Report - get-booksnow.com/en_us/unlock-content-now?&subid=b51c36a7-2b1b-4680-9c5f-47fb36753197&networkid=200347&publisher=447fc4d7&isNewTr=1&stream=

Report Overview

Submitted URL
get-booksnow.com/en_us/unlock-content-now?&subid=b51c36a7-2b1b-4680-9c5f-47fb36753197&networkid=200347&publisher=447fc4d7&isNewTr=1&stream=
IP
188.114.96.1
ASN
#13335 CLOUDFLARENET
Submitted
2023-06-10 13:57:17
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
secureanalytic.com	13422	2019-05-02	2015-12-31	2023-06-09	449 B	8.8 kB	172.64.129.12
cdn.content-loads.com	unknown	2022-06-04	2022-06-05	2023-06-09	7.0 kB	726 kB	104.26.8.128
ocsp.pki.goog	175	2016-06-13	2018-07-01	2023-06-10	1.3 kB	2.8 kB	142.250.74.131
www.googletagmanager.com	75	2011-11-11	2013-05-22	2023-06-10	427 B	48 kB	142.250.74.40
get-booksnow.com	unknown	2023-05-22	2023-05-22	2023-06-10	2.0 kB	27 kB	188.114.96.1
event.secureanalytic.com	30491	2019-05-02	2021-07-14	2023-06-09	1.1 kB	2.4 kB	172.64.129.12
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2023-06-10	452 B	9.1 kB	142.250.74.106

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-06-10	medium	get-booksnow.com
2023-06-10	medium	get-booksnow.com

ThreatFox

No alerts detected

JavaScript (12)

	URL	Size	First Seen	Last Seen
	get-booksnow.com/en_us/unlock-content-now?&subid=b51c36a7-2b1b-4680-9c5f-47fb36753197&networkid=200347&publisher=447fc4d7&isNewTr=1&stream=	429 B	2023-06-10	2023-06-10
Pretty URL get-booksnow.com/en_us/unlock-content-now?&subid=b51c36a7-2b1b-4680-9c5f-47fb36753197&networkid=200347&publisher=447fc4d7&isNewTr=1&stream= IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-10 15:57:18 Last Seen2023-06-10 15:57:18 Times Seen1 Hash da5d7c0eef0334bc942bfab2e3d10a78 0399fe813b1e069c7efe2629c176b1757ac5e974 29413c1039eb31089cc09cef4c9d794ad82b2253eba34983f347f8f23bebe75e Loading...

	www.googletagmanager.com/gtag/js?id=UA-195162716-6	123 kB	2023-06-10	2023-06-10
Pretty URL www.googletagmanager.com/gtag/js?id=UA-195162716-6 IP 142.250.74.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-10 15:57:18 Last Seen2023-06-10 15:57:18 Times Seen2 Hash 1fb1847110224f159f14fe0f1a1285d8 348d6dcbf281eb160eb5cc75180dfdf65d03b54f 8f2ad3cf6d709ea9d936a024ca33065e4ac5f0cecbe456b3802bbbdf8d2aa259 Loading...

	secureanalytic.com/scripts/push/script/02eyoyxdkz?url=get-booksnow.com	7.4 kB	2023-05-23	2023-07-01
Pretty URL secureanalytic.com/scripts/push/script/02eyoyxdkz?url=get-booksnow.com IP 172.64.129.12 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-23 22:14:15 Last Seen2023-07-01 19:16:48 Times Seen106 Hash 7a2e21065e05ac8b55c236b9e55d0c7e 271d62306e25824e1fe2041f97fd802aa6090ebc 4fe8bb210e9722eac6b288b9e80adbc2f2f1a8e174ed498934846412db04446c Loading...

	get-booksnow.com/en_us/sandbox%20eval%20code	147 B	2023-04-11	2024-04-24
Pretty URL get-booksnow.com/en_us/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-04-24 19:30:01 Times Seen341840 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	www.google-analytics.com/analytics.js	4.7 kB	2023-04-11	2024-04-24
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-04-24 19:30:01 Times Seen341344 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	get-booksnow.com/en_us/unlock-content-now?&subid=b51c36a7-2b1b-4680-9c5f-47fb36753197&networkid=200347&publisher=447fc4d7&isNewTr=1&stream=	2.0 kB	2023-04-30	2023-06-10
Pretty URL get-booksnow.com/en_us/unlock-content-now?&subid=b51c36a7-2b1b-4680-9c5f-47fb36753197&networkid=200347&publisher=447fc4d7&isNewTr=1&stream= IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-30 23:01:05 Last Seen2023-06-10 15:57:49 Times Seen45 Hash e24d84d599ca6d5b0c7fb75ff579ecda 44451b39f9e159e4c5b8e45bf6c9b85455c50915 d6f81be735fbeacc2e25a0deffecc3dc33c27aa1cc0fafcb257419772ec644e4 Loading...

	get-booksnow.com/en_us/unlock-content-now?&subid=b51c36a7-2b1b-4680-9c5f-47fb36753197&networkid=200347&publisher=447fc4d7&isNewTr=1&stream=	183 B	2023-03-14	2024-01-17
Pretty URL get-booksnow.com/en_us/unlock-content-now?&subid=b51c36a7-2b1b-4680-9c5f-47fb36753197&networkid=200347&publisher=447fc4d7&isNewTr=1&stream= IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-14 12:38:35 Last Seen2024-01-17 03:58:08 Times Seen155 Hash a4d02dd1a806270c6bf533d2ab59dfda 0852b38cc228388b07905ce721a53c4f3b08df58 47aeeb06abc2726e474f5abc826c0bc8f0e0b96f28b05b62ef55533c13a60353 Loading...

	cdn.content-loads.com/prod/landings/assets/common/common/dist/vendors.js	520 kB	2023-03-07	2023-09-16
Pretty URL cdn.content-loads.com/prod/landings/assets/common/common/dist/vendors.js IP 104.26.8.128 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:48:53 Last Seen2023-09-16 19:20:39 Times Seen498 Hash 6006858cfd4c396a31a8d95f1fa68b0a 7f29df7d9050fbf512a136e46a9d568cc2a42951 6e654ebb898c8c46e71a40bda430b69e4c2d402e4dd336d1bbea37a677ea9e4a Loading...

