very long lines (704), with no line terminators Hash25a523c7c0658e2bf768f0e26f59fbd8 fdae37e60c01daf3551830ba3639873e313e6495 37c6c8ba37235a274a7739b7021a9ea8104d57dd951ede499d1691f28175fb59
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/hl-de833af9.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-1ce00f64.js
Cookie: visitInfo::6573=c5081eb4f71b3e83a40f29fac1124e037f56902dab686688b93b637c8b4795bca%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A6573%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%227cb763c0bfc785466b79c98c35a44c5f%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%224a8c9935%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%228f9683bc-1ffa-4450-95a2-62ca40531570%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 21:52:48 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=691
access-control-allow-origin: *
etag: W/"6630d038-2b3"
last-modified: Tue, 30 Apr 2024 11:04:24 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sE2wRjcE0eBMndkNipetbxGf4G0H06HS%2B%2Fjsykl0%2BapfAX5z89UA%2B28nlRckqFnRy0KmEhg%2F7tBFQlE74VQOLwWui9GX0r8u1V4y7s%2B2VD2Z0HY2sde175RSjZZbZXQll5QQ4b4Umw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 0
server: cloudflare
cf-ray: 87db3d8e0a470b69-OSL
content-encoding: br
|
|
| flaredownload.com/assets/hl-4f383950.js | 104.21.19.111 | 200 OK | 561 B |
URL GET HTTP/3flaredownload.com/assets/hl-4f383950.js IP104.21.19.111:443
Requested byhttps://flaredownload.com/en_us/unlock-content-now?&subid=8f9683bc-1ffa-4450-95a2-62ca40531570&networkid=200347&publisher=4a8c9935&isNewTr=1&stream=&subsource= CertificateIssuerGoogle Trust Services LLC Subjectflaredownload.com FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50 ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT
File typeASCII text, with very long lines (583), with no line terminators Hashecfa1edea2124a26c0eebe13301df934 7daea65038b70ae4169779de3cb9b371958118fd c6229eac3f5dffc7af687347ae6e6768c08e8c91c6f1101cec7a31110508c327
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/hl-4f383950.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-0b0bf188.js
Cookie: visitInfo::6573=c5081eb4f71b3e83a40f29fac1124e037f56902dab686688b93b637c8b4795bca%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A6573%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%227cb763c0bfc785466b79c98c35a44c5f%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%224a8c9935%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%228f9683bc-1ffa-4450-95a2-62ca40531570%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 21:52:48 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=562
access-control-allow-origin: *
etag: W/"6630d038-232"
last-modified: Tue, 30 Apr 2024 11:04:24 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ci6pFPdqu6vera3XCfB9jLUhGQXnyvXzxwdAm9CHYDHOFVgKWkDZvceenLC3pEjH6V%2BSaO7ceiQJvveMw8KMFMrNFKbt%2FtaWmGFUqpFulzsAzjDuQnMkUKb%2BRSpfSj8AsHdIeeqKHg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 0
server: cloudflare
cf-ray: 87db3d90dc9b0b69-OSL
content-encoding: br
|
|
| flaredownload.com/assets/hl-35a77ba0.js | 104.21.19.111 | 200 OK | 72 kB |
URL GET HTTP/3flaredownload.com/assets/hl-35a77ba0.js IP104.21.19.111:443
Requested byhttps://flaredownload.com/en_us/unlock-content-now?&subid=8f9683bc-1ffa-4450-95a2-62ca40531570&networkid=200347&publisher=4a8c9935&isNewTr=1&stream=&subsource= CertificateIssuerGoogle Trust Services LLC Subjectflaredownload.com FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50 ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/hl-35a77ba0.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-1ce00f64.js
Cookie: visitInfo::6573=c5081eb4f71b3e83a40f29fac1124e037f56902dab686688b93b637c8b4795bca%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A6573%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%227cb763c0bfc785466b79c98c35a44c5f%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%224a8c9935%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%228f9683bc-1ffa-4450-95a2-62ca40531570%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 21:52:48 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=72018
access-control-allow-origin: *
etag: W/"6630d038-11952"
last-modified: Tue, 30 Apr 2024 11:04:24 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ao3GGfl8ETrmKyShZMMI7Ckm%2FqiqYtDBUB0jg2e%2BbyBgMZGg9sj%2FupfVKF4shWTZJZ7J2L7XPPHjARpuVfKE1bxwDBXw%2Ban%2FZHcS8TX4s3dTpPIwUoqBQ9qgiT6HR5tF7JBnPfa1fA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 0
server: cloudflare
cf-ray: 87db3d8e0a430b69-OSL
content-encoding: br
|
|
| flaredownload.com/assets/hl-78f24724.css | 104.21.19.111 | 200 OK | 26 kB |
URL GET HTTP/3flaredownload.com/assets/hl-78f24724.css IP104.21.19.111:443
Requested byhttps://flaredownload.com/en_us/unlock-content-now?&subid=8f9683bc-1ffa-4450-95a2-62ca40531570&networkid=200347&publisher=4a8c9935&isNewTr=1&stream=&subsource= CertificateIssuerGoogle Trust Services LLC Subjectflaredownload.com FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50 ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT
File typeASCII text, with very long lines (26409), with no line terminators Hashf89cae638a8015aae1089a2222424d0c 2af82acafcc3e922b30bed5dd5516def3003b013 5043dc083072fc72e3ac45b97c961ee95ad1b6ad9d31f5d461dad48e63454371
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/hl-78f24724.css HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/en_us/unlock-content-now?&subid=8f9683bc-1ffa-4450-95a2-62ca40531570&networkid=200347&publisher=4a8c9935&isNewTr=1&stream=&subsource=