	cdn.content-loads.com/prod/landings/assets/common/common/dist/bundle.js	48 kB	2023-05-25	2023-06-27
Pretty URL cdn.content-loads.com/prod/landings/assets/common/common/dist/bundle.js IP 104.26.8.128 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-25 19:31:48 Last Seen2023-06-27 20:40:33 Times Seen224 Hash 98a573651d8ed656278bde024edae5ed 7ab07f7e47391a544ba4e272e2f867f8fd23bdae 281dcbb9b8bacb9502b78fa3dc69b7e1282757b645d495a5ebc09ccf8e2611d0 Loading...

	cdn.content-loads.com/prod/landings/assets/layout28/layout28/js/scripts.js	213 B	2023-03-12	2024-03-24
Pretty URL cdn.content-loads.com/prod/landings/assets/layout28/layout28/js/scripts.js IP 104.26.8.128 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 15:31:43 Last Seen2024-03-24 01:00:26 Times Seen373 Hash d3f41fa37fd73a2d6994ed4cb74ab103 dc3a21ae0bbf1c7e9211ea659b0b49517ff0f9b9 24fb42315d0ae1815b03842655cb8c712a1237ebaa3e93b14997704e4bdca2e2 Loading...

	get-booksnow.com/en_us/unlock-content-now?&subid=b51c36a7-2b1b-4680-9c5f-47fb36753197&networkid=200347&publisher=447fc4d7&isNewTr=1&stream=	542 B	2023-03-07	2024-03-24
Pretty URL get-booksnow.com/en_us/unlock-content-now?&subid=b51c36a7-2b1b-4680-9c5f-47fb36753197&networkid=200347&publisher=447fc4d7&isNewTr=1&stream= IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 13:48:53 Last Seen2024-03-24 01:00:26 Times Seen529 Hash 2878eea34ecd1bcff175ecd73f4c0eea 2e69be47859c2496f178950cd25f668b41e18167 14630d12211d09130f90b452aaa27d07ea6dbe73584e8529cdff9a3f40495a93 Loading...

	get-booksnow.com/en_us/unlock-content-now?&subid=b51c36a7-2b1b-4680-9c5f-47fb36753197&networkid=200347&publisher=447fc4d7&isNewTr=1&stream=	246 B	2023-03-07	2024-03-24
Pretty URL get-booksnow.com/en_us/unlock-content-now?&subid=b51c36a7-2b1b-4680-9c5f-47fb36753197&networkid=200347&publisher=447fc4d7&isNewTr=1&stream= IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 13:48:53 Last Seen2024-03-24 01:00:26 Times Seen528 Hash 6211245c2e190e164fbc2beab42fde6b 073ee461a80c355706c32609b3ae45e8f2571453 3059d689779a9543212f00bb46608e519d2c6a2d049521207f0c0bc43627a848 Loading...

HTTP Transactions (25)

URL IP Response Size

cdn.content-loads.com/prod/landings/assets/layout28/layout28/images/common/card-success-img.png

104.26.8.128

200 OK

5.5 kB

URL GET HTTP/2
cdn.content-loads.com/prod/landings/assets/layout28/layout28/images/common/card-success-img.png
IP
104.26.8.128:443
ASN
#13335 CLOUDFLARENET

Requested by
https://get-booksnow.com/en_us/unlock-content-now?&subid=b51c36a7-2b1b-4680-9c5f-47fb36753197&networkid=200347&publisher=447fc4d7&isNewTr=1&stream=
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint46:D1:50:92:C0:52:B8:1F:56:0C:99:FD:C1:D2:52:6C:44:AC:E4:5D
ValidityFri, 27 Jan 2023 00:00:00 GMT - Fri, 26 Jan 2024 23:59:59 GMT

File type
PNG image data, 225 x 155, 8-bit/color RGBA, non-interlaced\012- data
Size
5.5 kB (5532 bytes)
Hash
d4e9852797d8344d7cf548f0e995b3f9
24d735802263b5a4e213808f063768c2cab64526
df5b88dcdde24064831192cf91da1261929edd43ccd2109c9f48a657b6347dca

HTTP Headers

GET /prod/landings/assets/layout28/layout28/images/common/card-success-img.png HTTP/1.1
Host: cdn.content-loads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://get-booksnow.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 10 Jun 2023 13:57:00 GMT
content-type: image/png
content-length: 5532
last-modified: Fri, 09 Jun 2023 09:29:24 GMT
etag: "6482f0f4-159c"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 1169
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DJ6t83E6Z0qhl1smW4VUNEeoM7r5fAKqQ063gvp6DkiS4Ep3rO2hDnl8XrN8e%2F9fUYZ6bFfng1RyynSObRDoDanZUkcb3d3Ir3YhVhKEVJUzeNQmAIYbjOC724d1MqsMeub7MPu1pw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d521ef4997cb505-OSL
X-Firefox-Spdy: h2

cdn.content-loads.com/prod/landings/assets/layout28/layout28/images/common/card-declined-img.png

104.26.8.128

200 OK

5.6 kB

URL GET HTTP/2
cdn.content-loads.com/prod/landings/assets/layout28/layout28/images/common/card-declined-img.png
IP
104.26.8.128:443
ASN
#13335 CLOUDFLARENET

Requested by
https://get-booksnow.com/en_us/unlock-content-now?&subid=b51c36a7-2b1b-4680-9c5f-47fb36753197&networkid=200347&publisher=447fc4d7&isNewTr=1&stream=
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint46:D1:50:92:C0:52:B8:1F:56:0C:99:FD:C1:D2:52:6C:44:AC:E4:5D
ValidityFri, 27 Jan 2023 00:00:00 GMT - Fri, 26 Jan 2024 23:59:59 GMT

File type
PNG image data, 225 x 155, 8-bit/color RGBA, non-interlaced\012- data
Size
5.6 kB (5580 bytes)
Hash
78b2d1575168ed90d031a3dca86563ca
b1b24b07ae83ec93b2e0f224973053abaa8c7acc
a8b45a0089c9ee6f6e4afd93b2468f0e2b6e970d02745747ebc93440e6baacc1

HTTP Headers

GET /prod/landings/assets/layout28/layout28/images/common/card-declined-img.png HTTP/1.1
Host: cdn.content-loads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://get-booksnow.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 10 Jun 2023 13:57:00 GMT
content-type: image/png
content-length: 5580
last-modified: Fri, 09 Jun 2023 09:29:24 GMT
etag: "6482f0f4-15cc"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 1169
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uW4onPyjC0mtgdkWYR4EXb1HivOrQOG1gW4fvXYTRwTABA5xjafgPM86%2Bon4xG8RweNc7lQNsdO9mEY%2B4cAVx9XHScUTzG8Mk7MraJINwJamm%2FYm7AM%2FEcSpX4scE1kb99yY5POW7A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d521ef4997eb505-OSL
X-Firefox-Spdy: h2

cdn.content-loads.com/prod/landings/assets/layout28/layout28/images/common/email-existed-img.png

104.26.8.128

200 OK

6.0 kB

URL GET HTTP/2
cdn.content-loads.com/prod/landings/assets/layout28/layout28/images/common/email-existed-img.png
IP
104.26.8.128:443
ASN
#13335 CLOUDFLARENET

Requested by
https://get-booksnow.com/en_us/unlock-content-now?&subid=b51c36a7-2b1b-4680-9c5f-47fb36753197&networkid=200347&publisher=447fc4d7&isNewTr=1&stream=
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint46:D1:50:92:C0:52:B8:1F:56:0C:99:FD:C1:D2:52:6C:44:AC:E4:5D
ValidityFri, 27 Jan 2023 00:00:00 GMT - Fri, 26 Jan 2024 23:59:59 GMT

File type
PNG image data, 225 x 155, 8-bit/color RGBA, non-interlaced\012- data
Size
6.0 kB (6014 bytes)
Hash
51655898e6c2520a08a65e0eef729ea5
d05f1470dca9a5ef27bfa1f78db4b8ec569d9047
8f1ad81b346d3ee6d36229c7542e9bbd051e58de0c434b7f97cd01bddcd9d678

HTTP Headers

GET /prod/landings/assets/layout28/layout28/images/common/email-existed-img.png HTTP/1.1
Host: cdn.content-loads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://get-booksnow.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 10 Jun 2023 13:57:00 GMT
content-type: image/png
content-length: 6014
last-modified: Fri, 09 Jun 2023 09:29:24 GMT
etag: "6482f0f4-177e"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 1169
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VOIin9NtNlztfRwlkkXQ1%2BnIIBUWULd03uMeKnvM7pr7RJqnc7w%2FD7RYMqM6LhTAP4PY8yVtpjWcOP2thareoPDdcVtRpQflGEaf1iOJkkw3h212vtgnnKYGCFVCRB034zJZnHNfdA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d521ef4997fb505-OSL
X-Firefox-Spdy: h2

cdn.content-loads.com/prod/landings/en_us/unlock-content-now/images/18e8c55ad549933e62ee40b8c7adbdd0.png

104.26.8.128

200 OK

3.2 kB

URL GET HTTP/2
cdn.content-loads.com/prod/landings/en_us/unlock-content-now/images/18e8c55ad549933e62ee40b8c7adbdd0.png
IP
104.26.8.128:443
ASN
#13335 CLOUDFLARENET

Requested by
https://get-booksnow.com/en_us/unlock-content-now?&subid=b51c36a7-2b1b-4680-9c5f-47fb36753197&networkid=200347&publisher=447fc4d7&isNewTr=1&stream=
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint46:D1:50:92:C0:52:B8:1F:56:0C:99:FD:C1:D2:52:6C:44:AC:E4:5D
ValidityFri, 27 Jan 2023 00:00:00 GMT - Fri, 26 Jan 2024 23:59:59 GMT

File type
PNG image data, 100 x 100, 8-bit colormap, non-interlaced\012- data
Size
3.2 kB (3235 bytes)
Hash
18e8c55ad549933e62ee40b8c7adbdd0
f7bc824a4c70a4babc07b21fcbd413885128e92e
69bec757694a537e73efba217eaca74df87935a063fe5c6a25f22c7e196f6520

HTTP Headers

GET /prod/landings/en_us/unlock-content-now/images/18e8c55ad549933e62ee40b8c7adbdd0.png HTTP/1.1
Host: cdn.content-loads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://get-booksnow.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 10 Jun 2023 13:57:00 GMT
content-type: image/png
content-length: 3235
last-modified: Fri, 14 Apr 2023 12:58:23 GMT
etag: "64394def-ca3"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9M0k39Vymy3jjB6PUcH8qsOAasVvlSyFHof4fKRJKwVSOXjloeAefJQaH5lxrbcfrJTj7ZwMxAGmnIy0iVyAKySimxmEbC1rsD0HzxUKd%2BVO64wvaC42tsRYrZNvLmFO7%2FaBD%2FRXVA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d521ef4997ab505-OSL
X-Firefox-Spdy: h2

cdn.content-loads.com/prod/landings/en_us/unlock-content-now/images/2f40fa92fce11c340f70807da03ac0b2.png

104.26.8.128

200 OK

971 B

URL GET HTTP/2
cdn.content-loads.com/prod/landings/en_us/unlock-content-now/images/2f40fa92fce11c340f70807da03ac0b2.png
IP
104.26.8.128:443
ASN
#13335 CLOUDFLARENET

Requested by
https://get-booksnow.com/en_us/unlock-content-now?&subid=b51c36a7-2b1b-4680-9c5f-47fb36753197&networkid=200347&publisher=447fc4d7&isNewTr=1&stream=
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint46:D1:50:92:C0:52:B8:1F:56:0C:99:FD:C1:D2:52:6C:44:AC:E4:5D
ValidityFri, 27 Jan 2023 00:00:00 GMT - Fri, 26 Jan 2024 23:59:59 GMT

File type
PNG image data, 111 x 75, 8-bit colormap, non-interlaced\012- data
Size
971 B (971 bytes)
Hash
2f40fa92fce11c340f70807da03ac0b2
89ef777357b185dee8937a3da0983f39f156fb10
44990fb54269fdec9302792e2c01543679151dbfb279e63089e28656884b3794