Cookie: visitInfo::6573=c5081eb4f71b3e83a40f29fac1124e037f56902dab686688b93b637c8b4795bca%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A6573%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%227cb763c0bfc785466b79c98c35a44c5f%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%224a8c9935%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%228f9683bc-1ffa-4450-95a2-62ca40531570%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 21:52:48 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=26547
access-control-allow-origin: *
etag: W/"6630d038-67b3"
last-modified: Tue, 30 Apr 2024 11:04:24 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FWBFL2I1d%2BVR9aLN6sPCL9o8cWWI5JDxylfhZJjNibVorE7aCXOtiY%2BoGCt%2BUjwoiwk7qMFLWlzJsTdtiKdfNs8qT7SGBfjQgpF%2BppcU4lpQTLnKSw04W9LJmSQFMyMCvyWS6FIfsg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
server: cloudflare
cf-ray: 87db3d905c290b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| flaredownload.com/prod/images/dcc108854556e12dfd36f01828010f0f.png | 104.21.19.111 | 200 OK | 9.2 kB |
URL GET HTTP/3flaredownload.com/prod/images/dcc108854556e12dfd36f01828010f0f.png IP104.21.19.111:443
Requested byhttps://flaredownload.com/en_us/unlock-content-now?&subid=8f9683bc-1ffa-4450-95a2-62ca40531570&networkid=200347&publisher=4a8c9935&isNewTr=1&stream=&subsource= CertificateIssuerGoogle Trust Services LLC Subjectflaredownload.com FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50 ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT
File typePNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced Hashf4a32eb2e5f203dab4882f7b7581b06e 8d51933205a3ed27c2c6bd0182142d6f8432d929 83ec91fc25549922aa0f873a3dc6a3e71f83d8b8cd75fb018475762be29a894e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /prod/images/dcc108854556e12dfd36f01828010f0f.png HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/en_us/unlock-content-now?&subid=8f9683bc-1ffa-4450-95a2-62ca40531570&networkid=200347&publisher=4a8c9935&isNewTr=1&stream=&subsource=
Cookie: visitInfo::6573=c5081eb4f71b3e83a40f29fac1124e037f56902dab686688b93b637c8b4795bca%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A6573%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%227cb763c0bfc785466b79c98c35a44c5f%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%224a8c9935%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%228f9683bc-1ffa-4450-95a2-62ca40531570%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 21:52:48 GMT
content-type: image/png
content-length: 9232
last-modified: Tue, 30 Apr 2024 12:55:37 GMT
etag: "6630ea49-2410"
access-control-allow-origin: *
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eEcmdsIrmZ%2BTk2%2FoWr44nOm4xgJkYrWWPdfRxvdcT23jg2AFUqERGKYKafXD%2F56Wn5A9dKoeYm49ewicWl8pFgMlmJNukFKhomrdiNREphAUgFAn2uPUxK2cnWN%2FcHxtiiJhivLpCw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 87db3d915d5a0b69-OSL
alt-svc: h3=":443"; ma=86400
|
|
| flaredownload.com/assets/hl-35a77ba0.js | 104.21.19.111 | 200 OK | 72 kB |
URL GET HTTP/3flaredownload.com/assets/hl-35a77ba0.js IP104.21.19.111:443
Requested byhttps://flaredownload.com/en_us/unlock-content-now?&subid=8f9683bc-1ffa-4450-95a2-62ca40531570&networkid=200347&publisher=4a8c9935&isNewTr=1&stream=&subsource= CertificateIssuerGoogle Trust Services LLC Subjectflaredownload.com FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50 ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/hl-35a77ba0.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/en_us/unlock-content-now?&subid=8f9683bc-1ffa-4450-95a2-62ca40531570&networkid=200347&publisher=4a8c9935&isNewTr=1&stream=&subsource=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 21:52:48 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=72018
access-control-allow-origin: *
etag: W/"6630d038-11952"
last-modified: Tue, 30 Apr 2024 11:04:24 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ao3GGfl8ETrmKyShZMMI7Ckm%2FqiqYtDBUB0jg2e%2BbyBgMZGg9sj%2FupfVKF4shWTZJZ7J2L7XPPHjARpuVfKE1bxwDBXw%2Ban%2FZHcS8TX4s3dTpPIwUoqBQ9qgiT6HR5tF7JBnPfa1fA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
server: cloudflare
cf-ray: 87db3d8d99d90b69-OSL
content-encoding: br
|
|
| flaredownload.com/assets/hl-c19e0283.js | 104.21.19.111 | 200 OK | 2.8 kB |
URL GET HTTP/3flaredownload.com/assets/hl-c19e0283.js IP104.21.19.111:443
Requested byhttps://flaredownload.com/en_us/unlock-content-now?&subid=8f9683bc-1ffa-4450-95a2-62ca40531570&networkid=200347&publisher=4a8c9935&isNewTr=1&stream=&subsource= CertificateIssuerGoogle Trust Services LLC Subjectflaredownload.com FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50 ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT
File typeJavaScript source, ASCII text, with very long lines (2919), with no line terminators Hash8b71a60b5768b9cced21d3a8fea48b9a 772986f0db471c4d8df2d8199cf20e8d1d2d1aea d00f6a255df62d96cdefa8aa4776e04495761586cc950c94a09d3145109fb783
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/hl-c19e0283.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-5c2cfe2f.js
Cookie: visitInfo::6573=c5081eb4f71b3e83a40f29fac1124e037f56902dab686688b93b637c8b4795bca%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A6573%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%227cb763c0bfc785466b79c98c35a44c5f%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%224a8c9935%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%228f9683bc-1ffa-4450-95a2-62ca40531570%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D; _ga_CK9NSGSVJF=GS1.1.1714686768.1.0.1714686768.0.0.0; _ga=GA1.1.418617194.1714686769
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 21:52:49 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=2842
access-control-allow-origin: *
etag: W/"6630d038-b1a"
last-modified: Tue, 30 Apr 2024 11:04:24 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bb9UMKdCpLXdtIbecWffDH4BIze9VczAsF9MiXKi%2BfpyObzGpfmMh9H9fgMrhrtDowvP%2FZixmqiX0U8eoTZLssOGGIszWx2VBVevb2kllhRLxO0fBJI%2FD7WQ1X2f5XQPMbivKrwppg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
server: cloudflare
cf-ray: 87db3d922e030b69-OSL
content-encoding: br
|
|
| flaredownload.com/assets/hl-c19e0283.js | 104.21.19.111 | 200 OK | 2.8 kB |
URL GET HTTP/3flaredownload.com/assets/hl-c19e0283.js IP104.21.19.111:443
Requested byhttps://flaredownload.com/en_us/unlock-content-now?&subid=8f9683bc-1ffa-4450-95a2-62ca40531570&networkid=200347&publisher=4a8c9935&isNewTr=1&stream=&subsource= CertificateIssuerGoogle Trust Services LLC Subjectflaredownload.com FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50 ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT
File typeJavaScript source, ASCII text, with very long lines (2919), with no line terminators Hash8b71a60b5768b9cced21d3a8fea48b9a 772986f0db471c4d8df2d8199cf20e8d1d2d1aea d00f6a255df62d96cdefa8aa4776e04495761586cc950c94a09d3145109fb783
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/hl-c19e0283.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/en_us/unlock-content-now?&subid=8f9683bc-1ffa-4450-95a2-62ca40531570&networkid=200347&publisher=4a8c9935&isNewTr=1&stream=&subsource=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 21:52:49 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=2842
access-control-allow-origin: *
etag: W/"6630d038-b1a"
last-modified: Tue, 30 Apr 2024 11:04:24 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bb9UMKdCpLXdtIbecWffDH4BIze9VczAsF9MiXKi%2BfpyObzGpfmMh9H9fgMrhrtDowvP%2FZixmqiX0U8eoTZLssOGGIszWx2VBVevb2kllhRLxO0fBJI%2FD7WQ1X2f5XQPMbivKrwppg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
server: cloudflare
cf-ray: 87db3d921df00b69-OSL
content-encoding: br
|
|
| flaredownload.com/assets/hl-5c2cfe2f.js | 104.21.19.111 | 200 OK | 6.1 kB |
URL GET HTTP/3flaredownload.com/assets/hl-5c2cfe2f.js IP104.21.19.111:443
Requested byhttps://flaredownload.com/en_us/unlock-content-now?&subid=8f9683bc-1ffa-4450-95a2-62ca40531570&networkid=200347&publisher=4a8c9935&isNewTr=1&stream=&subsource= CertificateIssuerGoogle Trust Services LLC Subjectflaredownload.com FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50 ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT
File typeASCII text, with very long lines (6412), with no line terminators Hash04dd0557e174d7af20aedf066f6090f1 e29ddf8f5c47aa621ecc05dbec82db786a9f8282 a13d33bccb559f8b859c0ffae80398d2e3312b0c47e79fbec4f7dd8619ac32e5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/hl-5c2cfe2f.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/en_us/unlock-content-now?&subid=8f9683bc-1ffa-4450-95a2-62ca40531570&networkid=200347&publisher=4a8c9935&isNewTr=1&stream=&subsource=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 21:52:48 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=6097
access-control-allow-origin: *
etag: W/"6630d038-17d1"
last-modified: Tue, 30 Apr 2024 11:04:24 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xoO%2BxMgfHJs96M50P0ezNmkd4hbTAijAjb3QH%2Fji%2BYsuZMDgIuG0rtYAB%2BNE2BrUo6vhwUH4SJT6xVkLv8jXDrzPl02ejumkUb7KfXWRp1Ni8%2BjZohwew8vpJHgNDKKVvh4IIwdsmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
server: cloudflare
cf-ray: 87db3d90ac6b0b69-OSL
content-encoding: br
|
|
| flaredownload.com/assets/hl-cb0a5a8f.js | 104.21.19.111 | 200 OK | 779 B |
URL GET HTTP/3flaredownload.com/assets/hl-cb0a5a8f.js IP104.21.19.111:443
Requested byhttps://flaredownload.com/en_us/unlock-content-now?&subid=8f9683bc-1ffa-4450-95a2-62ca40531570&networkid=200347&publisher=4a8c9935&isNewTr=1&stream=&subsource= CertificateIssuerGoogle Trust Services LLC Subjectflaredownload.com FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50 ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT
File typeASCII text, with very long lines (821), with no line terminators Hashf058ffd65de848c85f1c8530f12b2662 e9c93ba580d348525c24b3151dec389e0024c8d0 3dd776711e35db679c1de366efe262f6de9027e36aa19f5703e797a8183f3169
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/hl-cb0a5a8f.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-5c2cfe2f.js
Cookie: visitInfo::6573=c5081eb4f71b3e83a40f29fac1124e037f56902dab686688b93b637c8b4795bca%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A6573%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%227cb763c0bfc785466b79c98c35a44c5f%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%224a8c9935%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%228f9683bc-1ffa-4450-95a2-62ca40531570%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D; _ga_CK9NSGSVJF=GS1.1.1714686768.1.0.1714686768.0.0.0; _ga=GA1.1.418617194.1714686769
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 21:52:49 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=780
access-control-allow-origin: *
etag: W/"6630d038-30c"