HTTP Headers

GET /prod/landings/en_us/unlock-content-now/images/2f40fa92fce11c340f70807da03ac0b2.png HTTP/1.1
Host: cdn.content-loads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://get-booksnow.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 10 Jun 2023 13:57:00 GMT
content-type: image/png
content-length: 971
last-modified: Fri, 14 Apr 2023 12:58:23 GMT
etag: "64394def-3cb"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DdJFzjZVytFmXmfqAnDQe1mqwG7Z5lhR9DiUEeM9UqE%2B%2BRLSnq8RkW6AhamfyqPC%2F%2BLGYecQ0D7oHVyj%2FHnTjg2GuSjNfR2ni6w7KOHjxHeuT9dbH8tvnQcZ6BwM48pftSxWAeXR0w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d521ef4997bb505-OSL
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
1a76ed3f9e8dce63de25d8ca587e2e0b
d6eca26adeed01d3e95c752b62b3884ec3f2511a
18af8bf760a0f7e0d7ebd251b851a86e2c55300aa66e5dafe1be71d8c323a959

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Jun 2023 13:57:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/js?id=UA-195162716-6

142.250.74.40

200 OK

48 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=UA-195162716-6
IP
142.250.74.40:443
ASN
#15169 GOOGLE

Requested by
https://get-booksnow.com/en_us/unlock-content-now?&subid=b51c36a7-2b1b-4680-9c5f-47fb36753197&networkid=200347&publisher=447fc4d7&isNewTr=1&stream=
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint73:BF:B0:D4:62:48:8E:EF:09:5F:00:57:95:98:82:16:BB:07:35:0C
ValidityFri, 19 May 2023 12:53:06 GMT - Fri, 11 Aug 2023 12:53:05 GMT

File type
ASCII text, with very long lines (2271)
Size
48 kB (47576 bytes)
Hash
1fb1847110224f159f14fe0f1a1285d8
348d6dcbf281eb160eb5cc75180dfdf65d03b54f
8f2ad3cf6d709ea9d936a024ca33065e4ac5f0cecbe456b3802bbbdf8d2aa259

HTTP Headers

GET /gtag/js?id=UA-195162716-6 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://get-booksnow.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 10 Jun 2023 13:57:00 GMT
expires: Sat, 10 Jun 2023 13:57:00 GMT
cache-control: private, max-age=900
last-modified: Sat, 10 Jun 2023 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 47576
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
039bd5f5536d1b489d46e52d9cd5a21e
88770d7c23bb9aefa7d8fad6262332c0a682a0d3
6195b2c8747988942a35a477b811d323d137e697b23c6670d093a1b10c4879c9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Jun 2023 13:57:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
1a76ed3f9e8dce63de25d8ca587e2e0b
d6eca26adeed01d3e95c752b62b3884ec3f2511a
18af8bf760a0f7e0d7ebd251b851a86e2c55300aa66e5dafe1be71d8c323a959

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Jun 2023 13:57:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
039bd5f5536d1b489d46e52d9cd5a21e
88770d7c23bb9aefa7d8fad6262332c0a682a0d3
6195b2c8747988942a35a477b811d323d137e697b23c6670d093a1b10c4879c9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Jun 2023 13:57:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn.content-loads.com/prod/landings/assets/layout28/layout28/fonts/poppins/poppins-600.woff2

104.26.8.128

200 OK

8.0 kB

URL GET HTTP/2
cdn.content-loads.com/prod/landings/assets/layout28/layout28/fonts/poppins/poppins-600.woff2
IP
104.26.8.128:443
ASN
#13335 CLOUDFLARENET

Requested by
https://get-booksnow.com/en_us/unlock-content-now?&subid=b51c36a7-2b1b-4680-9c5f-47fb36753197&networkid=200347&publisher=447fc4d7&isNewTr=1&stream=
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint46:D1:50:92:C0:52:B8:1F:56:0C:99:FD:C1:D2:52:6C:44:AC:E4:5D
ValidityFri, 27 Jan 2023 00:00:00 GMT - Fri, 26 Jan 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7988, version 1.0\012- data
Size
8.0 kB (7988 bytes)
Hash
087457026965f98466618a478c4b1b07
00b024ccb35e3694de662d180d6ea7f56de6d654
b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b

HTTP Headers

GET /prod/landings/assets/layout28/layout28/fonts/poppins/poppins-600.woff2 HTTP/1.1
Host: cdn.content-loads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://get-booksnow.com
DNT: 1
Connection: keep-alive
Referer: https://cdn.content-loads.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 10 Jun 2023 13:57:00 GMT
content-type: application/octet-stream
content-length: 7988
last-modified: Fri, 09 Jun 2023 09:29:24 GMT
etag: "6482f0f4-1f34"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 838
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lebchMOkm%2B1M78D2JTVrcOpveLg9yKDm2ammfsC9mfVhvCLv4Ulmp0iXuRFvBY0SgvmE0YRKPMAEyM79mPIk%2BwAHZBWt17emTxuQcT1oUd8kC%2FcQaYkMewE0%2FRY8Q9d49mBlPxq%2FYA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d521ef8be6eb505-OSL
X-Firefox-Spdy: h2

cdn.content-loads.com/prod/landings/assets/layout28/layout28/fonts/poppins/poppins-regular.woff2

104.26.8.128

200 OK

7.9 kB

URL GET HTTP/2
cdn.content-loads.com/prod/landings/assets/layout28/layout28/fonts/poppins/poppins-regular.woff2
IP
104.26.8.128:443
ASN
#13335 CLOUDFLARENET

Requested by
https://get-booksnow.com/en_us/unlock-content-now?&subid=b51c36a7-2b1b-4680-9c5f-47fb36753197&networkid=200347&publisher=447fc4d7&isNewTr=1&stream=
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint46:D1:50:92:C0:52:B8:1F:56:0C:99:FD:C1:D2:52:6C:44:AC:E4:5D
ValidityFri, 27 Jan 2023 00:00:00 GMT - Fri, 26 Jan 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7900, version 1.0\012- data
Size
7.9 kB (7900 bytes)
Hash
9ed361bba8488aeb2797b82befda20f1
6f80d965a066aff81c0a344d4b7297bd009cc099
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c

HTTP Headers

GET /prod/landings/assets/layout28/layout28/fonts/poppins/poppins-regular.woff2 HTTP/1.1
Host: cdn.content-loads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://get-booksnow.com
DNT: 1
Connection: keep-alive
Referer: https://cdn.content-loads.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 10 Jun 2023 13:57:00 GMT
content-type: application/octet-stream
content-length: 7900
last-modified: Fri, 09 Jun 2023 09:29:24 GMT
etag: "6482f0f4-1edc"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 838
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vQoovarVpRr9KI3W9h09Kk4KEMcSXHvMT381RS9cs96xKtaI0ZyNFiUXvH%2Fq2XbxMPQSWW7%2F1NzjxOpgjCeKEO5y9lKxVfYLYKYDWwxr3t%2BtNgIOGNTumbP0BcDLLzUHKvR4n%2BCu4A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d521ef8be7db505-OSL
X-Firefox-Spdy: h2

cdn.content-loads.com/prod/landings/en_us/unlock-content-now/images/f4a32eb2e5f203dab4882f7b7581b06e.png