last-modified: Tue, 30 Apr 2024 11:04:24 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4oB6LD5Uju%2BRo8BpQ6InLQzOI1Wwh3%2FqZrOCzn3HnLf5M0cwE5lBiMxpUx6ULCAMz1L2Rh7cyyrBeUs%2Freww62Yx9oG7Bk2bXzOdAVpL1yfjFECfI2TOD6%2BeJFEY2014piuBP2btYw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
server: cloudflare
cf-ray: 87db3d922e040b69-OSL
content-encoding: br
|
|
| flaredownload.com/assets/hl-a4d1bde7.js | 104.21.19.111 | 200 OK | 616 B |
URL GET HTTP/3flaredownload.com/assets/hl-a4d1bde7.js IP104.21.19.111:443
Requested byhttps://flaredownload.com/en_us/unlock-content-now?&subid=8f9683bc-1ffa-4450-95a2-62ca40531570&networkid=200347&publisher=4a8c9935&isNewTr=1&stream=&subsource= CertificateIssuerGoogle Trust Services LLC Subjectflaredownload.com FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50 ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT
File typeASCII text, with very long lines (636), with no line terminators Hashd64c13ef8009002b5acd79f4a90c7cd1 68dfd81e5e5543166f4855b3f26001601ff20861 60858ca0dc0ac6d0cbe762fd28432b53b4832135668792a07932e5d269ef59ba
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/hl-a4d1bde7.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-5c2cfe2f.js
Cookie: visitInfo::6573=c5081eb4f71b3e83a40f29fac1124e037f56902dab686688b93b637c8b4795bca%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A6573%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%227cb763c0bfc785466b79c98c35a44c5f%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%224a8c9935%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%228f9683bc-1ffa-4450-95a2-62ca40531570%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D; _ga_CK9NSGSVJF=GS1.1.1714686768.1.0.1714686768.0.0.0; _ga=GA1.1.418617194.1714686769
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 21:52:49 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=617
access-control-allow-origin: *
etag: W/"6630d038-269"
last-modified: Tue, 30 Apr 2024 11:04:24 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jqolbZf5rSd%2BlJpWAqec5UjAi%2FENOz111tj3IqGcJANbv2UCqRX4Xo6r0TtqaX%2BXajewbFZSgBEk7N%2FFXkW25FFjt53KlKmJuu2S%2F%2FIj0uro4J9ZcbGaVrt8TBdvtKs1VV3xGnxPaA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
server: cloudflare
cf-ray: 87db3d922e070b69-OSL
content-encoding: br
|
|
| flaredownload.com/assets/hl-d98910d4.css | 104.21.19.111 | 200 OK | 78 kB |
URL GET HTTP/3flaredownload.com/assets/hl-d98910d4.css IP104.21.19.111:443
Requested byhttps://flaredownload.com/en_us/unlock-content-now?&subid=8f9683bc-1ffa-4450-95a2-62ca40531570&networkid=200347&publisher=4a8c9935&isNewTr=1&stream=&subsource= CertificateIssuerGoogle Trust Services LLC Subjectflaredownload.com FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50 ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT
File typeASCII text, with very long lines (65329) Hasha1713c7a8fb53e78bbd5a1c76068791d c15ca4f1e62bde996f9c72fb4a3e3f584b966741 cd7e4b31039bf939306ab3d38291f59e92069a24744e4b359b557aba0eb5b219
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/hl-d98910d4.css HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/en_us/unlock-content-now?&subid=8f9683bc-1ffa-4450-95a2-62ca40531570&networkid=200347&publisher=4a8c9935&isNewTr=1&stream=&subsource=
Cookie: visitInfo::6573=c5081eb4f71b3e83a40f29fac1124e037f56902dab686688b93b637c8b4795bca%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A6573%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%227cb763c0bfc785466b79c98c35a44c5f%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%224a8c9935%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%228f9683bc-1ffa-4450-95a2-62ca40531570%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 21:52:48 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=77791
access-control-allow-origin: *
etag: W/"6630d038-12fdf"
last-modified: Tue, 30 Apr 2024 11:04:24 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Br37s1%2BriG%2FM1wp6X%2Fb1qfFdT3zUG3Kbvdm2x58W6Xkp%2F%2B%2B4fvPzSau6HGcM%2FT6eyDH%2BQ24EUTSe9hqirh1j9LAi3RoPULAVtkF65kcTRBOJfuoJr6VW2DqFswMBpQd4%2Fm6qTtnx%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
server: cloudflare
cf-ray: 87db3d8e3a820b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| flaredownload.com/assets/hl-de833af9.js | 104.21.19.111 | 200 OK | 690 B |
URL GET HTTP/3flaredownload.com/assets/hl-de833af9.js IP104.21.19.111:443
Requested byhttps://flaredownload.com/en_us/unlock-content-now?&subid=8f9683bc-1ffa-4450-95a2-62ca40531570&networkid=200347&publisher=4a8c9935&isNewTr=1&stream=&subsource= CertificateIssuerGoogle Trust Services LLC Subjectflaredownload.com FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50 ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT
File typeJavaScript source, ASCII text, with very long lines (704), with no line terminators Hash25a523c7c0658e2bf768f0e26f59fbd8 fdae37e60c01daf3551830ba3639873e313e6495 37c6c8ba37235a274a7739b7021a9ea8104d57dd951ede499d1691f28175fb59
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/hl-de833af9.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/en_us/unlock-content-now?&subid=8f9683bc-1ffa-4450-95a2-62ca40531570&networkid=200347&publisher=4a8c9935&isNewTr=1&stream=&subsource=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 21:52:48 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=691
access-control-allow-origin: *
etag: W/"6630d038-2b3"