104.26.8.128

200 OK

9.2 kB

URL GET HTTP/2
cdn.content-loads.com/prod/landings/en_us/unlock-content-now/images/f4a32eb2e5f203dab4882f7b7581b06e.png
IP
104.26.8.128:443
ASN
#13335 CLOUDFLARENET

Requested by
https://get-booksnow.com/en_us/unlock-content-now?&subid=b51c36a7-2b1b-4680-9c5f-47fb36753197&networkid=200347&publisher=447fc4d7&isNewTr=1&stream=
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint46:D1:50:92:C0:52:B8:1F:56:0C:99:FD:C1:D2:52:6C:44:AC:E4:5D
ValidityFri, 27 Jan 2023 00:00:00 GMT - Fri, 26 Jan 2024 23:59:59 GMT

File type
PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Size
9.2 kB (9232 bytes)
Hash
f4a32eb2e5f203dab4882f7b7581b06e
8d51933205a3ed27c2c6bd0182142d6f8432d929
83ec91fc25549922aa0f873a3dc6a3e71f83d8b8cd75fb018475762be29a894e

HTTP Headers

GET /prod/landings/en_us/unlock-content-now/images/f4a32eb2e5f203dab4882f7b7581b06e.png HTTP/1.1
Host: cdn.content-loads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://get-booksnow.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 10 Jun 2023 13:57:01 GMT
content-type: image/png
content-length: 9232
last-modified: Fri, 14 Apr 2023 12:58:23 GMT
etag: "64394def-2410"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rjZP%2FAcTPhxOiBlMeTQFhXdrYDsPGDmTAqaIlUWmGRqqnJ4gBHiE8W5g96T3ql4t6UbpBshkQbJn8AF0hb3KcQe7z37j7BqGXr7csU4x7T35qaG4bHkeDEN7k2NHFBzqtZrgXyDKkg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d521efa9905b505-OSL
X-Firefox-Spdy: h2

get-booksnow.com/lead/prefill

188.114.96.1

200 OK

9.3 kB

URL POST HTTP/3
get-booksnow.com/lead/prefill
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://get-booksnow.com/en_us/unlock-content-now?&subid=b51c36a7-2b1b-4680-9c5f-47fb36753197&networkid=200347&publisher=447fc4d7&isNewTr=1&stream=
Certificate
IssuerGoogle Trust Services LLC
Subjectget-booksnow.com
FingerprintD3:F2:00:5F:1A:56:F7:60:DA:74:17:49:41:5B:22:78:76:23:1D:9C
ValidityMon, 22 May 2023 08:55:00 GMT - Sun, 20 Aug 2023 08:54:59 GMT

File type
JSON data\012- , ASCII text, with no line terminators
Size
9.3 kB (9293 bytes)
Hash
469b4dc67eee4f13496c7ba2715efb9f
96bd09b7e53a9fea666b2e54004cf249d4bd4e17
58a8c78e450324ab7e738926547a4fefe1a2d59801c07d7c96ba6e48c53d248b

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /lead/prefill HTTP/1.1
Host: get-booksnow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
sentry-trace: fc2ad05633c64616963b4e663426f852-adf6de29ebf751b9-0
Content-Length: 65
Origin: https://get-booksnow.com
DNT: 1
Connection: keep-alive
Referer: https://get-booksnow.com/en_us/unlock-content-now?&subid=b51c36a7-2b1b-4680-9c5f-47fb36753197&networkid=200347&publisher=447fc4d7&isNewTr=1&stream=
Cookie: product=0e3982bd1559d08e8610f056adf761fde2bcc64dca58a4af5e6a8c0c5056df52a%3A2%3A%7Bi%3A0%3Bs%3A7%3A%22product%22%3Bi%3A1%3Ba%3A1%3A%7Bs%3A9%3A%22productId%22%3Bi%3A1%3B%7D%7D; visitInfo::6573=6c203cb4b751e9161829ddcf62d90003070777e9ff6a4868f99a9afd970956b2a%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A6573%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%22d5bc4d1e20bed21642c9bb10cd875f9e%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%22447fc4d7%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22b51c36a7-2b1b-4680-9c5f-47fb36753197%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 10 Jun 2023 13:57:01 GMT
content-type: application/json; charset=UTF-8
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zy9AjHCgPDf4goGzhdWZSl%2FmsJ4W6rwt%2FLoTKsj8gAR8mBDcHt6lVCgdzcUYZv69KLMaWa%2BSkBC0ubs3e6parjhQgwVSUCiJP7ytow3AtHny%2FzZfGETDdvgCO5raEki0XzN6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d521ef94cafb512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

event.secureanalytic.com/register/event_log/w6g0q907e9

172.64.129.12

200 OK

0 B

URL OPTIONS HTTP/2
event.secureanalytic.com/register/event_log/w6g0q907e9
IP
172.64.129.12:443
ASN
#13335 CLOUDFLARENET

Requested by
https://get-booksnow.com/en_us/unlock-content-now?&subid=b51c36a7-2b1b-4680-9c5f-47fb36753197&networkid=200347&publisher=447fc4d7&isNewTr=1&stream=
Certificate
IssuerLet's Encrypt
Subjectsecureanalytic.com
Fingerprint78:6B:AF:02:E6:AC:5E:05:5E:BE:23:A3:64:95:13:99:68:93:2C:6A
ValidityThu, 08 Jun 2023 08:18:07 GMT - Wed, 06 Sep 2023 08:18:06 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /register/event_log/w6g0q907e9 HTTP/1.1
Host: event.secureanalytic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://get-booksnow.com/
Origin: https://get-booksnow.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 10 Jun 2023 13:57:01 GMT
content-length: 0
access-control-allow-headers: content-type
access-control-expose-headers: Authorization, Link, X-Total-Count
access-control-allow-origin: https://get-booksnow.com
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 1800
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BpTUk%2BOs0Bg37WcYWkd4wjkf1wjZyvQUYFHJrgFYqvcDVBdzDaOJ65f9bNoAtxkliFwLBt33JRH2%2FRNyymke3UvSM7ry5Z43y89T1hN3HWmy3Q3pRTN%2Fu2cWQKfwKcUHiJoKMP0Ie5mbwug%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d521efa6f7d76d1-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

event.secureanalytic.com/register/event_log/w6g0q907e9

172.64.129.12

200 OK

0 B

URL OPTIONS HTTP/2
event.secureanalytic.com/register/event_log/w6g0q907e9
IP
172.64.129.12:443
ASN
#13335 CLOUDFLARENET