last-modified: Tue, 30 Apr 2024 11:04:24 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sE2wRjcE0eBMndkNipetbxGf4G0H06HS%2B%2Fjsykl0%2BapfAX5z89UA%2B28nlRckqFnRy0KmEhg%2F7tBFQlE74VQOLwWui9GX0r8u1V4y7s%2B2VD2Z0HY2sde175RSjZZbZXQll5QQ4b4Umw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
server: cloudflare
cf-ray: 87db3d8da9de0b69-OSL
content-encoding: br
|
|
| flaredownload.com/assets/hl-9b82fb7e.js | 104.21.19.111 | 200 OK | 4.8 kB |
URL GET HTTP/3flaredownload.com/assets/hl-9b82fb7e.js IP104.21.19.111:443
Requested byhttps://flaredownload.com/en_us/unlock-content-now?&subid=8f9683bc-1ffa-4450-95a2-62ca40531570&networkid=200347&publisher=4a8c9935&isNewTr=1&stream=&subsource= CertificateIssuerGoogle Trust Services LLC Subjectflaredownload.com FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50 ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT
File typeASCII text, with very long lines (5067), with no line terminators Hashd6a5fd5adbf8c12b0cca48ec179c49a3 a209a4cb9020c5233beaf96ea3aa33d6de7ed3b2 448378f8afda38d2a252bc2c362707b7ceb0ecbf724768ff2de171bdb535fc6a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/hl-9b82fb7e.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-d9848c4e.js
Cookie: visitInfo::6573=c5081eb4f71b3e83a40f29fac1124e037f56902dab686688b93b637c8b4795bca%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A6573%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%227cb763c0bfc785466b79c98c35a44c5f%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%224a8c9935%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%228f9683bc-1ffa-4450-95a2-62ca40531570%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 21:52:48 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=4794
access-control-allow-origin: *
etag: W/"6630d038-12ba"
last-modified: Tue, 30 Apr 2024 11:04:24 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qUYp8k107CQEzCfBS1RJONM7CXoioGZEEUZTp371cxqYo%2B0NrkECSxtT7O53hX09r6UcUMD2hB6Jmf%2BaO6rI%2FGpFaEmWvgJGMAEUYPLBK85MYAh8XLsWz8TjZ9umOC1fevpIDQE4aA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
server: cloudflare
cf-ray: 87db3d8da9e00b69-OSL
content-encoding: br
|
|
| flaredownload.com/en_us/unlock-content-now?&subid=8f9683bc-1ffa-4450-95a2-62ca40531570&networkid=200347&publisher=4a8c9935&isNewTr=1&stream=&subsource= | 104.21.19.111 | 200 OK | 417 B |
URL User Request GET HTTP/2flaredownload.com/en_us/unlock-content-now?&subid=8f9683bc-1ffa-4450-95a2-62ca40531570&networkid=200347&publisher=4a8c9935&isNewTr=1&stream=&subsource= IP104.21.19.111:443
CertificateIssuerGoogle Trust Services LLC Subjectflaredownload.com FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50 ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT
File typeHTML document, ASCII text, with very long lines (456), with no line terminators Hash5186ad3b20dea9c7b029bf8652580330 6b099aa0b693f334a52fd2b6baa5d8cc1543de18 a2825203be6baf062c5257ff3f33408cb95e977f40242da719ff276cb71d005c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /en_us/unlock-content-now?&subid=8f9683bc-1ffa-4450-95a2-62ca40531570&networkid=200347&publisher=4a8c9935&isNewTr=1&stream=&subsource= HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 02 May 2024 21:52:47 GMT
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0N%2Bu0Tn2ijXmjVgsNqdCau9H9d5gQYsNRRvZs%2FQD20qTIXS5GWTX%2FvCQ9O%2F9BAWLxIK5PHfbmJJGpNDrLsANRsC65taBhMZFzKRfNsP5%2FTs0g4wGbxqSjk3zAykdKsy71smxaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87db3d8878a056cc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| flaredownload.com/assets/hl-5c2cfe2f.js | 104.21.19.111 | 200 OK | 6.1 kB |
URL GET HTTP/3flaredownload.com/assets/hl-5c2cfe2f.js IP104.21.19.111:443
Requested byhttps://flaredownload.com/en_us/unlock-content-now?&subid=8f9683bc-1ffa-4450-95a2-62ca40531570&networkid=200347&publisher=4a8c9935&isNewTr=1&stream=&subsource= CertificateIssuerGoogle Trust Services LLC Subjectflaredownload.com FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50 ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT
File typeASCII text, with very long lines (6412), with no line terminators Hash04dd0557e174d7af20aedf066f6090f1 e29ddf8f5c47aa621ecc05dbec82db786a9f8282 a13d33bccb559f8b859c0ffae80398d2e3312b0c47e79fbec4f7dd8619ac32e5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/hl-5c2cfe2f.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-0b0bf188.js
Cookie: visitInfo::6573=c5081eb4f71b3e83a40f29fac1124e037f56902dab686688b93b637c8b4795bca%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A6573%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%227cb763c0bfc785466b79c98c35a44c5f%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%224a8c9935%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%228f9683bc-1ffa-4450-95a2-62ca40531570%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 21:52:48 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=6097
access-control-allow-origin: *
etag: W/"6630d038-17d1"
last-modified: Tue, 30 Apr 2024 11:04:24 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xoO%2BxMgfHJs96M50P0ezNmkd4hbTAijAjb3QH%2Fji%2BYsuZMDgIuG0rtYAB%2BNE2BrUo6vhwUH4SJT6xVkLv8jXDrzPl02ejumkUb7KfXWRp1Ni8%2BjZohwew8vpJHgNDKKVvh4IIwdsmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 0
server: cloudflare
cf-ray: 87db3d90ecb20b69-OSL
content-encoding: br
|
|
| flaredownload.com/assets/hl-a4d1bde7.js | 104.21.19.111 | 200 OK | 616 B |
URL GET HTTP/3flaredownload.com/assets/hl-a4d1bde7.js IP104.21.19.111:443
Requested byhttps://flaredownload.com/en_us/unlock-content-now?&subid=8f9683bc-1ffa-4450-95a2-62ca40531570&networkid=200347&publisher=4a8c9935&isNewTr=1&stream=&subsource= CertificateIssuerGoogle Trust Services LLC Subjectflaredownload.com FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50 ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT
File typeASCII text, with very long lines (636), with no line terminators Hashd64c13ef8009002b5acd79f4a90c7cd1 68dfd81e5e5543166f4855b3f26001601ff20861 60858ca0dc0ac6d0cbe762fd28432b53b4832135668792a07932e5d269ef59ba
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/hl-a4d1bde7.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/en_us/unlock-content-now?&subid=8f9683bc-1ffa-4450-95a2-62ca40531570&networkid=200347&publisher=4a8c9935&isNewTr=1&stream=&subsource=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 21:52:49 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=617
access-control-allow-origin: *
etag: W/"6630d038-269"
last-modified: Tue, 30 Apr 2024 11:04:24 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jqolbZf5rSd%2BlJpWAqec5UjAi%2FENOz111tj3IqGcJANbv2UCqRX4Xo6r0TtqaX%2BXajewbFZSgBEk7N%2FFXkW25FFjt53KlKmJuu2S%2F%2FIj0uro4J9ZcbGaVrt8TBdvtKs1VV3xGnxPaA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
server: cloudflare
cf-ray: 87db3d921df80b69-OSL
content-encoding: br
|
|
| flaredownload.com/assets/hl-cb0a5a8f.js | 104.21.19.111 | 200 OK | 779 B |
URL GET HTTP/3flaredownload.com/assets/hl-cb0a5a8f.js IP104.21.19.111:443
Requested byhttps://flaredownload.com/en_us/unlock-content-now?&subid=8f9683bc-1ffa-4450-95a2-62ca40531570&networkid=200347&publisher=4a8c9935&isNewTr=1&stream=&subsource= CertificateIssuerGoogle Trust Services LLC Subjectflaredownload.com FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50 ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT
File typeASCII text, with very long lines (821), with no line terminators Hashf058ffd65de848c85f1c8530f12b2662 e9c93ba580d348525c24b3151dec389e0024c8d0 3dd776711e35db679c1de366efe262f6de9027e36aa19f5703e797a8183f3169
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/hl-cb0a5a8f.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/en_us/unlock-content-now?&subid=8f9683bc-1ffa-4450-95a2-62ca40531570&networkid=200347&publisher=4a8c9935&isNewTr=1&stream=&subsource=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 21:52:49 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=780
access-control-allow-origin: *
etag: W/"6630d038-30c"
last-modified: Tue, 30 Apr 2024 11:04:24 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4oB6LD5Uju%2BRo8BpQ6InLQzOI1Wwh3%2FqZrOCzn3HnLf5M0cwE5lBiMxpUx6ULCAMz1L2Rh7cyyrBeUs%2Freww62Yx9oG7Bk2bXzOdAVpL1yfjFECfI2TOD6%2BeJFEY2014piuBP2btYw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
server: cloudflare
cf-ray: 87db3d921df60b69-OSL
content-encoding: br
|
|
| flaredownload.com/assets/hl-b2285d0c.js | 104.21.19.111 | 200 OK | 418 B |
URL GET HTTP/3flaredownload.com/assets/hl-b2285d0c.js IP104.21.19.111:443
Requested byhttps://flaredownload.com/en_us/unlock-content-now?&subid=8f9683bc-1ffa-4450-95a2-62ca40531570&networkid=200347&publisher=4a8c9935&isNewTr=1&stream=&subsource= CertificateIssuerGoogle Trust Services LLC Subjectflaredownload.com FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50 ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT
File typeASCII text, with very long lines (440), with no line terminators Hash85588ca35855f6b2ae9286b7196feeae bf251e5fd48bb9b6c73edb97db4c4a836716cc2e d6b4dba6dff1850017bd0192679ea50a68d766afe6a3ffb9857082a46315e45a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/hl-b2285d0c.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/en_us/unlock-content-now?&subid=8f9683bc-1ffa-4450-95a2-62ca40531570&networkid=200347&publisher=4a8c9935&isNewTr=1&stream=&subsource=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 21:52:48 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=419
access-control-allow-origin: *
etag: W/"6630d038-1a3"
last-modified: Tue, 30 Apr 2024 11:04:24 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7QVmyjbIZ2O5K4Lw93daefJhpPophmiRvAhrefWRCr99G8PG%2BLFZNhM39aKvaXp%2B%2BSDTOh%2B9MTAzyNS5MadPak0D1sO9ULMzVit%2FUoa7wtUWvYiF7Sl%2BkKx1rLIMhfxMLzRWiNQ7cw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
server: cloudflare
cf-ray: 87db3d8d99ce0b69-OSL
content-encoding: br
|
|
| flaredownload.com/assets/hl-cecfe82c.js | 104.21.19.111 | 200 OK | 3.2 kB |
URL GET HTTP/3flaredownload.com/assets/hl-cecfe82c.js IP104.21.19.111:443
Requested byhttps://flaredownload.com/en_us/unlock-content-now?&subid=8f9683bc-1ffa-4450-95a2-62ca40531570&networkid=200347&publisher=4a8c9935&isNewTr=1&stream=&subsource= CertificateIssuerGoogle Trust Services LLC Subjectflaredownload.com FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50 ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT
File typeJavaScript source, ASCII text, with very long lines (3246), with no line terminators Hashbaeaddeb391232a249395c13f7f379b5 3e1199f529c869f163ccaa0354c043190453dda3 ac234644125deb03f142d4cf9dc6d234551a5f3f00bfb7875eaa7ed037971b12
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/hl-cecfe82c.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-d9848c4e.js
Cookie: visitInfo::6573=c5081eb4f71b3e83a40f29fac1124e037f56902dab686688b93b637c8b4795bca%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A6573%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%227cb763c0bfc785466b79c98c35a44c5f%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%224a8c9935%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%228f9683bc-1ffa-4450-95a2-62ca40531570%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 21:52:48 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=3167
access-control-allow-origin: *
etag: W/"6630d038-c5f"
last-modified: Tue, 30 Apr 2024 11:04:24 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6M87wyqlZnxojVpmkSp%2BbxV01ISQC6opKwQi6ctdKIYxBLYDSxksAyybfWdF68tNUNB09PIAjkcvPYwRZuOd5mIh729ev4jFljI9C7gpin7pWa7%2Fa7Tfy6cKcpBoTPxMzXnZWc8igg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: REVALIDATED
server: cloudflare
cf-ray: 87db3d8d89c30b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| flaredownload.com/assets/hl-9b82fb7e.js | 104.21.19.111 | 200 OK | 4.8 kB |
URL GET HTTP/3flaredownload.com/assets/hl-9b82fb7e.js IP104.21.19.111:443
Requested byhttps://flaredownload.com/en_us/unlock-content-now?&subid=8f9683bc-1ffa-4450-95a2-62ca40531570&networkid=200347&publisher=4a8c9935&isNewTr=1&stream=&subsource= CertificateIssuerGoogle Trust Services LLC Subjectflaredownload.com FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50 ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT
File typeASCII text, with very long lines (5067), with no line terminators Hashd6a5fd5adbf8c12b0cca48ec179c49a3 a209a4cb9020c5233beaf96ea3aa33d6de7ed3b2 448378f8afda38d2a252bc2c362707b7ceb0ecbf724768ff2de171bdb535fc6a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/hl-9b82fb7e.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/en_us/unlock-content-now?&subid=8f9683bc-1ffa-4450-95a2-62ca40531570&networkid=200347&publisher=4a8c9935&isNewTr=1&stream=&subsource=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 21:52:48 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=4794
access-control-allow-origin: *
etag: W/"6630d038-12ba"
last-modified: Tue, 30 Apr 2024 11:04:24 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qUYp8k107CQEzCfBS1RJONM7CXoioGZEEUZTp371cxqYo%2B0NrkECSxtT7O53hX09r6UcUMD2hB6Jmf%2BaO6rI%2FGpFaEmWvgJGMAEUYPLBK85MYAh8XLsWz8TjZ9umOC1fevpIDQE4aA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
server: cloudflare
cf-ray: 87db3d8d89ca0b69-OSL
content-encoding: br
|
|
| fonts.googleapis.com/css?family=Roboto:300,400,500,700 | 216.58.207.234 | 200 OK | 8.7 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Roboto:300,400,500,700 IP216.58.207.234:443
Requested byhttps://flaredownload.com/en_us/unlock-content-now?&subid=8f9683bc-1ffa-4450-95a2-62ca40531570&networkid=200347&publisher=4a8c9935&isNewTr=1&stream=&subsource= CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50 ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT
File typeASCII text, with very long lines (8956), with no line terminators Hash91804c0df51e58b0bf469561e1ac2732 cc5a9023e310b49ef8f8ae32bb89ea774fe116ec 8a8aed46bfb9cdec8e34e76343b7e66796cf09926aef42efdfe5fa8a1fdda8aa
GET /css?family=Roboto:300,400,500,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 02 May 2024 21:52:48 GMT
date: Thu, 02 May 2024 21:52:48 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| flaredownload.com/assets/hl-4f383950.js | 104.21.19.111 | 200 OK | 561 B |
URL GET HTTP/3flaredownload.com/assets/hl-4f383950.js IP104.21.19.111:443
Requested byhttps://flaredownload.com/en_us/unlock-content-now?&subid=8f9683bc-1ffa-4450-95a2-62ca40531570&networkid=200347&publisher=4a8c9935&isNewTr=1&stream=&subsource= CertificateIssuerGoogle Trust Services LLC Subjectflaredownload.com FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50 ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT
File typeASCII text, with very long lines (583), with no line terminators Hashecfa1edea2124a26c0eebe13301df934 7daea65038b70ae4169779de3cb9b371958118fd c6229eac3f5dffc7af687347ae6e6768c08e8c91c6f1101cec7a31110508c327
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/hl-4f383950.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/en_us/unlock-content-now?&subid=8f9683bc-1ffa-4450-95a2-62ca40531570&networkid=200347&publisher=4a8c9935&isNewTr=1&stream=&subsource=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 21:52:48 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=562
access-control-allow-origin: *
etag: W/"6630d038-232"
last-modified: Tue, 30 Apr 2024 11:04:24 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ci6pFPdqu6vera3XCfB9jLUhGQXnyvXzxwdAm9CHYDHOFVgKWkDZvceenLC3pEjH6V%2BSaO7ceiQJvveMw8KMFMrNFKbt%2FtaWmGFUqpFulzsAzjDuQnMkUKb%2BRSpfSj8AsHdIeeqKHg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
server: cloudflare
cf-ray: 87db3d90ac690b69-OSL
content-encoding: br
|
|
| flaredownload.com/favicon.ico | 104.21.19.111 | 200 OK | 4.3 kB |
URL GET HTTP/3flaredownload.com/favicon.ico IP104.21.19.111:443
Requested byhttps://flaredownload.com/en_us/unlock-content-now?&subid=8f9683bc-1ffa-4450-95a2-62ca40531570&networkid=200347&publisher=4a8c9935&isNewTr=1&stream=&subsource= CertificateIssuerGoogle Trust Services LLC Subjectflaredownload.com FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50 ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT
File typeMS Windows icon resource - 1 icon, 32x32, 32 bits/pixel Hash1ba2ae710d927f13d483fd5d1e548c9b c0605efed936ee2600284e6480521d06fa64f872 db74ab0b78338c1f778f8398c45f4103c99aea0e845a3118a7750b4eeafd3445
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/en_us/unlock-content-now?&subid=8f9683bc-1ffa-4450-95a2-62ca40531570&networkid=200347&publisher=4a8c9935&isNewTr=1&stream=&subsource=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 21:52:48 GMT
content-type: image/x-icon
last-modified: Wed, 13 Sep 2023 08:04:59 GMT
etag: W/"65016d2b-10be"
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2w70x4XLMdTDi2VYKshyW6PDGMi5k0kKLe2F20us54Ifqd5BWHODR%2BAeGKVDtwLPPk46vFvcfuQwIfBSrlbKCBWzrbCIrI%2BdLCDaxf5GQ9xcqAeffdvs6FKkcTThHnq2pYyyVw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87db3d8d09690b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| secureanalytic.com/scripts/push/script/02eyoyxdkz?url=flaredownload.com | 188.114.97.1 | 200 OK | 8.1 kB |
URL GET HTTP/2secureanalytic.com/scripts/push/script/02eyoyxdkz?url=flaredownload.com IP188.114.97.1:443
Requested byhttps://flaredownload.com/en_us/unlock-content-now?&subid=8f9683bc-1ffa-4450-95a2-62ca40531570&networkid=200347&publisher=4a8c9935&isNewTr=1&stream=&subsource= CertificateIssuerLet's Encrypt Subjectsecureanalytic.com FingerprintE8:56:22:9E:5D:B8:81:BD:9C:20:0E:24:64:BE:C4:CA:4E:D6:C9:63 ValidityFri, 29 Mar 2024 10:27:40 GMT - Thu, 27 Jun 2024 10:27:39 GMT
File typeJavaScript source, ASCII text, with very long lines (8385), with no line terminators Hashb45c7286594795de3b392f6f8942604d 51239b08544394e811b8fdcc3bdc1df3832256e5 d1cfecd1075f9a9eea50304717a1fbd7cf2601c2d2bc80c698d4136846fdbef7
GET /scripts/push/script/02eyoyxdkz?url=flaredownload.com HTTP/1.1
Host: secureanalytic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 02 May 2024 21:52:48 GMT
content-type: application/javascript;charset=UTF-8
expires: 0
cache-control: max-age=14400, must-revalidate
x-xss-protection: 1; mode=block
pragma: no-cache
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-content-type-options: nosniff
permissions-policy: camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-cache-status: EXPIRED
last-modified: Thu, 02 May 2024 15:26:46 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=04W85ro8%2BoeEA%2F9tmLYvPpwxpTtVvQ9rNjJU%2BsoZk59jcXqnKlYt636MJOa60NkhfVKEd3DO6mWgRSeWMzQpuAiTk7W3ZSG3oOn6InaREPXcLR3UNC4H47S9G7uqgy%2F06pdiDfE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87db3d8e4a64b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| flaredownload.com/assets/hl-02495a6a.js | 104.21.19.111 | 200 OK | 426 B |
URL GET HTTP/3flaredownload.com/assets/hl-02495a6a.js IP104.21.19.111:443
Requested byhttps://flaredownload.com/en_us/unlock-content-now?&subid=8f9683bc-1ffa-4450-95a2-62ca40531570&networkid=200347&publisher=4a8c9935&isNewTr=1&stream=&subsource= CertificateIssuerGoogle Trust Services LLC Subjectflaredownload.com FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50 ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT
File typeASCII text, with very long lines (456), with no line terminators Hash047d44e23ee756a959c50f65e5bf1d4f a53215ab0671ad9f389e32edcaf078174e430df1 da2d8aaffaf9e40b0b9107dc66ef091b6fd4b24074e9789015e1bd2bf7ed5a0d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/hl-02495a6a.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/en_us/unlock-content-now?&subid=8f9683bc-1ffa-4450-95a2-62ca40531570&networkid=200347&publisher=4a8c9935&isNewTr=1&stream=&subsource=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 21:52:48 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=427
access-control-allow-origin: *
etag: W/"6630d038-1ab"
last-modified: Tue, 30 Apr 2024 11:04:24 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GwLv7JDegq%2FdfSocntJubC3iSev7UDEkKf1GVNSHBAFCEhLv%2Fje6GcLZuHlDF6IZAyiWwwCvgHt2twbdSoMKlfnb9KxOnCZjC%2BZvixY4DR%2FaRLBx%2BnshocHK8ZFpfxfbRmmS7lExnw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
server: cloudflare
cf-ray: 87db3d90ac6c0b69-OSL
content-encoding: br
|
|
| flaredownload.com/assets/hl-b2285d0c.js | 104.21.19.111 | 200 OK | 418 B |
URL GET HTTP/3flaredownload.com/assets/hl-b2285d0c.js IP104.21.19.111:443
Requested byhttps://flaredownload.com/en_us/unlock-content-now?&subid=8f9683bc-1ffa-4450-95a2-62ca40531570&networkid=200347&publisher=4a8c9935&isNewTr=1&stream=&subsource= CertificateIssuerGoogle Trust Services LLC Subjectflaredownload.com FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50 ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT
File typeASCII text, with very long lines (440), with no line terminators Hash85588ca35855f6b2ae9286b7196feeae bf251e5fd48bb9b6c73edb97db4c4a836716cc2e d6b4dba6dff1850017bd0192679ea50a68d766afe6a3ffb9857082a46315e45a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/hl-b2285d0c.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-9b82fb7e.js
Cookie: visitInfo::6573=c5081eb4f71b3e83a40f29fac1124e037f56902dab686688b93b637c8b4795bca%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A6573%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%227cb763c0bfc785466b79c98c35a44c5f%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%224a8c9935%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%228f9683bc-1ffa-4450-95a2-62ca40531570%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 21:52:48 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=419
access-control-allow-origin: *
etag: W/"6630d038-1a3"
last-modified: Tue, 30 Apr 2024 11:04:24 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7QVmyjbIZ2O5K4Lw93daefJhpPophmiRvAhrefWRCr99G8PG%2BLFZNhM39aKvaXp%2B%2BSDTOh%2B9MTAzyNS5MadPak0D1sO9ULMzVit%2FUoa7wtUWvYiF7Sl%2BkKx1rLIMhfxMLzRWiNQ7cw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 0
server: cloudflare
cf-ray: 87db3d8e0a3f0b69-OSL
content-encoding: br
|
|