Requested by
https://get-booksnow.com/en_us/unlock-content-now?&subid=b51c36a7-2b1b-4680-9c5f-47fb36753197&networkid=200347&publisher=447fc4d7&isNewTr=1&stream=
Certificate
IssuerLet's Encrypt
Subjectsecureanalytic.com
Fingerprint78:6B:AF:02:E6:AC:5E:05:5E:BE:23:A3:64:95:13:99:68:93:2C:6A
ValidityThu, 08 Jun 2023 08:18:07 GMT - Wed, 06 Sep 2023 08:18:06 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /register/event_log/w6g0q907e9 HTTP/1.1
Host: event.secureanalytic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://get-booksnow.com/
Content-type: application/json
Content-Length: 103
Origin: https://get-booksnow.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 10 Jun 2023 13:57:01 GMT
content-length: 0
expires: 0
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
x-pushplatformapp-params: 
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
x-pushplatformapp-alert: pushPlatformApp.pushSubscription.deleted
x-frame-options: DENY
access-control-expose-headers: Authorization, Link, X-Total-Count
access-control-allow-origin: https://get-booksnow.com
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
x-content-type-options: nosniff
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self'; payment 'none'
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7xtKcOwymYhSiyLLBkskPBUwi3TP9yVUB3coHUBQ543F4DOeAO1ABXtHQzLxbqVRtDgWsPymmFrISDZ2a3qXKwZV39opdBDsnAyTHHxw2EvLuwaqL6zORKSKE3oRkpDOnxF8%2FGU%2BQPj2NjQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d521efca9c276d1-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.content-loads.com/prod/landings/assets/layout28/layout28/styles/brands/unlimited-soft.css

104.26.8.128

200 OK

10 kB

URL GET HTTP/2
cdn.content-loads.com/prod/landings/assets/layout28/layout28/styles/brands/unlimited-soft.css
IP
104.26.8.128:443
ASN
#13335 CLOUDFLARENET

Requested by
https://get-booksnow.com/en_us/unlock-content-now?&subid=b51c36a7-2b1b-4680-9c5f-47fb36753197&networkid=200347&publisher=447fc4d7&isNewTr=1&stream=
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint46:D1:50:92:C0:52:B8:1F:56:0C:99:FD:C1:D2:52:6C:44:AC:E4:5D
ValidityFri, 27 Jan 2023 00:00:00 GMT - Fri, 26 Jan 2024 23:59:59 GMT

File type
ASCII text, with very long lines (10341), with no line terminators
Size
10 kB (10341 bytes)
Hash
14f4c0a782ff9168b6227eae3dc84a7c
99e95a13d6e88454aad7220e40624d4e03a76d4b
1eaee480993414a7e5efd302d2ba98922b0d8e7372c8484dcfa7b25094290fe9

HTTP Headers

GET /prod/landings/assets/layout28/layout28/styles/brands/unlimited-soft.css HTTP/1.1
Host: cdn.content-loads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://get-booksnow.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 10 Jun 2023 13:57:00 GMT
content-type: text/css
access-control-allow-origin: *
cf-bgj: minify
cf-polished: origSize=12876
etag: W/"6482f0f4-324c"
last-modified: Fri, 09 Jun 2023 09:29:24 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 1169
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XZpb4MTCLFnU7zd%2BWtK1WrEgrxHAmUUHGtZToGFTnO8ElEXbez%2F%2FPsoUJmztPIWU%2FUSoaAElzWgH4nteuOAZMZk9sd59DeUFfipRXSMMlT1i3pNUy37WwraVgiYFLobMec4a%2FLAs%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d521ef4998ab505-OSL
content-encoding: br
X-Firefox-Spdy: h2

get-booksnow.com/en_us/unlock-content-now?&subid=b51c36a7-2b1b-4680-9c5f-47fb36753197&networkid=200347&publisher=447fc4d7&isNewTr=1&stream=

188.114.96.1

200 OK

16 kB

URL User Request GET HTTP/2
get-booksnow.com/en_us/unlock-content-now?&subid=b51c36a7-2b1b-4680-9c5f-47fb36753197&networkid=200347&publisher=447fc4d7&isNewTr=1&stream=
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectget-booksnow.com
FingerprintD3:F2:00:5F:1A:56:F7:60:DA:74:17:49:41:5B:22:78:76:23:1D:9C
ValidityMon, 22 May 2023 08:55:00 GMT - Sun, 20 Aug 2023 08:54:59 GMT

File type

Size
16 kB (16187 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /en_us/unlock-content-now?&subid=b51c36a7-2b1b-4680-9c5f-47fb36753197&networkid=200347&publisher=447fc4d7&isNewTr=1&stream= HTTP/1.1
Host: get-booksnow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 10 Jun 2023 13:56:59 GMT
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
set-cookie: product=0e3982bd1559d08e8610f056adf761fde2bcc64dca58a4af5e6a8c0c5056df52a%3A2%3A%7Bi%3A0%3Bs%3A7%3A%22product%22%3Bi%3A1%3Ba%3A1%3A%7Bs%3A9%3A%22productId%22%3Bi%3A1%3B%7D%7D; path=/; HttpOnly; SameSite=Lax
visitInfo::6573=6c203cb4b751e9161829ddcf62d90003070777e9ff6a4868f99a9afd970956b2a%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A6573%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%22d5bc4d1e20bed21642c9bb10cd875f9e%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%22447fc4d7%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22b51c36a7-2b1b-4680-9c5f-47fb36753197%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D; path=/; HttpOnly; SameSite=Lax
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1CgeT1Xkj86XVZu5%2FvcS5gKfylG2mtbNnp61hSGUNQr6MOFy7aNxFzUgYBugoWRloIqeY7FXUzh2OLufNGVYlrZXvzxw9wPlLZ5ZyNW5yC7TZRs8gcribt3JsfAHDumS03sY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d521ef11da4b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.content-loads.com/prod/landings/assets/layout28/layout28/styles/layout/layout.css

104.26.8.128

200 OK

17 kB

URL GET HTTP/2
cdn.content-loads.com/prod/landings/assets/layout28/layout28/styles/layout/layout.css
IP
104.26.8.128:443
ASN
#13335 CLOUDFLARENET

Requested by
https://get-booksnow.com/en_us/unlock-content-now?&subid=b51c36a7-2b1b-4680-9c5f-47fb36753197&networkid=200347&publisher=447fc4d7&isNewTr=1&stream=
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint46:D1:50:92:C0:52:B8:1F:56:0C:99:FD:C1:D2:52:6C:44:AC:E4:5D
ValidityFri, 27 Jan 2023 00:00:00 GMT - Fri, 26 Jan 2024 23:59:59 GMT

File type
ASCII text, with very long lines (17127), with no line terminators
Size
17 kB (17127 bytes)
Hash
6932a277e3f07190fc62f6ac753ff531
b873571caca4fab4446fb33cd8ecde960e2d8d4e
4fc50938e4bef1d68564cc70be5cbdcf83999fe2b6a53a7e7d10c1f287702212

HTTP Headers

GET /prod/landings/assets/layout28/layout28/styles/layout/layout.css HTTP/1.1
Host: cdn.content-loads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://get-booksnow.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 10 Jun 2023 13:57:00 GMT
content-type: text/css
access-control-allow-origin: *
cf-bgj: minify
cf-polished: origSize=22385
etag: W/"6482f0f4-5771"
last-modified: Fri, 09 Jun 2023 09:29:24 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 1169
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qLM3HpBSoR18yfX53%2Bd8ywoSBNDHCj8qQ1MAR1OwrFvxBYinUqNbWtUGT3VVnnqE3nRxE%2BHwJxOqs8kl92477Fv%2B8cf11O96U8gOifNN2hJqY8Sf4OzY84%2Frust6g1sL1DtrY%2Bpl8A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d521ef4998db505-OSL
content-encoding: br
X-Firefox-Spdy: h2

cdn.content-loads.com/prod/landings/assets/layout28/layout28/styles/main/styles.css

104.26.8.128

200 OK

75 kB

URL GET HTTP/2
cdn.content-loads.com/prod/landings/assets/layout28/layout28/styles/main/styles.css
IP
104.26.8.128:443
ASN
#13335 CLOUDFLARENET

Requested by
https://get-booksnow.com/en_us/unlock-content-now?&subid=b51c36a7-2b1b-4680-9c5f-47fb36753197&networkid=200347&publisher=447fc4d7&isNewTr=1&stream=
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint46:D1:50:92:C0:52:B8:1F:56:0C:99:FD:C1:D2:52:6C:44:AC:E4:5D
ValidityFri, 27 Jan 2023 00:00:00 GMT - Fri, 26 Jan 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65328)
Size
75 kB (74798 bytes)
Hash
baddaf70bd6882c3686cc7a56c39d9fa
1f59bcf33a3a1a1b261aae82df88df442519b27d
e3e16c2155413ea674b0dc5c15ff92ef57aba3abfa0ea34673e7cf4c33d12647

HTTP Headers

GET /prod/landings/assets/layout28/layout28/styles/main/styles.css HTTP/1.1
Host: cdn.content-loads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://get-booksnow.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 10 Jun 2023 13:57:00 GMT
content-type: text/css
access-control-allow-origin: *
cf-bgj: minify
cf-polished: origSize=96829
etag: W/"6482f0f4-17a3d"
last-modified: Fri, 09 Jun 2023 09:29:24 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 1169
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AZ34snw9%2BnTBO%2BytX6RSp1zRLbxapQTsv6kp27MzL4VpF2qqWXhfqeOPQKwe4n14s1wRULH5wsaFp%2Fgf6Kp8Uae%2B2JloWqLxYJL9NNtXbm%2FflVKSgLsGvlRY3Oeihwt2WzTms2vNvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d521ef48979b505-OSL
content-encoding: br
X-Firefox-Spdy: h2

cdn.content-loads.com/prod/landings/assets/common/common/dist/vendors.js

104.26.8.128

200 OK

520 kB

URL GET HTTP/2
cdn.content-loads.com/prod/landings/assets/common/common/dist/vendors.js
IP
104.26.8.128:443
ASN
#13335 CLOUDFLARENET

Requested by
https://get-booksnow.com/en_us/unlock-content-now?&subid=b51c36a7-2b1b-4680-9c5f-47fb36753197&networkid=200347&publisher=447fc4d7&isNewTr=1&stream=
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint46:D1:50:92:C0:52:B8:1F:56:0C:99:FD:C1:D2:52:6C:44:AC:E4:5D
ValidityFri, 27 Jan 2023 00:00:00 GMT - Fri, 26 Jan 2024 23:59:59 GMT

File type

Size
520 kB (519854 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /prod/landings/assets/common/common/dist/vendors.js HTTP/1.1
Host: cdn.content-loads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://get-booksnow.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 10 Jun 2023 13:57:00 GMT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cf-polished: origSize=519858
etag: W/"6482f0f8-7eeb2"
last-modified: Fri, 09 Jun 2023 09:29:28 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 6456
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KBfWAVPHpniczK9%2Bmr3p8u7dEodhfJH4wiLLzm9sDN72Zaw%2FLRZp6FU8ReJnvGZ60TeLSxTlVpIVW11u8t62BghnJqrQsn495k7nLTdlNbyfOJ5MlKUH7LX1al%2FYvLmEYcbi5zzsvA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d521ef4a997b505-OSL
content-encoding: br
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto:300,400,500,700

142.250.74.106

200 OK

8.5 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Roboto:300,400,500,700
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://get-booksnow.com/en_us/unlock-content-now?&subid=b51c36a7-2b1b-4680-9c5f-47fb36753197&networkid=200347&publisher=447fc4d7&isNewTr=1&stream=
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint3F:94:23:08:F7:DB:8B:36:93:90:93:F4:9E:46:A6:6A:93:75:15:C0
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT

File type
ASCII text, with very long lines (8716), with no line terminators
Size
8.5 kB (8492 bytes)
Hash
1303310bf811cbabe52e473a56247b05
76a5d89fcefb4e769642a6636f439f3f03833429
ccc9d8c0b923b1470e8ddb0309ed98c9419fd7abb32ead3c0dcebbc30ea84778

HTTP Headers

GET /css?family=Roboto:300,400,500,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn.content-loads.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 10 Jun 2023 13:57:00 GMT
date: Sat, 10 Jun 2023 13:57:00 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

secureanalytic.com/scripts/push/script/02eyoyxdkz?url=get-booksnow.com

172.64.129.12

200 OK

7.4 kB

URL GET HTTP/2
secureanalytic.com/scripts/push/script/02eyoyxdkz?url=get-booksnow.com
IP
172.64.129.12:443
ASN
#13335 CLOUDFLARENET

Requested by
https://get-booksnow.com/en_us/unlock-content-now?&subid=b51c36a7-2b1b-4680-9c5f-47fb36753197&networkid=200347&publisher=447fc4d7&isNewTr=1&stream=
Certificate
IssuerLet's Encrypt
Subjectsecureanalytic.com
Fingerprint78:6B:AF:02:E6:AC:5E:05:5E:BE:23:A3:64:95:13:99:68:93:2C:6A
ValidityThu, 08 Jun 2023 08:18:07 GMT - Wed, 06 Sep 2023 08:18:06 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (7566), with no line terminators
Size
7.4 kB (7354 bytes)
Hash
e2583caaa4d5e0e58ccc3b9da81db98d
a0bdaa250011f51c8ac3594e8d58fb2a050976ec
a208c4edbec94593486c5dbe69fa9639ea25dba946d8d3421b9b664a8e0f79e1

HTTP Headers

GET /scripts/push/script/02eyoyxdkz?url=get-booksnow.com HTTP/1.1
Host: secureanalytic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://get-booksnow.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 10 Jun 2023 13:57:01 GMT
content-type: application/javascript;charset=UTF-8
expires: 0
cache-control: max-age=14400, must-revalidate
x-xss-protection: 1; mode=block
pragma: no-cache
x-frame-options: DENY
referrer-policy: strict-origin-when-cross-origin
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-content-type-options: nosniff
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self'; payment 'none'
cf-cache-status: HIT
age: 3057
last-modified: Sat, 10 Jun 2023 13:06:04 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W8y0PcGKwa%2FmHIRevVucmdpl0KFc06ZFeo7gFbDMp7x53fi5e7LzDi7gFFU8Y%2FLmwaFLFr%2BFbnINti743loLeVa%2FQSHrIr%2Bw4iCdoe4e%2BDOtDginWZo7hMDchA0rEcdipLgxFTM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d521ef94f3e769e-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.content-loads.com/prod/landings/assets/layout28/layout28/js/scripts.js

104.26.8.128

200 OK

213 B

URL GET HTTP/2
cdn.content-loads.com/prod/landings/assets/layout28/layout28/js/scripts.js
IP
104.26.8.128:443
ASN
#13335 CLOUDFLARENET

Requested by
https://get-booksnow.com/en_us/unlock-content-now?&subid=b51c36a7-2b1b-4680-9c5f-47fb36753197&networkid=200347&publisher=447fc4d7&isNewTr=1&stream=
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint46:D1:50:92:C0:52:B8:1F:56:0C:99:FD:C1:D2:52:6C:44:AC:E4:5D
ValidityFri, 27 Jan 2023 00:00:00 GMT - Fri, 26 Jan 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
213 B (213 bytes)
Hash
1685abab05914f7a17388aedbd2f2d8c
b3a0a82c0ad6b940dd4f04c2536afafaf606c8c9
bd93716b19b202c539de7574e070cc724df3a945536b1b4a8c8654b85a2f56a6

HTTP Headers

GET /prod/landings/assets/layout28/layout28/js/scripts.js HTTP/1.1
Host: cdn.content-loads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://get-booksnow.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 10 Jun 2023 13:57:00 GMT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cf-polished: origSize=279
etag: W/"6482f0f4-117"
last-modified: Fri, 09 Jun 2023 09:29:24 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 1169
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yiXtqPkHdLvfCK2FzMrGIfO0Pl4thLcKocv8%2FuQcnSy3vQnRiNkC9t6uTncSJA9hbcCvLdq%2FykmPWvWCRLRnytXdEGVE63NNZnm8ZiIqWqWEyPIcV29M7zPBH72CatTVz%2Flc9F59fQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d521ef4a999b505-OSL
content-encoding: br
X-Firefox-Spdy: h2

cdn.content-loads.com/prod/landings/assets/common/common/dist/bundle.js

104.26.8.128

200 OK

48 kB

URL GET HTTP/2
cdn.content-loads.com/prod/landings/assets/common/common/dist/bundle.js
IP
104.26.8.128:443
ASN
#13335 CLOUDFLARENET

Requested by
https://get-booksnow.com/en_us/unlock-content-now?&subid=b51c36a7-2b1b-4680-9c5f-47fb36753197&networkid=200347&publisher=447fc4d7&isNewTr=1&stream=
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint46:D1:50:92:C0:52:B8:1F:56:0C:99:FD:C1:D2:52:6C:44:AC:E4:5D
ValidityFri, 27 Jan 2023 00:00:00 GMT - Fri, 26 Jan 2024 23:59:59 GMT

File type
ASCII text, with very long lines (47555), with no line terminators
Size
48 kB (47555 bytes)
Hash
98a573651d8ed656278bde024edae5ed
7ab07f7e47391a544ba4e272e2f867f8fd23bdae
281dcbb9b8bacb9502b78fa3dc69b7e1282757b645d495a5ebc09ccf8e2611d0

HTTP Headers

GET /prod/landings/assets/common/common/dist/bundle.js HTTP/1.1
Host: cdn.content-loads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://get-booksnow.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 10 Jun 2023 13:57:00 GMT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
etag: W/"6482f0f8-b9c3"
last-modified: Fri, 09 Jun 2023 09:29:28 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 1468
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rOx2u0C1keJmQhVp71RkDlX4scmryTOFGkMcx6ETs3bOCMDdoBazkXdqqLYTsWRHGO8xf%2Buh9P8FyE5HESptkmi9uxcqVVLH%2FJMpSA9OCKfTQ51wma92wUSAp%2FGZABS1XqyzrtVLDw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d521ef4a99ab505-OSL
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (12)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML