Report - nativebookpdf.com/download/4940626-Breakthrough%20Advertising

Report Overview

Visited public
2025-06-02 07:10:24
Tags
URL
nativebookpdf.com/download/4940626-Breakthrough%20Advertising
Finishing URL
nativebookpdf.com/download/4940626-Breakthrough%20Advertising
IP / ASN
104.21.16.1
#13335 CLOUDFLARENET
Title
(1) New Message!

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
shotgunchancecruel.com	unknown	2024-08-20	2025-01-25	2025-05-26	7.9 kB	12 kB	192.243.61.227
recordedthereby.com	unknown	2024-05-08	2024-05-08	2025-05-26	832 B	172 kB	185.196.197.71
unseenreport.com	unknown	2022-03-30	2022-03-30	2025-05-29	1.5 kB	992 B	192.243.61.227
fonts.gstatic.com	unknown	2008-02-11	2014-04-02	2025-05-28	1.1 kB	82 kB	142.250.74.35
nativebookpdf.com	unknown	unknown	No data	No data	5.9 kB	491 kB	104.21.64.1
fonts.googleapis.com	8877	2005-01-25	2012-05-23	2025-05-28	430 B	17 kB	142.250.74.10
experttrafficcounter.com	unknown	2025-01-23	2025-01-24	2025-05-30	1.8 kB	1.7 kB	3.223.89.16
netdna.bootstrapcdn.com	3413	2012-05-25	2012-09-07	2025-05-29	1.0 kB	116 kB	104.18.10.207
cdnjs.cloudflare.com	235	2009-02-17	2012-05-23	2025-05-28	969 B	37 kB	104.17.25.14
praystakeinstinct.com	unknown	2024-09-01	2025-06-01	2025-06-01	5.1 kB	28 kB	192.243.59.12
cdn.storageimagedisplay.com	unknown	2024-09-13	2024-09-13	2025-05-29	1.8 kB	370 kB	45.133.44.1
code.jquery.com	634	2005-12-10	2012-05-21	2025-05-28	426 B	98 kB	151.101.2.137
img.icons8.com	28959	2011-10-04	2017-05-26	2025-05-29	456 B	1.2 kB	185.76.9.12
ts2.mm.bing.net	309838	1997-09-03	2012-06-27	2025-06-01	456 B	40 kB	150.171.27.10
maxcdn.bootstrapcdn.com	724	2012-05-25	2014-06-18	2025-05-28	449 B	38 kB	104.18.10.207
cdn.show-sb.com	unknown	2024-08-20	2024-08-31	2025-05-30	492 B	2.0 kB	172.67.170.115
capaciousdrewreligion.com	unknown	2023-11-07	2023-11-27	2025-05-30	430 B	377 B	185.196.197.72
cdn.creative-stat1.com	unknown	2024-08-20	2024-08-27	2025-05-29	2.9 kB	185 kB	188.114.97.1
invadedisheartentrail.com	unknown	2024-09-01	2024-10-22	2025-06-02	3.1 kB	14 kB	192.243.61.225
balmyrind.com	unknown	2023-12-21	2023-12-21	2025-05-29	1.8 kB	113 kB	192.243.59.12
stackpath.bootstrapcdn.com	2467	2012-05-25	2018-04-05	2025-05-28	506 B	32 kB	104.18.10.207
wearychallengeraise.com	unknown	2024-08-19	2025-01-23	2025-06-01	3.6 kB	185 kB	192.243.59.12
www.googletagmanager.com	75	2011-11-11	2012-10-04	2025-05-28	438 B	330 kB	142.250.178.40

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-06-02	medium	capaciousdrewreligion.com	Sinkholed
2025-06-02	medium	praystakeinstinct.com	Sinkholed
2025-06-01	medium	invadedisheartentrail.com	Sinkholed
2025-06-01	medium	shotgunchancecruel.com	Sinkholed
2025-06-01	medium	invadedisheartentrail.com	Sinkholed
2025-06-01	medium	shotgunchancecruel.com	Sinkholed
2025-06-01	medium	shotgunchancecruel.com	Sinkholed
2025-06-02	medium	recordedthereby.com	Sinkholed
2025-06-01	medium	shotgunchancecruel.com	Sinkholed
2025-06-02	medium	unseenreport.com	Sinkholed
2025-06-01	medium	shotgunchancecruel.com	Sinkholed
2025-06-02	medium	recordedthereby.com	Sinkholed
2025-06-01	medium	invadedisheartentrail.com	Sinkholed
2025-06-01	medium	wearychallengeraise.com	Sinkholed
2025-06-01	medium	wearychallengeraise.com	Sinkholed
2025-06-02	medium	praystakeinstinct.com	Sinkholed
2025-06-01	medium	wearychallengeraise.com	Sinkholed
2025-06-01	medium	shotgunchancecruel.com	Sinkholed
2025-06-02	medium	praystakeinstinct.com	Sinkholed
2025-06-01	medium	shotgunchancecruel.com	Sinkholed
2025-06-02	medium	praystakeinstinct.com	Sinkholed
2025-06-02	medium	unseenreport.com	Sinkholed
2025-06-01	medium	shotgunchancecruel.com	Sinkholed
2025-06-01	medium	wearychallengeraise.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (36)

	URL	From	Size	First Seen	Last Seen
	about:blank	Eval	2.0 kB	2025-06-02	2025-06-02
Pretty URL about:blank IP 0.0.0.0 ASN #0 Introduced by eval Embedded in HTML false Observations First Seen2025-06-02 07:10 Last Seen2025-06-02 07:10 Times Seen1 Hash 16e3e52aaed07b227fe8b5c4f7b2ddef 2642c34e7e73c4e82888342beaec1751678e42b3 8c1cf6bda926e571250e832d36d5051ab905680d262ed967fde71d345702081e Loading...

	about:blank	ScriptElement	4.9 kB	2025-06-02	2025-06-02
Pretty URL about:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-02 07:10 Last Seen2025-06-02 07:10 Times Seen1 Hash c9b3399d943300c8ad38924ebe801685 21170d7344b9d3df350c9a2af08b8947964751e9 e913de86e52ba0b85856869ed49b947616f3ed1d0cae2ceff3df84e779874116 Loading...

	cdn.creative-stat1.com/sb/notifications/sweep/default/windows-new/2/js/jquery.min.js	ScriptElement	84 kB	2023-03-07	2025-06-22
Pretty URL cdn.creative-stat1.com/sb/notifications/sweep/default/windows-new/2/js/jquery.min.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10 Last Seen2025-06-22 22:36 Times Seen1501 Hash 6326c600df01e3bfb9b40e1aa08176f8 6b4fb754d29b297b539bf62ba9b4eaf0f33f314a df34524351c5fabc921a89183b5da5667aebd7b9e9a1c52255c76ff722935ea3 Loading...

	maxcdn.bootstrapcdn.com/bootstrap/3.3.6/js/bootstrap.min.js	ScriptElement	37 kB	2023-03-07	2025-06-23
Pretty URL maxcdn.bootstrapcdn.com/bootstrap/3.3.6/js/bootstrap.min.js IP 104.18.10.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-06-23 03:05 Times Seen6166 Hash c5b5b2fa19bd66ff23211d9f844e0131 791aa054a026bddc0de92bad6cf7a1c6e73713d5 2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a Loading...

	about:blank	Eval	2.0 kB	2025-06-02	2025-06-02
Pretty URL about:blank IP 0.0.0.0 ASN #0 Introduced by eval Embedded in HTML false Observations First Seen2025-06-02 07:10 Last Seen2025-06-02 07:10 Times Seen1 Hash c9bc63358cdf3dabda5f976a2673f456 bf2c3013c9f379d85655c5efdcd7d9088e7eb161 403a65d14d33fe27498efac9b5dc7217d92634b4cb96ea1469734ed4fdadf2aa Loading...

	about:blank	ScriptElement	145 B	2024-09-29	2025-06-15
Pretty URL about:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-29 20:45 Last Seen2025-06-15 21:53 Times Seen8 Hash 3252dac047e26550cfb2bde08c992f97 410f6754d8f05370fe4c4e4735eef800f59cfa9b 84fcd8d95d41b050c1d11a35564b0da56359479dce2702c9198613fda485cdb2 Loading...

	about:blank	Eval	2.0 kB	2025-06-02	2025-06-02
Pretty URL about:blank IP 0.0.0.0 ASN #0 Introduced by eval Embedded in HTML false Observations First Seen2025-06-02 07:10 Last Seen2025-06-02 07:10 Times Seen1 Hash dda112882fe0e6786e5e0fbe32769dc5 89c65051b316a3812649ba393cfb410953f87e05 476d0d82768c2749337e3d4ba959a60f3849371eb1adc381ded74a1c929ee687 Loading...

	nativebookpdf.com/download/4940626-Breakthrough%20Advertising	ScriptElement	139 B	2025-03-16	2025-06-02
Pretty URL nativebookpdf.com/download/4940626-Breakthrough%20Advertising IP 104.21.64.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-03-16 20:22 Last Seen2025-06-02 07:10 Times Seen9 Hash 1e75465b7b52b81d36e8503cdfeab308 8fa98f982a3e4acae2aac97f7272307384ec127f 18c14d3357194adb0b90d2c5544cc55d5b1dc5c91c2dec4fbf37095e2ab6b858 Loading...

	balmyrind.com/51ff4182c7dc364cf35db1076f415e7c/invoke.js	ScriptElement	27 kB	2025-06-02	2025-06-02
Pretty URL balmyrind.com/51ff4182c7dc364cf35db1076f415e7c/invoke.js IP 192.243.59.12 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-02 07:10 Last Seen2025-06-02 07:10 Times Seen1 Hash 4f42cb70c20e880b4a3114384a78604c ba454a4f0aca15b8320d13e0a84ed04f33157541 fb61372e7119973c4c700483cb41bb50f1af2d1553bc0c42b0ee241cbb42f277 Loading...

	nativebookpdf.com/download/4940626-Breakthrough%20Advertising	ScriptElement	140 B	2024-09-29	2025-06-15
Pretty URL nativebookpdf.com/download/4940626-Breakthrough%20Advertising IP 104.21.64.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-09-29 20:45 Last Seen2025-06-15 21:53 Times Seen16 Hash 367b8832a74bc65f03492e3481fca226 fa73580633344b639a0ca1cc3549555c4abe6ace 803ffd6c1c3b50dd6fa8fe1b3abd3e56740a244823a038286aea0b3c357f6a46 Loading...

	wearychallengeraise.com/80/63/88/8063885bd99612ad36eb78b960c7f724.js	ScriptElement	65 kB	2025-06-02	2025-06-02
Pretty URL wearychallengeraise.com/80/63/88/8063885bd99612ad36eb78b960c7f724.js IP 192.243.59.12 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-02 07:10 Last Seen2025-06-02 07:10 Times Seen1 Hash eede68af935f2876c8ac0666fb8e7f9a 2115d42cd16eb4c928ae9a1d17ecc0cb82b3dc0a f2cadc0785edfaf1834068078242d3b52f66780115b47e17e41d41e17eb7fef7 Loading...

	about:blank	Eval	1.6 kB	2025-06-02	2025-06-02
Pretty URL about:blank IP 0.0.0.0 ASN #0 Introduced by eval Embedded in HTML false Observations First Seen2025-06-02 07:10 Last Seen2025-06-02 07:10 Times Seen1 Hash dd7c2df969552f35c45ba034c2d2671f 5b0a6f089595db82b37e6f67045d4bb56b6def03 2432cc9da968f7904c76f0a072f708696dade23d9a03f599b5b10e84149db57b Loading...

	nativebookpdf.com/download/4940626-Breakthrough%20Advertising	ScriptElement	140 B	2024-09-20	2025-06-02
Pretty URL nativebookpdf.com/download/4940626-Breakthrough%20Advertising IP 104.21.64.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-09-20 21:34 Last Seen2025-06-02 07:10 Times Seen10 Hash 4d903c7635b5a3dbf26f17beaefa6a54 355f35eb1eb4d999610da277b3a4b6483ed30054 bcbbe7230a94663ac8b0d2f32f773fc7460d679de8e21e597c456c53402b8b06 Loading...

	www.googletagmanager.com/gtag/js?id=G-GHQ1VYP4VS	ScriptElement	329 kB	2025-06-02	2025-06-02
Pretty URL www.googletagmanager.com/gtag/js?id=G-GHQ1VYP4VS IP 142.250.178.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-02 07:10 Last Seen2025-06-02 07:10 Times Seen1 Hash e27031716b4fc0b76d76d74e53e960bd bfad427aa5da41811fd463aae1cc19777beda54d 18323112cbb350e92b32a238c6cfd4f841585cb21f70d7ad920feb31925b21f9 Loading...

	recordedthereby.com/sfp.js	ScriptElement	85 kB	2025-01-25	2025-06-23
Pretty URL recordedthereby.com/sfp.js IP 185.196.197.71 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-25 09:25 Last Seen2025-06-23 03:16 Times Seen2026 Hash 108625937affa4b38bb17cea65510d72 2c0f48e9efa3fb5554d1fa393b28d74d5339f9ee c84263fcf6b091998dd37f5f600b3bfea92ac1d31cbf9631bb87fa411124a9e0 Loading...

	about:blank	ScriptElement	145 B	2024-09-20	2025-06-02
Pretty URL about:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-20 21:34 Last Seen2025-06-02 07:10 Times Seen2 Hash 5fd9fab9f7b31631405652e6227b6a9d 75b7237d552c5d0dde9a0d5f209f1755ab0005b7 8f231715c5338153de44f6679ce7b7e2fd7498a0e3993ad6145c9825f94abced Loading...

	about:blank	ScriptElement	145 B	2025-06-01	2025-06-15
Pretty URL about:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-01 10:45 Last Seen2025-06-15 21:53 Times Seen6 Hash b2dca756c6ae2369b05fd5bed3273d68 4eac20950eaf0db8b9c1bdd70e82585f85c5e517 df5dd17b7452086cf723cec00a7194459bf9558d24c453351b909cfde5f232a9 Loading...

	about:blank	Eval	2.0 kB	2025-06-02	2025-06-02
Pretty URL about:blank IP 0.0.0.0 ASN #0 Introduced by eval Embedded in HTML false Observations First Seen2025-06-02 07:10 Last Seen2025-06-02 07:10 Times Seen1 Hash a299e48e3d6f705c66761052bf7163a9 f1f1018907524132e62c0c657a2439a4e3c542fd c5f31f0ccf90d756adf8d34a4e7429c7fb13edcfb0630567e3bc562e1c8ec744 Loading...

	nativebookpdf.com/download/4940626-Breakthrough%20Advertising	ScriptElement	139 B	2025-03-16	2025-06-15
Pretty URL nativebookpdf.com/download/4940626-Breakthrough%20Advertising IP 104.21.64.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-03-16 20:22 Last Seen2025-06-15 21:53 Times Seen14 Hash ae4034fc6ef0e5b096b0b97ef30b165a fd95dade60e5a9973f18bb60bc2d0b9a3193b6df 11ab6e9c05fcef4313629a05a0eb13ceccbb5f7776683a043b687a2355a9ee32 Loading...

	balmyrind.com/c5bb839ff299c2abad7231d4209b59fa/invoke.js	ScriptElement	27 kB	2025-06-02	2025-06-04
Pretty URL balmyrind.com/c5bb839ff299c2abad7231d4209b59fa/invoke.js IP 192.243.59.12 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-02 07:10 Last Seen2025-06-04 18:40 Times Seen2 Hash aaf7267ba1610aa1ecfe00dab74625d3 1b033a6acad201a76c472f289ff6b88af3836044 c78a9b5e13840c2b390e9bbcc6a5722620ef6a2677dc7c2ed7c6a77be0d6da19 Loading...

	code.jquery.com/jquery-1.12.0.min.js	ScriptElement	97 kB	2023-03-07	2025-06-22
Pretty URL code.jquery.com/jquery-1.12.0.min.js IP 151.101.2.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07 Last Seen2025-06-22 16:02 Times Seen2980 Hash cbb11b58473b2d672f4ed53abbb67336 66f47b885d587aa9a6c453ae3f2c9a382e5c7ec7 5f1ab65fe2ad6b381a1ae036716475bf78c9b2e309528cf22170c1ddeefddcbf Loading...

	recordedthereby.com/sfp.js	ScriptElement	85 kB	2025-01-25	2025-06-23
Pretty URL recordedthereby.com/sfp.js IP 185.196.197.71 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-25 09:25 Last Seen2025-06-23 03:16 Times Seen2026 Hash 108625937affa4b38bb17cea65510d72 2c0f48e9efa3fb5554d1fa393b28d74d5339f9ee c84263fcf6b091998dd37f5f600b3bfea92ac1d31cbf9631bb87fa411124a9e0 Loading...

	about:blank	Eval	1.6 kB	2025-06-02	2025-06-02
Pretty URL about:blank IP 0.0.0.0 ASN #0 Introduced by eval Embedded in HTML false Observations First Seen2025-06-02 07:10 Last Seen2025-06-02 07:10 Times Seen1 Hash d90d339a56e02d87eaa4335f4570c7a3 b64841bbda0f652212ebbe46918835df0efa2d64 0e25188681e8108cfb89f9aaa7077c2c260aad43107aedf75be240651cfa9b44 Loading...

	about:blank	Eval	1.6 kB	2025-06-02	2025-06-02
Pretty URL about:blank IP 0.0.0.0 ASN #0 Introduced by eval Embedded in HTML false Observations First Seen2025-06-02 07:10 Last Seen2025-06-02 07:10 Times Seen1 Hash c3c253dd5ffff587f74105b59e2044c6 261d3ddb1b66d7d5dbb852792a0a890e877a3071 48906a509b555c2f4e4fb7b872c2c9e637d3552ac448c1e1da487eb4ba10873a Loading...

	about:blank	ScriptElement	4.9 kB	2025-06-02	2025-06-02
Pretty URL about:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-02 07:10 Last Seen2025-06-02 07:10 Times Seen1 Hash 0420af41e79906fa6597874c00f6f181 ec6b692a7be4d8b27f01b162a714e7317fc157ab 8575cbfae5e55e25f884b2e6c1d34a75522ef3e67b2028611da28458db806f31 Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js	ScriptElement	1.3 kB	2023-03-07	2025-06-23
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14 Last Seen2025-06-23 02:39 Times Seen7258 Hash 4412bf8023109ee9eb1f1f226d391329 c273960aa874a87dd022b5e597887142f1b8e34f d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6 Loading...

	balmyrind.com/67afc2b5ae106f3b8e810cf438915392/invoke.js	ScriptElement	27 kB	2025-06-02	2025-06-02
Pretty URL balmyrind.com/67afc2b5ae106f3b8e810cf438915392/invoke.js IP 192.243.59.12 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-02 07:10 Last Seen2025-06-02 07:10 Times Seen1 Hash f42465ac01895c0512f686e02a60d1fa f22631285a1b721497a27be14a64cac8949485dd c21e78c13b8379cd35987df51e68ed39d6e1f6692fc8431b36dbfa46fcf56b7a Loading...

	nativebookpdf.com/download/4940626-Breakthrough%20Advertising	ScriptElement	153 B	2023-10-31	2025-06-02
Pretty URL nativebookpdf.com/download/4940626-Breakthrough%20Advertising IP 104.21.64.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-10-31 09:36 Last Seen2025-06-02 07:10 Times Seen6 Hash cffdb3da413a48f4de5f4aedec14dbf1 e67ca823cdd3b884d4a70a990dedae3357045118 dd46c39843fe01a57ea870a5a7d71a6f0be1c87ff1810b9800fefef0aafe6acf Loading...

	about:blank	ScriptElement	145 B	2025-06-02	2025-06-02
Pretty URL about:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-02 07:10 Last Seen2025-06-02 07:10 Times Seen1 Hash 066af06cc52807abeef7021efaa6a9d1 9fabdacc9d5c5949d497084879cb25987bd50b8a 7e9b94466a21ae3779bab1b00a283d1728c4a0d5a09272c2b0dec7457e16206f Loading...

	about:blank	Eval	1.6 kB	2025-06-02	2025-06-02
Pretty URL about:blank IP 0.0.0.0 ASN #0 Introduced by eval Embedded in HTML false Observations First Seen2025-06-02 07:10 Last Seen2025-06-02 07:10 Times Seen1 Hash 2ae6c0635eddbd7c554f5b0a59dbfc8e 554a8644eac08432d1fa0f18530a7ca932ba2be5 0bdc95590e8423e6310100d93e0b231ee24b6cdcc4217dc3709e7789236613f9 Loading...

	about:blank	ScriptElement	4.9 kB	2025-06-02	2025-06-02
Pretty URL about:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-02 07:10 Last Seen2025-06-02 07:10 Times Seen1 Hash 95fc2de7d0b7a9aaebf34a5d8b1ebf1f aaffdf9f56149a25c17203d0b732d7d47375e4b5 010192e3a535fa36a0919c709971d8e9c344c4bb44c03bc5ce84f7bfc5f0b1b0 Loading...

	balmyrind.com/5975c768713903f76e87b8db7dd0be20/invoke.js	ScriptElement	28 kB	2025-06-02	2025-06-02
Pretty URL balmyrind.com/5975c768713903f76e87b8db7dd0be20/invoke.js IP 192.243.59.12 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-02 07:10 Last Seen2025-06-02 07:10 Times Seen1 Hash 9b88ac5753154fece24c2ac75843b546 0b61e9b5869302a7e7ef01e767bfe3ddf09412f8 13b97972df88f9502e7e40b1bb27021a1bd9137b0368dd878095119b691faeeb Loading...

	nativebookpdf.com/download/4940626-Breakthrough%20Advertising	ScriptElement	424 B	2025-06-02	2025-06-15
Pretty URL nativebookpdf.com/download/4940626-Breakthrough%20Advertising IP 104.21.64.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-06-02 07:10 Last Seen2025-06-15 21:53 Times Seen2 Hash 920c8cda2bc56fcf60aeedc3e36342c0 b34d120099447581f7e41778e6e45134031434b5 be0c4d519b7b8a129dc887de98f716c8769af3054e00054b89314c91528c9644 Loading...

	wearychallengeraise.com/79/cf/f3/79cff3ffb119ee9289f2e7e5fe2c0498.js	ScriptElement	104 kB	2025-06-02	2025-06-02
Pretty URL wearychallengeraise.com/79/cf/f3/79cff3ffb119ee9289f2e7e5fe2c0498.js IP 192.243.59.12 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-02 07:10 Last Seen2025-06-02 07:10 Times Seen1 Hash 1f42f184675f80cce69867ee7a3aae04 8e90d75bc98d858c71761c1dbe816098516b2d74 c71aa8649620b896fedf855725728ad1e3d92ad30680bde55d3493194e2aebaf Loading...

	about:blank	ScriptElement	4.9 kB	2025-06-02	2025-06-02
Pretty URL about:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-02 07:10 Last Seen2025-06-02 07:10 Times Seen1 Hash 6f23115d502ffc16fd1309973b78bdff 58c21b5d03badad7a7062948871b60288665290a 5cf7a83d95f0db6a5760df823746176c6869d1a9e7559b87d5ba1354406a7a57 Loading...

	about:blank	ScriptElement	8.0 kB	2025-06-02	2025-06-02
Pretty URL about:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-02 07:10 Last Seen2025-06-02 07:10 Times Seen1 Hash 1d38d9623589f3d934f628a189229a25 cfdfefd1ad325842a0ab4ef207a38c5da6a03bd4 04d78ba28c4205aae22e396c9668466f35d842bc04e2f9b657f522fb3cc036eb Loading...

HTTP Transactions (68)

URL IP Response Size

GET nativebookpdf.com/img/371865_100003492652950_2083523518_q.jpg

104.21.64.1

200 OK

2.7 kB

URL GET
nativebookpdf.com/img/371865_100003492652950_2083523518_q.jpg
IP
104.21.64.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nativebookpdf.com/download/4940626-Breakthrough%20Advertising
Certificate
IssuerGoogle Trust Services
Subjectnativebookpdf.com
FingerprintDE:78:64:01:0A:B6:F7:64:CD:E5:F1:90:EF:35:AA:D4:B5:3E:58:E2
ValidityMon, 05 May 2025 09:40:52 GMT - Sun, 03 Aug 2025 10:39:32 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 95", baseline, precision 8, 50x50, components 3
Size
2.7 kB (2723 bytes)
Hash
4f63acf1b505be4fa59c59fc75085751
87def81e26b55e35a803be0de699289d80780a24
770ab0e230ea0379280849ac2e7aa1afe91e4055fa7dca7b33fb3c8c6c0fa72d

HTTP Headers

GET /img/371865_100003492652950_2083523518_q.jpg HTTP/1.1
Host: nativebookpdf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nativebookpdf.com/download/4940626-Breakthrough%20Advertising
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Jun 2025 07:10:01 GMT
content-type: image/jpeg
content-length: 2723
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
last-modified: Fri, 07 Mar 2025 09:50:21 GMT
etag: "aa3-62fbd8d0baa5c"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=xsSdbrtUoGRTGSCsTu%2BB8Ev9MAmtG6a8p%2BOo6XWZNQfCTcLnvMit8KgA7%2F%2FjZ%2F2pwsn7XDPa6yY2x%2FReHwnaKlNgaryowqTcqYgBw%2B2sHg%3D%3D"}]}
cf-ray: 949520ea7ad4569c-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET capaciousdrewreligion.com/advertisers.js

185.196.197.72

200 OK

0 B

URL GET
capaciousdrewreligion.com/advertisers.js
IP
185.196.197.72:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://nativebookpdf.com/download/4940626-Breakthrough%20Advertising
Certificate
IssuerLet's Encrypt
Subjectcapaciousdrewreligion.com
Fingerprint4C:9A:D1:39:AD:B4:C8:D5:6E:A1:5A:54:6F:88:D5:0F:D1:C6:5A:06
ValidityFri, 02 May 2025 21:09:09 GMT - Thu, 31 Jul 2025 21:09:08 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /advertisers.js HTTP/1.1
Host: capaciousdrewreligion.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nativebookpdf.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 02 Jun 2025 07:10:03 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 0ca55ea8e442b806acc7c377a6e58043
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET cdn.creative-stat1.com/sb/notifications/sweep/default/windows-new/2/css/style.css

188.114.97.1

200 OK

3.1 kB

URL GET
cdn.creative-stat1.com/sb/notifications/sweep/default/windows-new/2/css/style.css
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nativebookpdf.com/download/4940626-Breakthrough%20Advertising
Certificate
IssuerGoogle Trust Services
Subjectcreative-stat1.com
Fingerprint0B:D7:09:43:6C:42:76:92:3B:8C:0E:15:43:A3:A3:AC:94:B2:C2:CB
ValiditySun, 13 Apr 2025 21:34:38 GMT - Sat, 12 Jul 2025 22:33:20 GMT

File type
ASCII text
Size
3.1 kB (3127 bytes)
Hash
e04e39169f21980bebe0aabc7c610773
201b74bb79bfeeaaf767b8b1b140921ec7711e83
cb695aeff3e288d9f8788dfac988498e140fb202ff122b59c91cdc8ca165c8ad

HTTP Headers

GET /sb/notifications/sweep/default/windows-new/2/css/style.css HTTP/1.1
Host: cdn.creative-stat1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nativebookpdf.com
DNT: 1
Connection: keep-alive
Referer: https://nativebookpdf.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Jun 2025 07:10:04 GMT
content-type: text/css
server: cloudflare
last-modified: Fri, 19 Jan 2024 14:20:58 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
etag: W/"65aa854a-c37"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
cf-cache-status: MISS
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=51pArolN0GKUFJiJf3v%2B1vEsdoI1nrca4rUH4y26s3T4jk0pBul8MNUEGl2iiazoUXG%2FucgsLR7T9%2BhvHRMOpLFApzJK7CsNsdKV7m7A4gtq79kS"}]}
cf-ray: 949521005e3bb527-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET praystakeinstinct.com/watch.589199063047.js?dev=e&key=51ff4182c7dc364cf35db1076f415e7c&kw=%5B%22breakthrough%22%2C%22advertising%22%5D&pst=1748848263&rb=&refer=https%3A%2F%2Fnativebookpdf.com%2Fdownload%2F4940626-Breakthrough%2520Advertising&res=14.3095&rmtc=t&shu=0343dbd377b562f39a403a8259bcbe7d8291a90ab7920d964fb28e48e451e14b8b552a07708c3c80b60d5d855e0379663a9e96938e09d07a85a8ba82d5dd318b46ceebf8ff5eb56793d21c4c6f141adc8362e29f1bf1d66aac19&tz=0&uuid=55551621-c3b2-44a1-a025-3ceee4aec45f%3A3%3A1

192.243.59.12

200 OK

5.0 kB

URL GET
praystakeinstinct.com/watch.589199063047.js?dev=e&key=51ff4182c7dc364cf35db1076f415e7c&kw=%5B%22breakthrough%22%2C%22advertising%22%5D&pst=1748848263&rb=&refer=https%3A%2F%2Fnativebookpdf.com%2Fdownload%2F4940626-Breakthrough%2520Advertising&res=14.3095&rmtc=t&shu=0343dbd377b562f39a403a8259bcbe7d8291a90ab7920d964fb28e48e451e14b8b552a07708c3c80b60d5d855e0379663a9e96938e09d07a85a8ba82d5dd318b46ceebf8ff5eb56793d21c4c6f141adc8362e29f1bf1d66aac19&tz=0&uuid=55551621-c3b2-44a1-a025-3ceee4aec45f%3A3%3A1
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://nativebookpdf.com/download/4940626-Breakthrough%20Advertising
Certificate
IssuerLet's Encrypt
Subjectpraystakeinstinct.com
FingerprintEB:32:11:47:9B:33:13:C9:D7:C7:F1:D3:1F:81:A6:05:E1:9D:89:CC
ValidityTue, 29 Apr 2025 22:08:44 GMT - Mon, 28 Jul 2025 22:08:43 GMT

File type
JavaScript source, ASCII text, with very long lines (4100)
Size
5.0 kB (4976 bytes)
Hash
1d9e18110e881a5fd30d24bd1892565f
35a29437807f4461a62df0c1226daef3d0a53d5e
4f2e533a6cd1b886c04968f80bb3517730b65c7562195e0056131d0cd4cd7242

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.589199063047.js?dev=e&key=51ff4182c7dc364cf35db1076f415e7c&kw=%5B%22breakthrough%22%2C%22advertising%22%5D&pst=1748848263&rb=&refer=https%3A%2F%2Fnativebookpdf.com%2Fdownload%2F4940626-Breakthrough%2520Advertising&res=14.3095&rmtc=t&shu=0343dbd377b562f39a403a8259bcbe7d8291a90ab7920d964fb28e48e451e14b8b552a07708c3c80b60d5d855e0379663a9e96938e09d07a85a8ba82d5dd318b46ceebf8ff5eb56793d21c4c6f141adc8362e29f1bf1d66aac19&tz=0&uuid=55551621-c3b2-44a1-a025-3ceee4aec45f%3A3%3A1 HTTP/1.1
Host: praystakeinstinct.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nativebookpdf.com
Referer: https://nativebookpdf.com/
DNT: 1
Connection: keep-alive
Cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyNDI1MDM0NywiayI6IjUxZmY0MTgyYzdkYzM2NGNmMzVkYjEwNzZmNDE1ZTdjIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MTkzNTg3LCJwaWQiOjIwMDYzMDEsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MjcsImFpZCI6NSwicHQiOjQsInBrIjoiZmZldGM0Mno1IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjI2NjU2MTExNSwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEzNjkyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMzQuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL25hdGl2ZWJvb2twZGYuY29tL2Rvd25sb2FkLzQ5NDA2MjYtQnJlYWt0aHJvdWdoJTIwQWR2ZXJ0aXNpbmciLCJhciI6W119fQ.zvbqSKMTfCiQQlC2-9DrOc3E6GW3awS3c3MJxotPVBE
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 02 Jun 2025 07:10:03 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://nativebookpdf.com
Access-Control-Allow-Origin: https://nativebookpdf.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=55551621-c3b2-44a1-a025-3ceee4aec45f:3:1; expires=Mon, 09 Jun 2025 07:10:03 GMT; path=/; secure; SameSite=None
pdhtkv=true; expires=Tue, 03 Jun 2025 07:10:03 GMT; path=/; secure; SameSite=None
uncs=1; expires=Tue, 03 Jun 2025 07:10:03 GMT; path=/; secure; SameSite=None
pdhtkv5=true; expires=Tue, 03 Jun 2025 07:10:03 GMT; path=/; secure; SameSite=None
uncs5=1; expires=Tue, 03 Jun 2025 07:10:03 GMT; path=/; secure; SameSite=None
u_pl24250347=1; expires=Tue, 03 Jun 2025 07:10:03 GMT; path=/; secure; SameSite=None
Host: praystakeinstinct.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: d27e4b3836862603624a60634e893cc2
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

GET nativebookpdf.com/img/49852_593864739_9595_q.jpg

104.21.64.1

200 OK

2.5 kB

URL GET
nativebookpdf.com/img/49852_593864739_9595_q.jpg
IP
104.21.64.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nativebookpdf.com/download/4940626-Breakthrough%20Advertising
Certificate
IssuerGoogle Trust Services
Subjectnativebookpdf.com
FingerprintDE:78:64:01:0A:B6:F7:64:CD:E5:F1:90:EF:35:AA:D4:B5:3E:58:E2
ValidityMon, 05 May 2025 09:40:52 GMT - Sun, 03 Aug 2025 10:39:32 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 95", baseline, precision 8, 50x50, components 3
Size
2.5 kB (2512 bytes)
Hash
b6c2a27b69a031be02c8e7b30390e800
bbe34add27ed02798c0ce633f741f1db4bcd146d
b7e37fb6454c5f2dbd3973f5ccefde03a57e5347ec2501d7cd495dbaf0de6a2f

HTTP Headers

GET /img/49852_593864739_9595_q.jpg HTTP/1.1
Host: nativebookpdf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nativebookpdf.com/download/4940626-Breakthrough%20Advertising
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Jun 2025 07:10:01 GMT
content-type: image/jpeg
content-length: 2512
server: cloudflare
last-modified: Fri, 07 Mar 2025 09:50:21 GMT
etag: "9d0-62fbd8d0baa5c"
accept-ranges: bytes
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=HnomMFuk3AanLxm7kHxtjZt6qaJRKOsGgXJaiLteEuF66xvb345HYCQefVguErnRchtUPTK2wpiBsq%2Bi4va0r2nUqUGzsNF9%2Bb%2FF7Iu1Fw%3D%3D"}]}
cache-control: max-age=14400
cf-cache-status: REVALIDATED
vary: accept-encoding
cf-ray: 949520ea8af6569c-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET cdn.storageimagedisplay.com/cti/80/c6/99/80c6995878998246b6018519748dc7cd/1708270668.jpg

45.133.44.1

200 OK

79 kB

URL GET
cdn.storageimagedisplay.com/cti/80/c6/99/80c6995878998246b6018519748dc7cd/1708270668.jpg
IP
45.133.44.1:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://nativebookpdf.com/download/4940626-Breakthrough%20Advertising
Certificate
IssuerLet's Encrypt
Subjectcdn.storageimagedisplay.com
Fingerprint7C:BD:B0:48:37:0F:A4:22:46:5F:09:F9:77:FA:07:FF:25:25:52:76
ValiditySun, 11 May 2025 02:32:51 GMT - Sat, 09 Aug 2025 02:32:50 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 24.5 (Windows), datetime=2024:02:18 14:58:01], progressive, precision 8, 728x90, components 3
Size
79 kB (79356 bytes)
Hash
55ed59e5d7a388b1e733a86d7b654fa4
b3316451e0932734d60d343bb2c3939d5dd3d983
805f37a36d50e7437b87cc31eb8287395f62034b1ba796285c73fd669f74cc4e

HTTP Headers

GET /cti/80/c6/99/80c6995878998246b6018519748dc7cd/1708270668.jpg HTTP/1.1
Host: cdn.storageimagedisplay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Jun 2025 07:10:03 GMT
content-type: image/jpeg
content-length: 79356
server: nginx/1.21.6
last-modified: Sun, 18 Feb 2024 15:37:56 GMT
etag: "65d22454-135fc"
expires: Wed, 04 Jun 2025 07:10:03 GMT
cache-control: max-age=172800
x-cdn-host-id: ah0543
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

GET cdn.storageimagedisplay.com/cti/ae/09/15/ae091566169ead24f2b4f862acae14a2/1708270725.jpg

45.133.44.1

200 OK

84 kB

URL GET
cdn.storageimagedisplay.com/cti/ae/09/15/ae091566169ead24f2b4f862acae14a2/1708270725.jpg
IP
45.133.44.1:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://nativebookpdf.com/download/4940626-Breakthrough%20Advertising
Certificate
IssuerLet's Encrypt
Subjectcdn.storageimagedisplay.com
Fingerprint7C:BD:B0:48:37:0F:A4:22:46:5F:09:F9:77:FA:07:FF:25:25:52:76
ValiditySun, 11 May 2025 02:32:51 GMT - Sat, 09 Aug 2025 02:32:50 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 24.5 (Windows), datetime=2024:02:18 15:12:59], progressive, precision 8, 728x90, components 3
Size
84 kB (83690 bytes)
Hash
523a9ba7f13699c55d98f8c764909a9e
5506a83327ba766df386900cda294fcd55a9d90d
d313ebf7dc6f6ad0adb6a9547b2c3bb061a0e79573a2bd43e30b20634db4f336

HTTP Headers

GET /cti/ae/09/15/ae091566169ead24f2b4f862acae14a2/1708270725.jpg HTTP/1.1
Host: cdn.storageimagedisplay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Jun 2025 07:10:03 GMT
content-type: image/jpeg
content-length: 83690
server: nginx/1.21.6
last-modified: Sun, 18 Feb 2024 15:38:53 GMT
etag: "65d2248d-146ea"
expires: Wed, 04 Jun 2025 07:10:03 GMT
cache-control: max-age=172800
x-cdn-host-id: ah0543
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

GET invadedisheartentrail.com/pixel/purst?dl=0&th=0&sc=0&rs=1976&rd=1976&fd=556&bv=25.5.2579&tmpl=70

192.243.61.225

200 OK

0 B

URL GET
invadedisheartentrail.com/pixel/purst?dl=0&th=0&sc=0&rs=1976&rd=1976&fd=556&bv=25.5.2579&tmpl=70
IP
192.243.61.225:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://nativebookpdf.com/download/4940626-Breakthrough%20Advertising
Certificate
IssuerLet's Encrypt
Subjectinvadedisheartentrail.com
Fingerprint95:61:8E:B5:87:C3:51:FF:61:D7:15:A0:D3:84:2F:F7:62:3D:AF:A5
ValidityTue, 29 Apr 2025 21:47:10 GMT - Mon, 28 Jul 2025 21:47:09 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/purst?dl=0&th=0&sc=0&rs=1976&rd=1976&fd=556&bv=25.5.2579&tmpl=70 HTTP/1.1
Host: invadedisheartentrail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nativebookpdf.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 02 Jun 2025 07:10:03 GMT
Content-Length: 0
Connection: keep-alive
Host: invadedisheartentrail.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

GET cdn.creative-stat1.com/sb/notifications/sweep/default/windows-new/2/css/animate.css

188.114.97.1

200 OK

79 kB

URL GET
cdn.creative-stat1.com/sb/notifications/sweep/default/windows-new/2/css/animate.css
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nativebookpdf.com/download/4940626-Breakthrough%20Advertising
Certificate
IssuerGoogle Trust Services
Subjectcreative-stat1.com
Fingerprint0B:D7:09:43:6C:42:76:92:3B:8C:0E:15:43:A3:A3:AC:94:B2:C2:CB
ValiditySun, 13 Apr 2025 21:34:38 GMT - Sat, 12 Jul 2025 22:33:20 GMT

File type
ASCII text
Size
79 kB (78689 bytes)
Hash
3d4123dbfb33d27a5cfdfcfa91df6783
e7d0eeeec54b848f0bc3da8685fa3bc88429d660
cb7d1393b65701b2f97d8da244c2c6023e9cbc3463ecb0136b915cfc775c6887

HTTP Headers

GET /sb/notifications/sweep/default/windows-new/2/css/animate.css HTTP/1.1
Host: cdn.creative-stat1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nativebookpdf.com
DNT: 1
Connection: keep-alive
Referer: https://nativebookpdf.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Jun 2025 07:10:05 GMT
content-type: text/css
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
last-modified: Fri, 19 Jan 2024 14:20:58 GMT
etag: W/"65aa854a-13361"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
cf-cache-status: MISS
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=UHzAF0Tc5gP8MhJyYDZFDLPRtkPVN%2B8cH6utGnehOHbH9am6SW7avqa6ujsL%2FYubdznhAY3dkhhi8WuIZlW5Q7Y%2BMHh4TzYUQfBndgsAZJN1lV90"}]}
cf-ray: 949521005e2fb527-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET shotgunchancecruel.com/pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fnotifications%2Fsweep%2Fdefault%2Fwindows-new%2F2%2Fcss%2Fanimate.css&l=78689&fd=599

192.243.61.227

200 OK

0 B

URL GET
shotgunchancecruel.com/pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fnotifications%2Fsweep%2Fdefault%2Fwindows-new%2F2%2Fcss%2Fanimate.css&l=78689&fd=599
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://nativebookpdf.com/download/4940626-Breakthrough%20Advertising
Certificate
IssuerLet's Encrypt
Subjectshotgunchancecruel.com
Fingerprint57:F1:91:12:31:BB:80:19:FF:41:09:D0:8D:7B:40:3F:77:DF:B2:B3
ValiditySun, 20 Apr 2025 02:16:11 GMT - Sat, 19 Jul 2025 02:16:10 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fnotifications%2Fsweep%2Fdefault%2Fwindows-new%2F2%2Fcss%2Fanimate.css&l=78689&fd=599 HTTP/1.1
Host: shotgunchancecruel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nativebookpdf.com/
Cookie: uid_id2=a8d0a1a3-d534-40bd-98ac-2990a7eea5ae:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl26111397=1; slec8063885bd99612ad36eb78b960c7f724=[5967422]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 02 Jun 2025 07:10:05 GMT
Content-Length: 0
Connection: keep-alive
Host: shotgunchancecruel.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

GET balmyrind.com/67afc2b5ae106f3b8e810cf438915392/invoke.js

192.243.59.12

200 OK

27 kB

URL GET
balmyrind.com/67afc2b5ae106f3b8e810cf438915392/invoke.js
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://nativebookpdf.com/download/4940626-Breakthrough%20Advertising
Certificate
IssuerLet's Encrypt
Subjectbalmyrind.com
Fingerprint59:46:06:32:49:23:A4:93:33:FE:B3:1D:DC:9F:6E:45:27:52:94:54
ValiditySat, 19 Apr 2025 21:07:05 GMT - Fri, 18 Jul 2025 21:07:04 GMT

File type
JavaScript source, ASCII text, with very long lines (27435), with no line terminators
Size
27 kB (27435 bytes)
Hash
f42465ac01895c0512f686e02a60d1fa
f22631285a1b721497a27be14a64cac8949485dd
c21e78c13b8379cd35987df51e68ed39d6e1f6692fc8431b36dbfa46fcf56b7a

HTTP Headers

GET /67afc2b5ae106f3b8e810cf438915392/invoke.js HTTP/1.1
Host: balmyrind.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nativebookpdf.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 02 Jun 2025 07:10:02 GMT
Content-Type: application/javascript
Content-Length: 11547
Connection: keep-alive
Content-Encoding: gzip
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: balmyrind.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 5c23c611121d11dd0e72ede064e11426
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET code.jquery.com/jquery-1.12.0.min.js

151.101.2.137

200 OK

97 kB

URL GET
code.jquery.com/jquery-1.12.0.min.js
IP
151.101.2.137:443
ASN
#54113 FASTLY

Requested by
https://nativebookpdf.com/download/4940626-Breakthrough%20Advertising
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintCD:B5:6E:05:85:0C:5A:AE:47:12:80:2A:5B:C6:E5:8F:11:72:E2:B5
ValidityTue, 25 Jun 2024 00:00:00 GMT - Wed, 25 Jun 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (32060)
Size
97 kB (97362 bytes)
Hash
cbb11b58473b2d672f4ed53abbb67336
66f47b885d587aa9a6c453ae3f2c9a382e5c7ec7
5f1ab65fe2ad6b381a1ae036716475bf78c9b2e309528cf22170c1ddeefddcbf

HTTP Headers

GET /jquery-1.12.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nativebookpdf.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-17c52"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 02 Jun 2025 07:10:01 GMT
age: 2241127
x-served-by: cache-lga21956-LGA, cache-hel1410024-HEL
x-cache: HIT, HIT
x-cache-hits: 4, 5509
x-timer: S1748848202.575329,VS0,VE0
vary: Accept-Encoding
content-length: 33820
X-Firefox-Spdy: h2

GET cdn.creative-stat1.com/sb/notifications/sweep/default/windows-new/2/js/jquery.min.js

188.114.97.1

200 OK

84 kB

URL GET
cdn.creative-stat1.com/sb/notifications/sweep/default/windows-new/2/js/jquery.min.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nativebookpdf.com/download/4940626-Breakthrough%20Advertising
Certificate
IssuerGoogle Trust Services
Subjectcreative-stat1.com
Fingerprint0B:D7:09:43:6C:42:76:92:3B:8C:0E:15:43:A3:A3:AC:94:B2:C2:CB
ValiditySun, 13 Apr 2025 21:34:38 GMT - Sat, 12 Jul 2025 22:33:20 GMT

File type
JavaScript source, ASCII text, with very long lines (32025), with CRLF line terminators
Size
84 kB (84384 bytes)
Hash
6326c600df01e3bfb9b40e1aa08176f8
6b4fb754d29b297b539bf62ba9b4eaf0f33f314a
df34524351c5fabc921a89183b5da5667aebd7b9e9a1c52255c76ff722935ea3

HTTP Headers

GET /sb/notifications/sweep/default/windows-new/2/js/jquery.min.js HTTP/1.1
Host: cdn.creative-stat1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Jun 2025 07:10:04 GMT
content-type: application/javascript
server: cloudflare
last-modified: Fri, 19 Jan 2024 14:20:59 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: accept-encoding
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=M%2BQ%2Bly5pQca9fcG1I4iPS6Q%2B7bvvF9l8DUyASD%2Fim7JTcx9Vv6R9GmKCaJhGKyXBvKFTgQwBazNtzARCZNc6amVrF1QHp5JtWeB8swNEZAW4xXTR"}]}
age: 603
cf-cache-status: HIT
etag: W/"65aa854b-149a0"
content-encoding: br
cf-ray: 949521008ebdb527-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET nativebookpdf.com/download/4940626-Breakthrough%20Advertising

104.21.64.1

200 OK

26 kB

URL User Request GET
nativebookpdf.com/download/4940626-Breakthrough%20Advertising
IP
104.21.64.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectnativebookpdf.com
FingerprintDE:78:64:01:0A:B6:F7:64:CD:E5:F1:90:EF:35:AA:D4:B5:3E:58:E2
ValidityMon, 05 May 2025 09:40:52 GMT - Sun, 03 Aug 2025 10:39:32 GMT

File type
HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
26 kB (26328 bytes)
Hash
7e78f224502f2dbf0594ee015751d2b1
4dbcc893341e6c8af82e23c6a2266e2b2164d998
52b86f1d3d2113ac03f25e74cf3958cbbe6863f90f90b5e8d5aca2cd8edce0df

HTTP Headers

GET /download/4940626-Breakthrough%20Advertising HTTP/1.1
Host: nativebookpdf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Jun 2025 07:10:01 GMT
content-type: text/html; charset=UTF-8
server: cloudflare
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=UKAgfyp2YyV13DgIANx3x5G%2B5VYF4HkBETBoSKQrB2MzEOQPPh25V3IH%2BLve0uS%2Bm0ry92LFJoKfPRfD3h4CHFPLUYdHKcZ7YJJ9WYLw1g%3D%3D"}]}
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-encoding: br
cf-ray: 949520e7ae06569c-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET nativebookpdf.com/source/fbfeed.css

104.21.64.1

200 OK

1.6 kB

URL GET
nativebookpdf.com/source/fbfeed.css
IP
104.21.64.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nativebookpdf.com/download/4940626-Breakthrough%20Advertising
Certificate
IssuerGoogle Trust Services
Subjectnativebookpdf.com
FingerprintDE:78:64:01:0A:B6:F7:64:CD:E5:F1:90:EF:35:AA:D4:B5:3E:58:E2
ValidityMon, 05 May 2025 09:40:52 GMT - Sun, 03 Aug 2025 10:39:32 GMT

File type
ASCII text
Size
1.6 kB (1593 bytes)
Hash
4e4aa3f10bd045dd8a110274e1c424ae
3a25879fadb59179782fa8e846a1ff53b35102fd
c5494ef77aea2d6437ca2d9ceb40b8d4af384ed0c2e04f92da3bb8514c5199f7

HTTP Headers

GET /source/fbfeed.css HTTP/1.1
Host: nativebookpdf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nativebookpdf.com/download/4940626-Breakthrough%20Advertising
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Jun 2025 07:10:01 GMT
content-type: text/css
content-length: 581
server: cloudflare
last-modified: Fri, 07 Mar 2025 09:50:22 GMT
etag: "639-62fbd8d0cf282-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: EXPIRED
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=s33InOgdkvp5d54YaP50Kz5aliq90Gf4pdRUuuKOuRo5o32WXo3Lscjmb%2B6UptCZwGUxgS8Ze8KUMutO8Ccu23l%2F6mXUFNI32PebAgR1nA%3D%3D"}]}
cf-ray: 949520ea6ab3569c-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET balmyrind.com/5975c768713903f76e87b8db7dd0be20/invoke.js

192.243.59.12

200 OK

28 kB

URL GET
balmyrind.com/5975c768713903f76e87b8db7dd0be20/invoke.js
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://nativebookpdf.com/download/4940626-Breakthrough%20Advertising
Certificate
IssuerLet's Encrypt
Subjectbalmyrind.com
Fingerprint59:46:06:32:49:23:A4:93:33:FE:B3:1D:DC:9F:6E:45:27:52:94:54
ValiditySat, 19 Apr 2025 21:07:05 GMT - Fri, 18 Jul 2025 21:07:04 GMT

File type
JavaScript source, ASCII text, with very long lines (27451), with no line terminators
Size
28 kB (27451 bytes)
Hash
9b88ac5753154fece24c2ac75843b546
0b61e9b5869302a7e7ef01e767bfe3ddf09412f8
13b97972df88f9502e7e40b1bb27021a1bd9137b0368dd878095119b691faeeb

HTTP Headers

GET /5975c768713903f76e87b8db7dd0be20/invoke.js HTTP/1.1
Host: balmyrind.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nativebookpdf.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 02 Jun 2025 07:10:02 GMT
Content-Type: application/javascript
Content-Length: 11571
Connection: keep-alive
Content-Encoding: gzip
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: balmyrind.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: d08dbe7d13d1a7ac52f4882db43a552a
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET invadedisheartentrail.com/watch.1506143486934.js?dev=e&key=67afc2b5ae106f3b8e810cf438915392&kw=%5B%22breakthrough%22%2C%22advertising%22%5D&pst=1748848263&rb=&refer=https%3A%2F%2Fnativebookpdf.com%2Fdownload%2F4940626-Breakthrough%2520Advertising&res=14.3095&rmtc=t&shu=827d85e80fbd9b0a91083ce259d30fde6ab1f4d518875f210c24de91cc424745f99ea8e14fab766259e39a4656c98f2bd21a1a3bb0cc18cea9111244bd7cd055e4ad0f726e892bb9223e3155c422bb1de861292808fc5f5844b0&tz=0&uuid=5a503d6f-e327-48bd-9c59-f002d3799a6c%3A1%3A1

192.243.61.225

200 OK

4.9 kB

URL GET
invadedisheartentrail.com/watch.1506143486934.js?dev=e&key=67afc2b5ae106f3b8e810cf438915392&kw=%5B%22breakthrough%22%2C%22advertising%22%5D&pst=1748848263&rb=&refer=https%3A%2F%2Fnativebookpdf.com%2Fdownload%2F4940626-Breakthrough%2520Advertising&res=14.3095&rmtc=t&shu=827d85e80fbd9b0a91083ce259d30fde6ab1f4d518875f210c24de91cc424745f99ea8e14fab766259e39a4656c98f2bd21a1a3bb0cc18cea9111244bd7cd055e4ad0f726e892bb9223e3155c422bb1de861292808fc5f5844b0&tz=0&uuid=5a503d6f-e327-48bd-9c59-f002d3799a6c%3A1%3A1
IP
192.243.61.225:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://nativebookpdf.com/download/4940626-Breakthrough%20Advertising
Certificate
IssuerLet's Encrypt
Subjectinvadedisheartentrail.com
Fingerprint95:61:8E:B5:87:C3:51:FF:61:D7:15:A0:D3:84:2F:F7:62:3D:AF:A5
ValidityTue, 29 Apr 2025 21:47:10 GMT - Mon, 28 Jul 2025 21:47:09 GMT

File type
JavaScript source, ASCII text, with very long lines (4036)
Size
4.9 kB (4912 bytes)
Hash
ce1aa46f8e386b3c436a78cc292f7bdf
c7078e37a84db6b8ea0fb696256cef3a744df412
e33564c429ce85a4776dd9c6f6bb3781c786d38f0423a12454946d3ef3988ff3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.1506143486934.js?dev=e&key=67afc2b5ae106f3b8e810cf438915392&kw=%5B%22breakthrough%22%2C%22advertising%22%5D&pst=1748848263&rb=&refer=https%3A%2F%2Fnativebookpdf.com%2Fdownload%2F4940626-Breakthrough%2520Advertising&res=14.3095&rmtc=t&shu=827d85e80fbd9b0a91083ce259d30fde6ab1f4d518875f210c24de91cc424745f99ea8e14fab766259e39a4656c98f2bd21a1a3bb0cc18cea9111244bd7cd055e4ad0f726e892bb9223e3155c422bb1de861292808fc5f5844b0&tz=0&uuid=5a503d6f-e327-48bd-9c59-f002d3799a6c%3A1%3A1 HTTP/1.1
Host: invadedisheartentrail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nativebookpdf.com
Referer: https://nativebookpdf.com/
DNT: 1
Connection: keep-alive
Cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMzgxNzMxNCwiayI6IjY3YWZjMmI1YWUxMDZmM2I4ZTgxMGNmNDM4OTE1MzkyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQzOTY1LCJwaWQiOjIwMDYzMDEsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MjcsImFpZCI6NSwicHQiOjQsInBrIjoia2c2ZXo4Z2Z6dyIsImNwa3MiOnsiMjgiOiIxMDA5ZjkxYzQ0Y2Y4ODU5OTViMmRkNDM4ZWUwZmY3NiJ9LCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vbmF0aXZlYm9va3BkZi5jb20vZG93bmxvYWQvNDk0MDYyNi1CcmVha3Rocm91Z2glMjBBZHZlcnRpc2luZyIsImFyIjpbXX19.VnI_ce-eKgGyuxi16JrKoQbGzKoVAGhwv8KeVXjcLDA
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 02 Jun 2025 07:10:03 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://nativebookpdf.com
Access-Control-Allow-Origin: https://nativebookpdf.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=5a503d6f-e327-48bd-9c59-f002d3799a6c:1:1; expires=Mon, 09 Jun 2025 07:10:03 GMT; path=/; secure; SameSite=None
pdhtkv=true; expires=Tue, 03 Jun 2025 07:10:03 GMT; path=/; secure; SameSite=None
uncs=1; expires=Tue, 03 Jun 2025 07:10:03 GMT; path=/; secure; SameSite=None
pdhtkv5=true; expires=Tue, 03 Jun 2025 07:10:03 GMT; path=/; secure; SameSite=None
uncs5=1; expires=Tue, 03 Jun 2025 07:10:03 GMT; path=/; secure; SameSite=None
u_pl23817314=1; expires=Tue, 03 Jun 2025 07:10:03 GMT; path=/; secure; SameSite=None
Host: invadedisheartentrail.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: acffaf2e52e7a9c079b0e34f8a9112ed
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

GET cdn.creative-stat1.com/sb/notifications/sweep/default/windows-new/2/js/script.js

188.114.97.1

200 OK

7.8 kB

URL GET
cdn.creative-stat1.com/sb/notifications/sweep/default/windows-new/2/js/script.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nativebookpdf.com/download/4940626-Breakthrough%20Advertising
Certificate
IssuerGoogle Trust Services
Subjectcreative-stat1.com
Fingerprint0B:D7:09:43:6C:42:76:92:3B:8C:0E:15:43:A3:A3:AC:94:B2:C2:CB
ValiditySun, 13 Apr 2025 21:34:38 GMT - Sat, 12 Jul 2025 22:33:20 GMT

File type
Unicode text, UTF-8 text
Size
7.8 kB (7814 bytes)
Hash
6d9a0d0eae854fceafc6ec40e4b594a3
0811fc4a3e71334629d37d780d1144d878e4ce7a
7b76b6949d49772cb4b4b538ea8925fae18a76e493db699c6e44cf3bd9c92d69

HTTP Headers

GET /sb/notifications/sweep/default/windows-new/2/js/script.js HTTP/1.1
Host: cdn.creative-stat1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nativebookpdf.com
DNT: 1
Connection: keep-alive
Referer: https://nativebookpdf.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Jun 2025 07:10:05 GMT
content-type: application/javascript
server: cloudflare
last-modified: Fri, 19 Jan 2024 14:20:59 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: accept-encoding
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=H%2FfmSJJL2EkD3supmtv3Qfq9vT1Jvi6DaYQjSeHXOJe7130%2BiAJQOeRetU%2FmMeA%2BtOjLzAw4azTx%2F3mzwObeDw9A6lcj7a4olb0pUIWoIiylHRCj"}]}
cf-cache-status: MISS
etag: W/"65aa854b-1e86"
content-encoding: br
cf-ray: 94952101d89eb527-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET shotgunchancecruel.com/pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fnotifications%2Fsweep%2Fdefault%2Fwindows-new%2F2%2Fcss%2Fstyle.css&l=3127&fd=237

192.243.61.227

200 OK

0 B

URL GET
shotgunchancecruel.com/pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fnotifications%2Fsweep%2Fdefault%2Fwindows-new%2F2%2Fcss%2Fstyle.css&l=3127&fd=237
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://nativebookpdf.com/download/4940626-Breakthrough%20Advertising
Certificate
IssuerLet's Encrypt
Subjectshotgunchancecruel.com
Fingerprint57:F1:91:12:31:BB:80:19:FF:41:09:D0:8D:7B:40:3F:77:DF:B2:B3
ValiditySun, 20 Apr 2025 02:16:11 GMT - Sat, 19 Jul 2025 02:16:10 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fnotifications%2Fsweep%2Fdefault%2Fwindows-new%2F2%2Fcss%2Fstyle.css&l=3127&fd=237 HTTP/1.1
Host: shotgunchancecruel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nativebookpdf.com/
Cookie: uid_id2=a8d0a1a3-d534-40bd-98ac-2990a7eea5ae:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl26111397=1; slec8063885bd99612ad36eb78b960c7f724=[5967422]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 02 Jun 2025 07:10:05 GMT
Content-Length: 0
Connection: keep-alive
Host: shotgunchancecruel.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

GET stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

104.18.10.207

200 OK

31 kB

URL GET
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP
104.18.10.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nativebookpdf.com/download/4940626-Breakthrough%20Advertising
Certificate
IssuerGoogle Trust Services
Subjectbootstrapcdn.com
Fingerprint73:3E:54:5A:E7:0A:B5:3C:11:79:4A:9F:FE:64:7B:38:B7:15:03:C0
ValidityWed, 14 May 2025 02:01:13 GMT - Tue, 12 Aug 2025 03:00:50 GMT

File type
ASCII text, with very long lines (30837)
Size
31 kB (31000 bytes)
Hash
269550530cc127b6aa5a35925a7de6ce
512c7d79033e3028a9be61b540cf1a6870c896f8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

HTTP Headers

GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nativebookpdf.com
DNT: 1
Connection: keep-alive
Referer: https://nativebookpdf.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Jun 2025 07:10:01 GMT
content-type: text/css; charset=utf-8
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31919000
content-encoding: br
etag: "269550530cc127b6aa5a35925a7de6ce"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 02/26/2025 14:41:39
cdn-proxyver: 1.19
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1078
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requesttime: 0
cdn-requestid: 32f7ebcdf08d445ccaf7074e614a5c87
cdn-cache: HIT
cf-cache-status: HIT
age: 237523
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 949520eaefab5684-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET nativebookpdf.com/source/rewards.png

104.21.64.1

200 OK

97 kB

URL GET
nativebookpdf.com/source/rewards.png
IP
104.21.64.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nativebookpdf.com/download/4940626-Breakthrough%20Advertising
Certificate
IssuerGoogle Trust Services
Subjectnativebookpdf.com
FingerprintDE:78:64:01:0A:B6:F7:64:CD:E5:F1:90:EF:35:AA:D4:B5:3E:58:E2
ValidityMon, 05 May 2025 09:40:52 GMT - Sun, 03 Aug 2025 10:39:32 GMT

File type
PNG image data, 945 x 190, 8-bit/color RGBA, non-interlaced
Size
97 kB (96902 bytes)
Hash
b862c503e9a58746ca93034cdfa90de9
f85768daba18a02decbe3eff764b6a0b97d2e6c4
d9931390c46d53d856aedf3d4663fe37bf81ae11e97e871c4da311f283a6dc61

HTTP Headers

GET /source/rewards.png HTTP/1.1
Host: nativebookpdf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nativebookpdf.com/download/4940626-Breakthrough%20Advertising
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Jun 2025 07:10:01 GMT
content-type: image/png
content-length: 96902
server: cloudflare
last-modified: Fri, 07 Mar 2025 09:50:22 GMT
etag: "17a86-62fbd8d0cf282"
accept-ranges: bytes
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=K2N3Z4yqcjMHiR4cyXY7aSjsJnJseLY%2BGQsLqGxPY%2BDkZzK36gPOxLDwEDycDONKh7T5DdxiA4%2B6yfPA7hG%2BdIbk8dfmttwHvWjBDgrx5g%3D%3D"}]}
cache-control: max-age=14400
cf-cache-status: REVALIDATED
vary: accept-encoding
cf-ray: 949520ea7acc569c-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET nativebookpdf.com/img/sprite.png

104.21.64.1

200 OK

25 kB

URL GET
nativebookpdf.com/img/sprite.png
IP
104.21.64.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nativebookpdf.com/download/4940626-Breakthrough%20Advertising
Certificate
IssuerGoogle Trust Services
Subjectnativebookpdf.com
FingerprintDE:78:64:01:0A:B6:F7:64:CD:E5:F1:90:EF:35:AA:D4:B5:3E:58:E2
ValidityMon, 05 May 2025 09:40:52 GMT - Sun, 03 Aug 2025 10:39:32 GMT

File type
HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
25 kB (25113 bytes)
Hash
a2e53ba6baadd744353af8a1a74a0b1d
99f772aaf13592d7135ed14cda7a34a2b69c6a57
f7b04ac9e5acd1f9d66e2ec63acd04de939547abd7c6a157882f20767bd73b23

HTTP Headers

GET /img/sprite.png HTTP/1.1
Host: nativebookpdf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nativebookpdf.com/source/fbfeed.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 02 Jun 2025 07:10:02 GMT
content-type: text/html; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U9%2BFQsDXIOqimp26j4v2eUmPsDCPJ5zBRDPQYH2ZDFsTBjAuy80jy4GAvagPw4yNZlkkto9hPaGRYPetyjt3m6se5dY13K4OzwY1IJTGijz3R9EtVvmJfhZcSE%2BkTJTBAQhTFg%3D%3D"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
last-modified: Mon, 02 Jun 2025 07:10:02 GMT
content-encoding: br
cf-ray: 949520f16e210b02-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4169&min_rtt=1138&rtt_var=2715&sent=187&recv=69&lost=0&retrans=0&sent_bytes=179345&recv_bytes=4595&delivery_rate=29708908&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=96000&unsent_bytes=0&cid=cd75a04f93513728&ts=1573&x=80"

GET shotgunchancecruel.com/impr.gif?sid=H4sIAAAAAAAC_1RSz4scVRd9NZPV90HEIG5CpBcuFJyeqq7qH2WIwRgjwXESk8gssnr13que57yqV3mvqqunNw4OhKyk3Ygboeb0TAZjEAW3AelxNyDYrmaR2fgPCEJwKd3T0HoX995T5xace-57uFeckgAFPbn9kR5Ipehqs-7W3tiQKdelra3fq3lu3b1c25BpK7hc60-T6b3t-UHdfbP2gWBberXheq7ruV7thjQi1v3VGQuZPQ29eujWg0bdawbom_9iWziw1AHvnZILkHzy0h_xfUg2Rpr8cF3YrVxnb72fFIrm2qDHDz9Jt1JdpkgWbWwcxOnhfBraTgj5egk6PZxvAN3bn26ASE7I0qvPEaWHc5mIegdnSiMFkSLi_0fZG0OoMSQdg-ldSP4bARjH-i2kyeN1bUq6fcbSKTsh5178BVlOyLnnryBNvr-mZL92V6silzq16McVZH8M2R0jK46QD5YgyyOw_HNI_itZfbGGNNm_ZZWG5Cev0w53qUf9Fd70g5XAjfhK2KFspRGGLm0LQZtUzCyS8RhKDEHtMgrroJAOithBkTlI-EktcDsB86jfikPO2m5Ag4CLyA07DdelIWujYFP9Q-TZEEwNwcwOMrODLTmEKX6G3axg-RJsPiHOxzvo8QqlICgtQUkJSklQ5gRlrzrgyjZs9ZgrW0TevDbm1a9GOu_u0QOdd0VKQM0Qhlf7Mntgd8Hy5dEgtnykp4lGeTWiEa_2slPy8tRe54vkAFvipNZxW36n04x4GLa8BuV-S0TtThS2XNaO240AVlaQdgnUOhjICbny0zNkckJe--YSInoEq47A5EXQ4hJoWYFuVhikTyJh8wd1mcYaXFfI8nPIt509dUouzs57__w7EOz46p9kFmCmQmYqfCp_IeiqR6M7uiT7d3RpyY-3slwmckCnp7-b01wsP_lQbJfa8JvX7fDbd9mUmLZP7wmbr9GUy7RryXfXJOfC3NCGCfLspt0Q0e3Cbl4rTFpka7ffu3EzyYywVup0DCon5H_8MzA5IRf-Pj971v7DryDNGKaokBTHZB6Q-ggs24HNFvqtJjBqMRNlDsqiGplGtPioJIESC0yjCvZfOFr0I0Onf1NZ7dlH6BoHNN9FmlTomQo9VYGqIWyxPMozc3z1d38WiJQzipRx9iNl1JdnNlt5Uot90WCu22m3PL8TC88POIubnSDkLer6vkBuJ5tX1tf-CQAA__9HvsauuAQAAA==

192.243.61.227

200 OK

0 B

URL GET
shotgunchancecruel.com/impr.gif?sid=H4sIAAAAAAAC_1RSz4scVRd9NZPV90HEIG5CpBcuFJyeqq7qH2WIwRgjwXESk8gssnr13que57yqV3mvqqunNw4OhKyk3Ygboeb0TAZjEAW3AelxNyDYrmaR2fgPCEJwKd3T0HoX995T5xace-57uFeckgAFPbn9kR5Ipehqs-7W3tiQKdelra3fq3lu3b1c25BpK7hc60-T6b3t-UHdfbP2gWBberXheq7ruV7thjQi1v3VGQuZPQ29eujWg0bdawbom_9iWziw1AHvnZILkHzy0h_xfUg2Rpr8cF3YrVxnb72fFIrm2qDHDz9Jt1JdpkgWbWwcxOnhfBraTgj5egk6PZxvAN3bn26ASE7I0qvPEaWHc5mIegdnSiMFkSLi_0fZG0OoMSQdg-ldSP4bARjH-i2kyeN1bUq6fcbSKTsh5178BVlOyLnnryBNvr-mZL92V6silzq16McVZH8M2R0jK46QD5YgyyOw_HNI_itZfbGGNNm_ZZWG5Cev0w53qUf9Fd70g5XAjfhK2KFspRGGLm0LQZtUzCyS8RhKDEHtMgrroJAOithBkTlI-EktcDsB86jfikPO2m5Ag4CLyA07DdelIWujYFP9Q-TZEEwNwcwOMrODLTmEKX6G3axg-RJsPiHOxzvo8QqlICgtQUkJSklQ5gRlrzrgyjZs9ZgrW0TevDbm1a9GOu_u0QOdd0VKQM0Qhlf7Mntgd8Hy5dEgtnykp4lGeTWiEa_2slPy8tRe54vkAFvipNZxW36n04x4GLa8BuV-S0TtThS2XNaO240AVlaQdgnUOhjICbny0zNkckJe--YSInoEq47A5EXQ4hJoWYFuVhikTyJh8wd1mcYaXFfI8nPIt509dUouzs57__w7EOz46p9kFmCmQmYqfCp_IeiqR6M7uiT7d3RpyY-3slwmckCnp7-b01wsP_lQbJfa8JvX7fDbd9mUmLZP7wmbr9GUy7RryXfXJOfC3NCGCfLspt0Q0e3Cbl4rTFpka7ffu3EzyYywVup0DCon5H_8MzA5IRf-Pj971v7DryDNGKaokBTHZB6Q-ggs24HNFvqtJjBqMRNlDsqiGplGtPioJIESC0yjCvZfOFr0I0Onf1NZ7dlH6BoHNN9FmlTomQo9VYGqIWyxPMozc3z1d38WiJQzipRx9iNl1JdnNlt5Uot90WCu22m3PL8TC88POIubnSDkLer6vkBuJ5tX1tf-CQAA__9HvsauuAQAAA==
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://nativebookpdf.com/download/4940626-Breakthrough%20Advertising
Certificate
IssuerLet's Encrypt
Subjectshotgunchancecruel.com
Fingerprint57:F1:91:12:31:BB:80:19:FF:41:09:D0:8D:7B:40:3F:77:DF:B2:B3
ValiditySun, 20 Apr 2025 02:16:11 GMT - Sat, 19 Jul 2025 02:16:10 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /impr.gif?sid=H4sIAAAAAAAC_1RSz4scVRd9NZPV90HEIG5CpBcuFJyeqq7qH2WIwRgjwXESk8gssnr13que57yqV3mvqqunNw4OhKyk3Ygboeb0TAZjEAW3AelxNyDYrmaR2fgPCEJwKd3T0HoX995T5xace-57uFeckgAFPbn9kR5Ipehqs-7W3tiQKdelra3fq3lu3b1c25BpK7hc60-T6b3t-UHdfbP2gWBberXheq7ruV7thjQi1v3VGQuZPQ29eujWg0bdawbom_9iWziw1AHvnZILkHzy0h_xfUg2Rpr8cF3YrVxnb72fFIrm2qDHDz9Jt1JdpkgWbWwcxOnhfBraTgj5egk6PZxvAN3bn26ASE7I0qvPEaWHc5mIegdnSiMFkSLi_0fZG0OoMSQdg-ldSP4bARjH-i2kyeN1bUq6fcbSKTsh5178BVlOyLnnryBNvr-mZL92V6silzq16McVZH8M2R0jK46QD5YgyyOw_HNI_itZfbGGNNm_ZZWG5Cev0w53qUf9Fd70g5XAjfhK2KFspRGGLm0LQZtUzCyS8RhKDEHtMgrroJAOithBkTlI-EktcDsB86jfikPO2m5Ag4CLyA07DdelIWujYFP9Q-TZEEwNwcwOMrODLTmEKX6G3axg-RJsPiHOxzvo8QqlICgtQUkJSklQ5gRlrzrgyjZs9ZgrW0TevDbm1a9GOu_u0QOdd0VKQM0Qhlf7Mntgd8Hy5dEgtnykp4lGeTWiEa_2slPy8tRe54vkAFvipNZxW36n04x4GLa8BuV-S0TtThS2XNaO240AVlaQdgnUOhjICbny0zNkckJe--YSInoEq47A5EXQ4hJoWYFuVhikTyJh8wd1mcYaXFfI8nPIt509dUouzs57__w7EOz46p9kFmCmQmYqfCp_IeiqR6M7uiT7d3RpyY-3slwmckCnp7-b01wsP_lQbJfa8JvX7fDbd9mUmLZP7wmbr9GUy7RryXfXJOfC3NCGCfLspt0Q0e3Cbl4rTFpka7ffu3EzyYywVup0DCon5H_8MzA5IRf-Pj971v7DryDNGKaokBTHZB6Q-ggs24HNFvqtJjBqMRNlDsqiGplGtPioJIESC0yjCvZfOFr0I0Onf1NZ7dlH6BoHNN9FmlTomQo9VYGqIWyxPMozc3z1d38WiJQzipRx9iNl1JdnNlt5Uot90WCu22m3PL8TC88POIubnSDkLer6vkBuJ5tX1tf-CQAA__9HvsauuAQAAA== HTTP/1.1
Host: shotgunchancecruel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nativebookpdf.com/
Cookie: uid_id2=a8d0a1a3-d534-40bd-98ac-2990a7eea5ae:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl26111397=1; slec8063885bd99612ad36eb78b960c7f724=[5967422]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 02 Jun 2025 07:10:05 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: shotgunchancecruel.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: aaeef68f1684836c7e294f8fd0dec550
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET recordedthereby.com/sfp.js

185.196.197.71

200 OK

85 kB

URL GET
recordedthereby.com/sfp.js
IP
185.196.197.71:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://nativebookpdf.com/download/4940626-Breakthrough%20Advertising
Certificate
IssuerLet's Encrypt
Subjectrecordedthereby.com
Fingerprint43:76:D8:56:43:66:8A:49:51:DC:E6:8E:5A:E9:35:93:29:07:37:C1
ValidityMon, 05 May 2025 21:20:39 GMT - Sun, 03 Aug 2025 21:20:38 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size
85 kB (85380 bytes)
Hash
108625937affa4b38bb17cea65510d72
2c0f48e9efa3fb5554d1fa393b28d74d5339f9ee
c84263fcf6b091998dd37f5f600b3bfea92ac1d31cbf9631bb87fa411124a9e0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sfp.js HTTP/1.1
Host: recordedthereby.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nativebookpdf.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 02 Jun 2025 07:10:03 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 28255
Connection: keep-alive
Content-Encoding: gzip
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Host: recordedthereby.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: d4c09d62d2b4f014d30637e63111290d
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap

142.250.74.10

200 OK

17 kB

URL GET
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP
142.250.74.10:443
ASN
#15169 GOOGLE

Requested by
https://nativebookpdf.com/download/4940626-Breakthrough%20Advertising
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint1C:09:46:89:AD:F3:B6:3E:B4:89:F7:49:AC:15:E7:4E:A6:D2:AA:73
ValidityMon, 12 May 2025 08:44:01 GMT - Mon, 04 Aug 2025 08:44:00 GMT

File type
ASCII text, with very long lines (1572)
Size
17 kB (16755 bytes)
Hash
079d175a37af415fe31b05b4ee3f0c6d
e14b499ae075d1437a3d19c061ce5c47e70ebaf9
9407ac88551e3046045786d43d427ded47b0133ac0acb85f8604743885d06d4b

HTTP Headers

GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 02 Jun 2025 07:10:05 GMT
date: Mon, 02 Jun 2025 07:10:05 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET cdn.creative-stat1.com/sb/notifications/sweep/default/windows-new/2/img/close.svg

188.114.97.1

200 OK

1.3 kB

URL GET
cdn.creative-stat1.com/sb/notifications/sweep/default/windows-new/2/img/close.svg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nativebookpdf.com/download/4940626-Breakthrough%20Advertising
Certificate
IssuerGoogle Trust Services
Subjectcreative-stat1.com
Fingerprint0B:D7:09:43:6C:42:76:92:3B:8C:0E:15:43:A3:A3:AC:94:B2:C2:CB
ValiditySun, 13 Apr 2025 21:34:38 GMT - Sat, 12 Jul 2025 22:33:20 GMT

File type
SVG Scalable Vector Graphics image
Size
1.3 kB (1279 bytes)
Hash
b3011bde2653e373d1150594a8bbd06d
e47948cdb4d6ecf6257106805e690e3bf0211317
6499ec40e3f2ac55bf1b5c9a2dbbc212adb74114645bccac0373074f98ef8a01

HTTP Headers

GET /sb/notifications/sweep/default/windows-new/2/img/close.svg HTTP/1.1
Host: cdn.creative-stat1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Jun 2025 07:10:04 GMT
content-type: image/svg+xml
server: cloudflare
last-modified: Fri, 19 Jan 2024 14:20:58 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: accept-encoding
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=DWDqgAcm%2BJVkgmF8KlyxqfsT3RyeaY1Vn0ZbUfM5YBB9yEOERvvW2VskeyZccucIHsOkGwQRYJLO4aAphBrvJh%2FsGkdZXVe1YrLlfXEugkVLlQXT"}]}
age: 603
cf-cache-status: HIT
etag: W/"65aa854a-4ff"
content-encoding: br
cf-ray: 949521008eaab527-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET nativebookpdf.com/source/latar.png

104.21.64.1

200 OK

169 kB

URL GET
nativebookpdf.com/source/latar.png
IP
104.21.64.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nativebookpdf.com/download/4940626-Breakthrough%20Advertising
Certificate
IssuerGoogle Trust Services
Subjectnativebookpdf.com
FingerprintDE:78:64:01:0A:B6:F7:64:CD:E5:F1:90:EF:35:AA:D4:B5:3E:58:E2
ValidityMon, 05 May 2025 09:40:52 GMT - Sun, 03 Aug 2025 10:39:32 GMT

File type
PNG image data, 900 x 422, 8-bit colormap, non-interlaced
Size
169 kB (169087 bytes)
Hash
fbc39c8abcf37058d10da26cce622bcd
1b744be8a252f1bd32fb4948fbbf1968cdb94472
664f8454b009a133efc8f975275267d11e4e40a5a15ddc54026ff6ffc84b6598

HTTP Headers

GET /source/latar.png HTTP/1.1
Host: nativebookpdf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nativebookpdf.com/source/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 02 Jun 2025 07:10:01 GMT
content-type: image/png
content-length: 169087
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PCZ5s%2BfQRp27pQiDSVbh4Bazgb8W3OVzWO%2BeRSI%2B68yd6w%2BFRrE62BFOyLpqdLRXkpCcYYla4QeJIkfpTgqBiX0s1D84Uj3h%2Fpp5pJcz%2FqX0R3mlRV7WYztMfFJ%2FpsAs%2FQAsAw%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Fri, 07 Mar 2025 09:50:22 GMT
etag: "2947f-62fbd8d0cf282"
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: REVALIDATED
cf-ray: 949520edbe0f0b02-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6045&min_rtt=2434&rtt_var=2746&sent=41&recv=63&lost=0&retrans=0&sent_bytes=5330&recv_bytes=4065&delivery_rate=448034&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=12000&unsent_bytes=0&cid=cd75a04f93513728&ts=973&x=80"

GET shotgunchancecruel.com/sbar.json?key=8063885bd99612ad36eb78b960c7f724&uuid=a8d0a1a3-d534-40bd-98ac-2990a7eea5ae%3A3%3A1

192.243.61.227

200 OK

6.1 kB

URL GET
shotgunchancecruel.com/sbar.json?key=8063885bd99612ad36eb78b960c7f724&uuid=a8d0a1a3-d534-40bd-98ac-2990a7eea5ae%3A3%3A1
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://nativebookpdf.com/download/4940626-Breakthrough%20Advertising
Certificate
IssuerLet's Encrypt
Subjectshotgunchancecruel.com
Fingerprint57:F1:91:12:31:BB:80:19:FF:41:09:D0:8D:7B:40:3F:77:DF:B2:B3
ValiditySun, 20 Apr 2025 02:16:11 GMT - Sat, 19 Jul 2025 02:16:10 GMT

File type
JSON text data
Size
6.1 kB (6083 bytes)
Hash
3b1aff794f621a9330b0d29e3dfe4cc3
6a8ea0d41826a83de5da19763b3b69c80bf1adcc
4b517eabb706177e19d6221f5fe6f46eb11a0786256c9be332a06027ef5bdf03

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sbar.json?key=8063885bd99612ad36eb78b960c7f724&uuid=a8d0a1a3-d534-40bd-98ac-2990a7eea5ae%3A3%3A1 HTTP/1.1
Host: shotgunchancecruel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nativebookpdf.com
DNT: 1
Connection: keep-alive
Referer: https://nativebookpdf.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 02 Jun 2025 07:10:04 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://nativebookpdf.com
Access-Control-Allow-Origin: https://nativebookpdf.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=a8d0a1a3-d534-40bd-98ac-2990a7eea5ae:3:1; expires=Mon, 09 Jun 2025 07:10:03 GMT; path=/; secure; SameSite=None
pdhtkv=true; expires=Tue, 03 Jun 2025 07:10:04 GMT; path=/; secure; SameSite=None
uncs=1; expires=Tue, 03 Jun 2025 07:10:04 GMT; path=/; secure; SameSite=None
pdhtkv29=true; expires=Tue, 03 Jun 2025 07:10:04 GMT; path=/; secure; SameSite=None
uncs29=1; expires=Tue, 03 Jun 2025 07:10:04 GMT; path=/; secure; SameSite=None
u_pl26111397=1; expires=Tue, 03 Jun 2025 07:10:04 GMT; path=/; secure; SameSite=None
slec8063885bd99612ad36eb78b960c7f724=[5967422]; expires=Mon, 02 Jun 2025 07:10:09 GMT; path=/; secure; SameSite=None
Host: shotgunchancecruel.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: b74b9758606f2d054b4b2230f6bf7cb0
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

GET unseenreport.com/pxf.gif?uuid=5a503d6f-e327-48bd-9c59-f002d3799a6c&eb=56a3745424804a23b12899170f9076de&te=9c9b2bc1fcb866fe34b4078d4dc2b749&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0&dev=e&res=14.3095&b_frame=0&pk=8063885bd99612ad36eb78b960c7f724&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=7

192.243.61.227

200 OK

0 B

URL GET
unseenreport.com/pxf.gif?uuid=5a503d6f-e327-48bd-9c59-f002d3799a6c&eb=56a3745424804a23b12899170f9076de&te=9c9b2bc1fcb866fe34b4078d4dc2b749&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0&dev=e&res=14.3095&b_frame=0&pk=8063885bd99612ad36eb78b960c7f724&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=7
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://nativebookpdf.com/download/4940626-Breakthrough%20Advertising
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
Fingerprint70:62:DC:6C:0A:F4:AA:56:4E:74:DC:EF:DA:CC:60:5A:C4:34:CE:F2
ValiditySat, 17 May 2025 22:34:21 GMT - Fri, 15 Aug 2025 22:34:20 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=5a503d6f-e327-48bd-9c59-f002d3799a6c&eb=56a3745424804a23b12899170f9076de&te=9c9b2bc1fcb866fe34b4078d4dc2b749&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0&dev=e&res=14.3095&b_frame=0&pk=8063885bd99612ad36eb78b960c7f724&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=7 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nativebookpdf.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 02 Jun 2025 07:10:04 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Host: unseenreport.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: fca00711652fea2bb4c4954e7bd7da8d
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET shotgunchancecruel.com/pixel/sbs?c=1

192.243.61.227

200 OK

0 B

URL GET
shotgunchancecruel.com/pixel/sbs?c=1
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://nativebookpdf.com/download/4940626-Breakthrough%20Advertising
Certificate
IssuerLet's Encrypt
Subjectshotgunchancecruel.com
Fingerprint57:F1:91:12:31:BB:80:19:FF:41:09:D0:8D:7B:40:3F:77:DF:B2:B3
ValiditySun, 20 Apr 2025 02:16:11 GMT - Sat, 19 Jul 2025 02:16:10 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbs?c=1 HTTP/1.1
Host: shotgunchancecruel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nativebookpdf.com/
Cookie: uid_id2=a8d0a1a3-d534-40bd-98ac-2990a7eea5ae:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl26111397=1; slec8063885bd99612ad36eb78b960c7f724=[5967422]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 02 Jun 2025 07:10:05 GMT
Content-Length: 0
Connection: keep-alive
Host: shotgunchancecruel.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

GET balmyrind.com/c5bb839ff299c2abad7231d4209b59fa/invoke.js

192.243.59.12

200 OK

27 kB

URL GET
balmyrind.com/c5bb839ff299c2abad7231d4209b59fa/invoke.js
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://nativebookpdf.com/download/4940626-Breakthrough%20Advertising
Certificate
IssuerLet's Encrypt
Subjectbalmyrind.com
Fingerprint59:46:06:32:49:23:A4:93:33:FE:B3:1D:DC:9F:6E:45:27:52:94:54
ValiditySat, 19 Apr 2025 21:07:05 GMT - Fri, 18 Jul 2025 21:07:04 GMT

File type
JavaScript source, ASCII text, with very long lines (27391), with no line terminators
Size
27 kB (27391 bytes)
Hash
aaf7267ba1610aa1ecfe00dab74625d3
1b033a6acad201a76c472f289ff6b88af3836044
c78a9b5e13840c2b390e9bbcc6a5722620ef6a2677dc7c2ed7c6a77be0d6da19

HTTP Headers

GET /c5bb839ff299c2abad7231d4209b59fa/invoke.js HTTP/1.1
Host: balmyrind.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nativebookpdf.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 02 Jun 2025 07:10:02 GMT
Content-Type: application/javascript
Content-Length: 11522
Connection: keep-alive
Content-Encoding: gzip
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: balmyrind.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 3c8cab3980e252f03b073042d08c3416
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET experttrafficcounter.com/stats

3.223.89.16

200 OK

40 B

URL GET
experttrafficcounter.com/stats
IP
3.223.89.16:443
ASN
#14618 AMAZON-AES

Requested by
https://nativebookpdf.com/download/4940626-Breakthrough%20Advertising
Certificate
IssuerAmazon
Subjectexperttrafficcounter.com
Fingerprint87:3A:58:B8:11:C8:21:51:2F:8A:85:96:EF:A6:96:9E:D9:55:66:56
ValidityTue, 29 Apr 2025 00:00:00 GMT - Thu, 28 May 2026 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
0d8170c18d129e40446364c1a9ccec81
7e708119c7c1812998f13b99de96b3ce2bf18d70
b48b4eade0e2c69ea73471f288f102b92e4854fba749eecaf4b76ab026e0cb32

HTTP Headers

GET /stats HTTP/1.1
Host: experttrafficcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nativebookpdf.com
DNT: 1
Connection: keep-alive
Referer: https://nativebookpdf.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Jun 2025 07:10:02 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://nativebookpdf.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=3e4c4ffe-4e0e-4c6f-8256-1002a959e85c:1:1; expires=Thu, 31 May 2035 07:10:02 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

GET recordedthereby.com/sfp.js

185.196.197.71

200 OK

85 kB

URL GET
recordedthereby.com/sfp.js
IP
185.196.197.71:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://nativebookpdf.com/download/4940626-Breakthrough%20Advertising
Certificate
IssuerLet's Encrypt
Subjectrecordedthereby.com
Fingerprint43:76:D8:56:43:66:8A:49:51:DC:E6:8E:5A:E9:35:93:29:07:37:C1
ValidityMon, 05 May 2025 21:20:39 GMT - Sun, 03 Aug 2025 21:20:38 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size
85 kB (85380 bytes)
Hash
108625937affa4b38bb17cea65510d72
2c0f48e9efa3fb5554d1fa393b28d74d5339f9ee
c84263fcf6b091998dd37f5f600b3bfea92ac1d31cbf9631bb87fa411124a9e0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sfp.js HTTP/1.1
Host: recordedthereby.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nativebookpdf.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 02 Jun 2025 07:10:03 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 28255
Connection: keep-alive
Content-Encoding: gzip
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Host: recordedthereby.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 60a92d1427bafa11869e12aa83a8d19c
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET invadedisheartentrail.com/watch.1506143486934.js?key=67afc2b5ae106f3b8e810cf438915392&kw=%5B%22breakthrough%22%2C%22advertising%22%5D&refer=https%3A%2F%2Fnativebookpdf.com%2Fdownload%2F4940626-Breakthrough%2520Advertising&tz=0&dev=e&res=14.3095&rb=&uuid=5a503d6f-e327-48bd-9c59-f002d3799a6c%3A1%3A1

192.243.61.225

307 Temporary Redirect

4.9 kB

URL GET
invadedisheartentrail.com/watch.1506143486934.js?key=67afc2b5ae106f3b8e810cf438915392&kw=%5B%22breakthrough%22%2C%22advertising%22%5D&refer=https%3A%2F%2Fnativebookpdf.com%2Fdownload%2F4940626-Breakthrough%2520Advertising&tz=0&dev=e&res=14.3095&rb=&uuid=5a503d6f-e327-48bd-9c59-f002d3799a6c%3A1%3A1
IP
192.243.61.225:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://nativebookpdf.com/download/4940626-Breakthrough%20Advertising
Certificate
IssuerLet's Encrypt
Subjectinvadedisheartentrail.com
Fingerprint95:61:8E:B5:87:C3:51:FF:61:D7:15:A0:D3:84:2F:F7:62:3D:AF:A5
ValidityTue, 29 Apr 2025 21:47:10 GMT - Mon, 28 Jul 2025 21:47:09 GMT

File type

Size
4.9 kB (4912 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.1506143486934.js?key=67afc2b5ae106f3b8e810cf438915392&kw=%5B%22breakthrough%22%2C%22advertising%22%5D&refer=https%3A%2F%2Fnativebookpdf.com%2Fdownload%2F4940626-Breakthrough%2520Advertising&tz=0&dev=e&res=14.3095&rb=&uuid=5a503d6f-e327-48bd-9c59-f002d3799a6c%3A1%3A1 HTTP/1.1
Host: invadedisheartentrail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nativebookpdf.com
DNT: 1
Connection: keep-alive
Referer: https://nativebookpdf.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Mon, 02 Jun 2025 07:10:03 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://nativebookpdf.com
Access-Control-Allow-Origin: https://nativebookpdf.com
Access-Control-Allow-Credentials: true
Location: https://invadedisheartentrail.com/watch.1506143486934.js?dev=e&key=67afc2b5ae106f3b8e810cf438915392&kw=%5B%22breakthrough%22%2C%22advertising%22%5D&pst=1748848263&rb=&refer=https%3A%2F%2Fnativebookpdf.com%2Fdownload%2F4940626-Breakthrough%2520Advertising&res=14.3095&rmtc=t&shu=827d85e80fbd9b0a91083ce259d30fde6ab1f4d518875f210c24de91cc424745f99ea8e14fab766259e39a4656c98f2bd21a1a3bb0cc18cea9111244bd7cd055e4ad0f726e892bb9223e3155c422bb1de861292808fc5f5844b0&tz=0&uuid=5a503d6f-e327-48bd-9c59-f002d3799a6c%3A1%3A1
Set-Cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMzgxNzMxNCwiayI6IjY3YWZjMmI1YWUxMDZmM2I4ZTgxMGNmNDM4OTE1MzkyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQzOTY1LCJwaWQiOjIwMDYzMDEsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MjcsImFpZCI6NSwicHQiOjQsInBrIjoia2c2ZXo4Z2Z6dyIsImNwa3MiOnsiMjgiOiIxMDA5ZjkxYzQ0Y2Y4ODU5OTViMmRkNDM4ZWUwZmY3NiJ9LCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vbmF0aXZlYm9va3BkZi5jb20vZG93bmxvYWQvNDk0MDYyNi1CcmVha3Rocm91Z2glMjBBZHZlcnRpc2luZyIsImFyIjpbXX19.VnI_ce-eKgGyuxi16JrKoQbGzKoVAGhwv8KeVXjcLDA; expires=Mon, 02 Jun 2025 07:11:03 GMT; path=/; secure; SameSite=None
Host: invadedisheartentrail.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 57c6d0d6344b6ce3b1ff83ed9701f9c9
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET img.icons8.com/color/48/000000/repository.png

185.76.9.12

200 OK

480 B

URL GET
img.icons8.com/color/48/000000/repository.png
IP
185.76.9.12:443
ASN
#60068 Datacamp Limited

Requested by
https://nativebookpdf.com/download/4940626-Breakthrough%20Advertising
Certificate
IssuerLet's Encrypt
Subject1004834818.rsc.cdn77.org
Fingerprint60:69:D2:4D:34:65:D3:2E:67:5E:19:CB:B3:A8:BA:65:44:3B:EF:02
ValidityMon, 31 Mar 2025 14:51:05 GMT - Sun, 29 Jun 2025 14:51:04 GMT

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
Size
480 B (480 bytes)
Hash
f9237bc968b0e4a3c01bfe884a020eca
77f2795a00571056b937eae1adc3d8d49c669885
5b5b7a23543843159ef84e087ccbbe3497054a5c7cb5c4ae604bfd457ae0adf7

HTTP Headers

GET /color/48/000000/repository.png HTTP/1.1
Host: img.icons8.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nativebookpdf.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Jun 2025 07:10:03 GMT
content-type: image/png
content-length: 480
access-control-allow-origin: *
access-control-expose-headers: icon-id, icon-size, icon-format
icon-id: 33318
icon-size: 48
icon-format: png
last-modified: Wed, 30 Apr 2025 13:36:20
version: 0.0.29
from-mongo-cache: false
from-redis-cache: true
not-found-platform: false
cache-control: public, max-age=302400
strict-transport-security: max-age=15724800; includeSubDomains
x-77-nzt: EwwBuUwJCgH3ID0EAAwBuUwKDAH35QEAAAwBJRPCMQG34gAAAA
x-77-nzt-ray: e2f7542097b808db4b4e3d68292d8e31
x-77-cache: HIT
x-77-age: 277792
server: CDN77-Turbo
x-77-pop: stockholmSE
accept-ranges: bytes
X-Firefox-Spdy: h2

GET cdn.creative-stat1.com/sb/notifications/sweep/default/windows-new/2/img/message.png

188.114.97.1

200 OK

5.4 kB

URL GET
cdn.creative-stat1.com/sb/notifications/sweep/default/windows-new/2/img/message.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nativebookpdf.com/download/4940626-Breakthrough%20Advertising
Certificate
IssuerGoogle Trust Services
Subjectcreative-stat1.com
Fingerprint0B:D7:09:43:6C:42:76:92:3B:8C:0E:15:43:A3:A3:AC:94:B2:C2:CB
ValiditySun, 13 Apr 2025 21:34:38 GMT - Sat, 12 Jul 2025 22:33:20 GMT

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced
Size
5.4 kB (5402 bytes)
Hash
cd733a315b8211d98f006e6ea0803f4b
7d171c38df62cfdaa0c6ec35f8c37aa183c52b54
ce16892d1608a82787b41a5402c081485e9af89ecfcc525a850bdf13ddce6b70

HTTP Headers

GET /sb/notifications/sweep/default/windows-new/2/img/message.png HTTP/1.1
Host: cdn.creative-stat1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Jun 2025 07:10:04 GMT
content-type: image/png
content-length: 5402
server: cloudflare
last-modified: Fri, 19 Jan 2024 14:20:58 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
etag: "65aa854a-151a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
accept-ranges: bytes
age: 603
cf-cache-status: HIT
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=YS4Xn%2BJD%2FKrrhQ4KypdQcibvJaXQ43ObQ%2FUuSNfNoJRlVoMLhsbeXf01i1wVbAZhDSuMGbdYu9V8AGb2pK18zugXSBi7McEIyrlGyIxYpBsKoJIp"}]}
cf-ray: 949521008eb0b527-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET netdna.bootstrapcdn.com/bootstrap/3.0.0/css/bootstrap.min.css

104.18.10.207

200 OK

97 kB

URL GET
netdna.bootstrapcdn.com/bootstrap/3.0.0/css/bootstrap.min.css
IP
104.18.10.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nativebookpdf.com/download/4940626-Breakthrough%20Advertising
Certificate
IssuerGoogle Trust Services
Subjectbootstrapcdn.com
Fingerprint73:3E:54:5A:E7:0A:B5:3C:11:79:4A:9F:FE:64:7B:38:B7:15:03:C0
ValidityWed, 14 May 2025 02:01:13 GMT - Tue, 12 Aug 2025 03:00:50 GMT

File type
ASCII text, with very long lines (65316)
Size
97 kB (97339 bytes)
Hash
4eadbf7d1721bb2729e398595bc7f0bc
cde1a9a9098238450afb8fccfce94c22fa2743e3
1cbda21998b65e08a7e936114cabd7f7783d0f590dd6efdd58c7faa8b6e7b9aa

HTTP Headers

GET /bootstrap/3.0.0/css/bootstrap.min.css HTTP/1.1
Host: netdna.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nativebookpdf.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Jun 2025 07:10:01 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
content-encoding: gzip
etag: W/"4eadbf7d1721bb2729e398595bc7f0bc"
last-modified: Mon, 25 Jan 2021 22:03:55 GMT
cdn-cachedat: 08/09/2023 03:30:58
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 865
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 1a67460376bb0aec38c7615d6c81e95b
cdn-cache: HIT
cf-cache-status: HIT
age: 2256130
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 949520eb18040b31-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET ts2.mm.bing.net/th?q=breakthrough+advertising

150.171.27.10

200 OK

39 kB

URL GET
ts2.mm.bing.net/th?q=breakthrough+advertising
IP
150.171.27.10:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nativebookpdf.com/download/4940626-Breakthrough%20Advertising
Certificate
IssuerMicrosoft Corporation
Subject*.mm.bing.net
FingerprintCA:2F:45:96:53:5D:CF:08:76:D8:2A:3F:AE:8D:4E:05:24:31:BE:89
ValidityThu, 24 Apr 2025 05:30:44 GMT - Tue, 21 Oct 2025 05:30:44 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 474x633, components 3
Size
39 kB (38746 bytes)
Hash
91c01df2541161afd1f88b7662f34cc2
38a745dcac56b3f74286865eaa19c325dad0d9a1
129b6e344f7d356acf86a477ce5bcdbc395e9a076a2abf7a29922d762906a3f0

HTTP Headers

GET /th?q=breakthrough+advertising HTTP/1.1
Host: ts2.mm.bing.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nativebookpdf.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: public, max-age=5184000
content-length: 38746
content-type: image/jpeg
x-cache: TCP_MISS
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E2F14F1EDBBD4D5DA388D94A09840E90 Ref B: OSL30EDGE0105 Ref C: 2025-06-02T07:10:01Z
date: Mon, 02 Jun 2025 07:10:00 GMT
X-Firefox-Spdy: h2

GET wearychallengeraise.com/79/cf/f3/79cff3ffb119ee9289f2e7e5fe2c0498.js

192.243.59.12

200 OK

104 kB

URL GET
wearychallengeraise.com/79/cf/f3/79cff3ffb119ee9289f2e7e5fe2c0498.js
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://nativebookpdf.com/download/4940626-Breakthrough%20Advertising
Certificate
IssuerLet's Encrypt
Subjectwearychallengeraise.com
Fingerprint59:0D:D9:8E:52:01:C0:D1:1E:83:C9:8F:D9:E2:AA:FF:AF:B7:B8:51
ValiditySun, 20 Apr 2025 03:17:43 GMT - Sat, 19 Jul 2025 03:17:42 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
104 kB (104448 bytes)
Hash
1f42f184675f80cce69867ee7a3aae04
8e90d75bc98d858c71761c1dbe816098516b2d74
c71aa8649620b896fedf855725728ad1e3d92ad30680bde55d3493194e2aebaf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /79/cf/f3/79cff3ffb119ee9289f2e7e5fe2c0498.js HTTP/1.1
Host: wearychallengeraise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nativebookpdf.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 02 Jun 2025 07:10:02 GMT
Content-Type: application/javascript
Content-Length: 32743
Connection: keep-alive
Content-Encoding: gzip
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: wearychallengeraise.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 2e0db903928fe40d8b9b42196f219ce6
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET wearychallengeraise.com/watch.1599200215999.js?dev=e&key=5975c768713903f76e87b8db7dd0be20&kw=%5B%22breakthrough%22%2C%22advertising%22%5D&pst=1748848263&rb=&refer=https%3A%2F%2Fnativebookpdf.com%2Fdownload%2F4940626-Breakthrough%2520Advertising&res=14.3095&rmtc=t&shu=f6569c5dda924784cb8fe1df4df717f099d034c5e886379dc5c945e01970f1b3c103612f145da4cd8266668dfc25a98d2eeb82dfbbc9fbc094f8e00c7c1185f890de5c56c8d2d89dc6b0e2fdc6d674c16b20d4a41fa4e0e0766c&tz=0&uuid=3e4c4ffe-4e0e-4c6f-8256-1002a959e85c%3A1%3A1

192.243.59.12

200 OK

5.0 kB

URL GET
wearychallengeraise.com/watch.1599200215999.js?dev=e&key=5975c768713903f76e87b8db7dd0be20&kw=%5B%22breakthrough%22%2C%22advertising%22%5D&pst=1748848263&rb=&refer=https%3A%2F%2Fnativebookpdf.com%2Fdownload%2F4940626-Breakthrough%2520Advertising&res=14.3095&rmtc=t&shu=f6569c5dda924784cb8fe1df4df717f099d034c5e886379dc5c945e01970f1b3c103612f145da4cd8266668dfc25a98d2eeb82dfbbc9fbc094f8e00c7c1185f890de5c56c8d2d89dc6b0e2fdc6d674c16b20d4a41fa4e0e0766c&tz=0&uuid=3e4c4ffe-4e0e-4c6f-8256-1002a959e85c%3A1%3A1
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://nativebookpdf.com/download/4940626-Breakthrough%20Advertising
Certificate
IssuerLet's Encrypt
Subjectwearychallengeraise.com
Fingerprint59:0D:D9:8E:52:01:C0:D1:1E:83:C9:8F:D9:E2:AA:FF:AF:B7:B8:51
ValiditySun, 20 Apr 2025 03:17:43 GMT - Sat, 19 Jul 2025 03:17:42 GMT

File type
JavaScript source, ASCII text, with very long lines (4082)
Size
5.0 kB (4958 bytes)
Hash
ca7b0c79eb731141187b237254724fb7
6e923514f7641a25b583a3b3af143c60500d3bad
5a9481dcc33fbfb8970787b9c603053f61468ae4e3e626298f0ed0915c25cfe0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.1599200215999.js?dev=e&key=5975c768713903f76e87b8db7dd0be20&kw=%5B%22breakthrough%22%2C%22advertising%22%5D&pst=1748848263&rb=&refer=https%3A%2F%2Fnativebookpdf.com%2Fdownload%2F4940626-Breakthrough%2520Advertising&res=14.3095&rmtc=t&shu=f6569c5dda924784cb8fe1df4df717f099d034c5e886379dc5c945e01970f1b3c103612f145da4cd8266668dfc25a98d2eeb82dfbbc9fbc094f8e00c7c1185f890de5c56c8d2d89dc6b0e2fdc6d674c16b20d4a41fa4e0e0766c&tz=0&uuid=3e4c4ffe-4e0e-4c6f-8256-1002a959e85c%3A1%3A1 HTTP/1.1
Host: wearychallengeraise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nativebookpdf.com
Referer: https://nativebookpdf.com/
DNT: 1
Connection: keep-alive
Cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyNTk5NjYzNSwiayI6IjU5NzVjNzY4NzEzOTAzZjc2ZTg3YjhkYjdkZDBiZTIwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQzOTY1LCJwaWQiOjIwMDYzMDEsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MjcsImFpZCI6MjMsInB0Ijo0LCJwayI6InYxOGNjeHhxc3QiLCJjcGtzIjp7IjI4IjoiNzljZmYzZmZiMTE5ZWU5Mjg5ZjJlN2U1ZmUyYzA0OTgiLCIyOSI6IjgwNjM4ODViZDk5NjEyYWQzNmViNzhiOTYwYzdmNzI0In0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjoyNjY1NjExMTUsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMzY5MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTM0LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9uYXRpdmVib29rcGRmLmNvbS9kb3dubG9hZC80OTQwNjI2LUJyZWFrdGhyb3VnaCUyMEFkdmVydGlzaW5nIiwiYXIiOltdfX0.FNR8yAfTPnzq0v1sb6E_cQJKliGV5fXu09EVPdEGR6I
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 02 Jun 2025 07:10:03 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://nativebookpdf.com
Access-Control-Allow-Origin: https://nativebookpdf.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=3e4c4ffe-4e0e-4c6f-8256-1002a959e85c:1:1; expires=Mon, 09 Jun 2025 07:10:03 GMT; path=/; secure; SameSite=None
pdhtkv=true; expires=Tue, 03 Jun 2025 07:10:03 GMT; path=/; secure; SameSite=None
uncs=1; expires=Tue, 03 Jun 2025 07:10:03 GMT; path=/; secure; SameSite=None
pdhtkv23=true; expires=Tue, 03 Jun 2025 07:10:03 GMT; path=/; secure; SameSite=None
uncs23=1; expires=Tue, 03 Jun 2025 07:10:03 GMT; path=/; secure; SameSite=None
u_pl25996635=1; expires=Tue, 03 Jun 2025 07:10:03 GMT; path=/; secure; SameSite=None
Host: wearychallengeraise.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 0fa785613af83268dddd46cbad9acd39
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

GET nativebookpdf.com/source/bootstrap.min.css

104.21.64.1

200 OK

122 kB

URL GET
nativebookpdf.com/source/bootstrap.min.css
IP
104.21.64.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nativebookpdf.com/download/4940626-Breakthrough%20Advertising
Certificate
IssuerGoogle Trust Services
Subjectnativebookpdf.com
FingerprintDE:78:64:01:0A:B6:F7:64:CD:E5:F1:90:EF:35:AA:D4:B5:3E:58:E2
ValidityMon, 05 May 2025 09:40:52 GMT - Sun, 03 Aug 2025 10:39:32 GMT

File type
ASCII text, with very long lines (65371)
Size
122 kB (122540 bytes)
Hash
5d5357cb3704e1f43a1f5bfed2aebf42
08df9a96752852f2cbd310c30facd934e348c2c5
31fbd99641c212a6ad3681a2397bde13c148c0ccd98385bce6a7eb7c81417d87

HTTP Headers

GET /source/bootstrap.min.css HTTP/1.1
Host: nativebookpdf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nativebookpdf.com/download/4940626-Breakthrough%20Advertising
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Jun 2025 07:10:01 GMT
content-type: text/css
content-length: 19883
server: cloudflare
last-modified: Fri, 07 Mar 2025 09:50:22 GMT
etag: "1deac-62fbd8d0cf282-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: EXPIRED
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=cFj9N2J76rUyjlUCgxGnT3RG6yMawSfmaJl3%2F4bdlWT89f4HIvznWy92rqKaMyl%2BOyjWLBGHv6hZkCKCetrPZDH2lEvY6h24CZNxqtY33Q%3D%3D"}]}
cf-ray: 949520ea4a96569c-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js

104.17.25.14

200 OK

1.3 kB

URL GET
cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nativebookpdf.com/download/4940626-Breakthrough%20Advertising
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint4B:06:E9:E2:47:47:F5:3C:33:58:F8:2A:95:70:22:5E:23:19:03:77
ValidityThu, 22 May 2025 14:38:44 GMT - Wed, 20 Aug 2025 15:38:38 GMT

File type
JavaScript source, ASCII text, with very long lines (1266)
Size
1.3 kB (1300 bytes)
Hash
4412bf8023109ee9eb1f1f226d391329
c273960aa874a87dd022b5e597887142f1b8e34f
d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6

HTTP Headers

GET /ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nativebookpdf.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Jun 2025 07:10:01 GMT
content-type: application/javascript; charset=utf-8
content-length: 591
server: cloudflare
strict-transport-security: max-age=15780000
cf-ray: 949520eb5bc9b4ff-OSL
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec1-514"
last-modified: Mon, 04 May 2020 16:11:45 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 897595
expires: Sat, 23 May 2026 07:10:01 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dLRcop7NhpxyIMAgDM9G0sjiOyae0npfqJoox0cG7ILZVdiUaCUT8ZidHDXrBe%2BKP1W5fhLB%2Fys9rBIVjvzNGLXrxeRj4ciZegi87ZjEUjOWfzUPii5fnvHxy%2BYtSf8VTO4iB9Ld"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET experttrafficcounter.com/stats

3.223.89.16

200 OK

40 B

URL GET
experttrafficcounter.com/stats
IP
3.223.89.16:443
ASN
#14618 AMAZON-AES

Requested by
https://nativebookpdf.com/download/4940626-Breakthrough%20Advertising
Certificate
IssuerAmazon
Subjectexperttrafficcounter.com
Fingerprint87:3A:58:B8:11:C8:21:51:2F:8A:85:96:EF:A6:96:9E:D9:55:66:56
ValidityTue, 29 Apr 2025 00:00:00 GMT - Thu, 28 May 2026 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
3a03c0460436a87c4660858e54e31016
27a512489af7babb8d1801175fcc2b834ebdeea6
8563a95f348d0579c371c82a606998f26b1ed49a1b128cc2d9b6560746e5aa32

HTTP Headers

GET /stats HTTP/1.1
Host: experttrafficcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nativebookpdf.com
DNT: 1
Connection: keep-alive
Referer: https://nativebookpdf.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Jun 2025 07:10:02 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://nativebookpdf.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=55551621-c3b2-44a1-a025-3ceee4aec45f:3:1; expires=Thu, 31 May 2035 07:10:02 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

GET praystakeinstinct.com/watch.1032219285777.js?key=c5bb839ff299c2abad7231d4209b59fa&kw=%5B%22breakthrough%22%2C%22advertising%22%5D&refer=https%3A%2F%2Fnativebookpdf.com%2Fdownload%2F4940626-Breakthrough%2520Advertising&tz=0&dev=e&res=14.3095&rb=&uuid=a8d0a1a3-d534-40bd-98ac-2990a7eea5ae%3A3%3A1

192.243.59.12

307 Temporary Redirect

5.0 kB

URL GET
praystakeinstinct.com/watch.1032219285777.js?key=c5bb839ff299c2abad7231d4209b59fa&kw=%5B%22breakthrough%22%2C%22advertising%22%5D&refer=https%3A%2F%2Fnativebookpdf.com%2Fdownload%2F4940626-Breakthrough%2520Advertising&tz=0&dev=e&res=14.3095&rb=&uuid=a8d0a1a3-d534-40bd-98ac-2990a7eea5ae%3A3%3A1
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://nativebookpdf.com/download/4940626-Breakthrough%20Advertising
Certificate
IssuerLet's Encrypt
Subjectpraystakeinstinct.com
FingerprintEB:32:11:47:9B:33:13:C9:D7:C7:F1:D3:1F:81:A6:05:E1:9D:89:CC
ValidityTue, 29 Apr 2025 22:08:44 GMT - Mon, 28 Jul 2025 22:08:43 GMT

File type

Size
5.0 kB (4970 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.1032219285777.js?key=c5bb839ff299c2abad7231d4209b59fa&kw=%5B%22breakthrough%22%2C%22advertising%22%5D&refer=https%3A%2F%2Fnativebookpdf.com%2Fdownload%2F4940626-Breakthrough%2520Advertising&tz=0&dev=e&res=14.3095&rb=&uuid=a8d0a1a3-d534-40bd-98ac-2990a7eea5ae%3A3%3A1 HTTP/1.1
Host: praystakeinstinct.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nativebookpdf.com
DNT: 1
Connection: keep-alive
Referer: https://nativebookpdf.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Mon, 02 Jun 2025 07:10:03 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://nativebookpdf.com
Access-Control-Allow-Origin: https://nativebookpdf.com
Access-Control-Allow-Credentials: true
Location: https://praystakeinstinct.com/watch.1032219285777.js?dev=e&key=c5bb839ff299c2abad7231d4209b59fa&kw=%5B%22breakthrough%22%2C%22advertising%22%5D&pst=1748848263&rb=&refer=https%3A%2F%2Fnativebookpdf.com%2Fdownload%2F4940626-Breakthrough%2520Advertising&res=14.3095&rmtc=t&shu=cf524767a896afe3446fbbae00cc46423b1bb196d80751d3f08ea0da7a4a59f77c140b3398a3f41bb35931932710a696fc1037685d926f1279d4afc6b2c6abef2245477c1fd7fc2b9efe169fd1381499d0997b7114e1150f5018&tz=0&uuid=a8d0a1a3-d534-40bd-98ac-2990a7eea5ae%3A3%3A1
Set-Cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyNTk0NjQxOSwiayI6ImM1YmI4MzlmZjI5OWMyYWJhZDcyMzFkNDIwOWI1OWZhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MTkzNTg3LCJwaWQiOjIwMDYzMDEsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MjcsImFpZCI6MjMsInB0Ijo0LCJwayI6InU0OHN5dXB5MyIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjoyNjY1NjExMTUsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMzY5MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTM0LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9uYXRpdmVib29rcGRmLmNvbS9kb3dubG9hZC80OTQwNjI2LUJyZWFrdGhyb3VnaCUyMEFkdmVydGlzaW5nIiwiYXIiOltdfX0.exoGH8kR3o39kVJPySkCJcdgWVnykvX5uKABr3Yekfw; expires=Mon, 02 Jun 2025 07:11:03 GMT; path=/; secure; SameSite=None
Host: praystakeinstinct.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: b25929b2a4b281c7400c874b4edd7ef9
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET wearychallengeraise.com/watch.1599200215999.js?key=5975c768713903f76e87b8db7dd0be20&kw=%5B%22breakthrough%22%2C%22advertising%22%5D&refer=https%3A%2F%2Fnativebookpdf.com%2Fdownload%2F4940626-Breakthrough%2520Advertising&tz=0&dev=e&res=14.3095&rb=&uuid=3e4c4ffe-4e0e-4c6f-8256-1002a959e85c%3A1%3A1

192.243.59.12

307 Temporary Redirect

5.0 kB

URL GET
wearychallengeraise.com/watch.1599200215999.js?key=5975c768713903f76e87b8db7dd0be20&kw=%5B%22breakthrough%22%2C%22advertising%22%5D&refer=https%3A%2F%2Fnativebookpdf.com%2Fdownload%2F4940626-Breakthrough%2520Advertising&tz=0&dev=e&res=14.3095&rb=&uuid=3e4c4ffe-4e0e-4c6f-8256-1002a959e85c%3A1%3A1
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://nativebookpdf.com/download/4940626-Breakthrough%20Advertising
Certificate
IssuerLet's Encrypt
Subjectwearychallengeraise.com
Fingerprint59:0D:D9:8E:52:01:C0:D1:1E:83:C9:8F:D9:E2:AA:FF:AF:B7:B8:51
ValiditySun, 20 Apr 2025 03:17:43 GMT - Sat, 19 Jul 2025 03:17:42 GMT

File type

Size
5.0 kB (4958 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.1599200215999.js?key=5975c768713903f76e87b8db7dd0be20&kw=%5B%22breakthrough%22%2C%22advertising%22%5D&refer=https%3A%2F%2Fnativebookpdf.com%2Fdownload%2F4940626-Breakthrough%2520Advertising&tz=0&dev=e&res=14.3095&rb=&uuid=3e4c4ffe-4e0e-4c6f-8256-1002a959e85c%3A1%3A1 HTTP/1.1
Host: wearychallengeraise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nativebookpdf.com
DNT: 1
Connection: keep-alive
Referer: https://nativebookpdf.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Mon, 02 Jun 2025 07:10:03 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://nativebookpdf.com
Access-Control-Allow-Origin: https://nativebookpdf.com
Access-Control-Allow-Credentials: true
Location: https://wearychallengeraise.com/watch.1599200215999.js?dev=e&key=5975c768713903f76e87b8db7dd0be20&kw=%5B%22breakthrough%22%2C%22advertising%22%5D&pst=1748848263&rb=&refer=https%3A%2F%2Fnativebookpdf.com%2Fdownload%2F4940626-Breakthrough%2520Advertising&res=14.3095&rmtc=t&shu=f6569c5dda924784cb8fe1df4df717f099d034c5e886379dc5c945e01970f1b3c103612f145da4cd8266668dfc25a98d2eeb82dfbbc9fbc094f8e00c7c1185f890de5c56c8d2d89dc6b0e2fdc6d674c16b20d4a41fa4e0e0766c&tz=0&uuid=3e4c4ffe-4e0e-4c6f-8256-1002a959e85c%3A1%3A1
Set-Cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyNTk5NjYzNSwiayI6IjU5NzVjNzY4NzEzOTAzZjc2ZTg3YjhkYjdkZDBiZTIwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQzOTY1LCJwaWQiOjIwMDYzMDEsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MjcsImFpZCI6MjMsInB0Ijo0LCJwayI6InYxOGNjeHhxc3QiLCJjcGtzIjp7IjI4IjoiNzljZmYzZmZiMTE5ZWU5Mjg5ZjJlN2U1ZmUyYzA0OTgiLCIyOSI6IjgwNjM4ODViZDk5NjEyYWQzNmViNzhiOTYwYzdmNzI0In0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjoyNjY1NjExMTUsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMzY5MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTM0LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9uYXRpdmVib29rcGRmLmNvbS9kb3dubG9hZC80OTQwNjI2LUJyZWFrdGhyb3VnaCUyMEFkdmVydGlzaW5nIiwiYXIiOltdfX0.FNR8yAfTPnzq0v1sb6E_cQJKliGV5fXu09EVPdEGR6I; expires=Mon, 02 Jun 2025 07:11:03 GMT; path=/; secure; SameSite=None
Host: wearychallengeraise.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: babb298d1825be8fa54361afcaedda26
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET cdn.storageimagedisplay.com/cti/bf/84/2e/bf842e9bfc0a67b3160025c9ef8373c8/1707813634.png

45.133.44.1

200 OK

119 kB

URL GET
cdn.storageimagedisplay.com/cti/bf/84/2e/bf842e9bfc0a67b3160025c9ef8373c8/1707813634.png
IP
45.133.44.1:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://nativebookpdf.com/download/4940626-Breakthrough%20Advertising
Certificate
IssuerLet's Encrypt
Subjectcdn.storageimagedisplay.com
Fingerprint7C:BD:B0:48:37:0F:A4:22:46:5F:09:F9:77:FA:07:FF:25:25:52:76
ValiditySun, 11 May 2025 02:32:51 GMT - Sat, 09 Aug 2025 02:32:50 GMT

File type
PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced
Size
119 kB (118759 bytes)
Hash
72fe477091722c9a5ab9b26117663f22
edf375c273be0ee032792a29121c435678c303a5
7b2a8ad947f5c5ec0e0e4aaabc63cd445b1346e6f03ad5cfc604f1f274bd89a2

HTTP Headers

GET /cti/bf/84/2e/bf842e9bfc0a67b3160025c9ef8373c8/1707813634.png HTTP/1.1
Host: cdn.storageimagedisplay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Jun 2025 07:10:03 GMT
content-type: image/png
content-length: 118759
server: nginx/1.21.6
last-modified: Tue, 13 Feb 2024 08:40:43 GMT
etag: "65cb2b0b-1cfe7"
expires: Wed, 04 Jun 2025 07:10:03 GMT
cache-control: max-age=172800
x-cdn-host-id: ah0543
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

GET maxcdn.bootstrapcdn.com/bootstrap/3.3.6/js/bootstrap.min.js

104.18.10.207

200 OK

37 kB

URL GET
maxcdn.bootstrapcdn.com/bootstrap/3.3.6/js/bootstrap.min.js
IP
104.18.10.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nativebookpdf.com/download/4940626-Breakthrough%20Advertising
Certificate
IssuerGoogle Trust Services
Subjectbootstrapcdn.com
Fingerprint73:3E:54:5A:E7:0A:B5:3C:11:79:4A:9F:FE:64:7B:38:B7:15:03:C0
ValidityWed, 14 May 2025 02:01:13 GMT - Tue, 12 Aug 2025 03:00:50 GMT

File type
JavaScript source, ASCII text, with very long lines (32003)
Size
37 kB (36868 bytes)
Hash
c5b5b2fa19bd66ff23211d9f844e0131
791aa054a026bddc0de92bad6cf7a1c6e73713d5
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a

HTTP Headers

GET /bootstrap/3.3.6/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nativebookpdf.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Jun 2025 07:10:01 GMT
content-type: application/javascript; charset=utf-8
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31919000
content-encoding: br
etag: W/"c5b5b2fa19bd66ff23211d9f844e0131"
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-cachedat: 03/18/2024 12:50:54
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 723
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requesttime: 0
cdn-requestid: da24e1adf05aecf8a8a31c280d083376
cdn-cache: HIT
cf-cache-status: HIT
age: 1655894
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 949520eb58760b31-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET experttrafficcounter.com/stats

3.223.89.16

200 OK

40 B

URL GET
experttrafficcounter.com/stats
IP
3.223.89.16:443
ASN
#14618 AMAZON-AES

Requested by
https://nativebookpdf.com/download/4940626-Breakthrough%20Advertising
Certificate
IssuerAmazon
Subjectexperttrafficcounter.com
Fingerprint87:3A:58:B8:11:C8:21:51:2F:8A:85:96:EF:A6:96:9E:D9:55:66:56
ValidityTue, 29 Apr 2025 00:00:00 GMT - Thu, 28 May 2026 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
dfdce925895022fd8df590b1620519ec
cdeb396f14c780c9f945030903e5ce43b949108c
32d8951f6e7a29e2fe410e128cad021832bbe9d8f299493e3245d5a6ef1f6574

HTTP Headers

GET /stats HTTP/1.1
Host: experttrafficcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nativebookpdf.com
DNT: 1
Connection: keep-alive
Referer: https://nativebookpdf.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Jun 2025 07:10:02 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://nativebookpdf.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=5a503d6f-e327-48bd-9c59-f002d3799a6c:1:1; expires=Thu, 31 May 2035 07:10:02 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

GET cdn.storageimagedisplay.com/cti/6c/d9/14/6cd91448da7899cc6ea002250b1e662c/1708270272.jpg

45.133.44.1

200 OK

87 kB

URL GET
cdn.storageimagedisplay.com/cti/6c/d9/14/6cd91448da7899cc6ea002250b1e662c/1708270272.jpg
IP
45.133.44.1:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://nativebookpdf.com/download/4940626-Breakthrough%20Advertising
Certificate
IssuerLet's Encrypt
Subjectcdn.storageimagedisplay.com
Fingerprint7C:BD:B0:48:37:0F:A4:22:46:5F:09:F9:77:FA:07:FF:25:25:52:76
ValiditySun, 11 May 2025 02:32:51 GMT - Sat, 09 Aug 2025 02:32:50 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 24.5 (Windows), datetime=2024:02:16 15:10:10], progressive, precision 8, 300x250, components 3
Size
87 kB (87019 bytes)
Hash
18c244854d43934c150dd0ca6b68a93b
56638de980812f54155699186dd04b19c29ebfd0
82951572f360d99180c429e813caf341dc5456524cbf0ec4c4f85dc9e4a9c3fa

HTTP Headers

GET /cti/6c/d9/14/6cd91448da7899cc6ea002250b1e662c/1708270272.jpg HTTP/1.1
Host: cdn.storageimagedisplay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Jun 2025 07:10:03 GMT
content-type: image/jpeg
content-length: 87019
server: nginx/1.21.6
last-modified: Sun, 18 Feb 2024 15:31:21 GMT
etag: "65d222c9-153eb"
expires: Wed, 04 Jun 2025 07:10:03 GMT
cache-control: max-age=172800
x-cdn-host-id: ah0543
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2

142.250.74.35

200 OK

40 kB

URL GET
fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://nativebookpdf.com/download/4940626-Breakthrough%20Advertising
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint41:FF:72:9C:74:6F:D4:D1:3B:A8:03:EB:55:D2:D2:09:7E:7A:44:DC
ValidityMon, 12 May 2025 08:44:01 GMT - Mon, 04 Aug 2025 08:44:00 GMT

File type
Web Open Font Format (Version 2), TrueType, length 40128, version 1.0
Size
40 kB (40128 bytes)
Hash
9a01b69183a9604ab3a439e388b30501
8ed1d59003d0dbe6360481017b44665153665fbe
20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2

HTTP Headers

GET /s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://nativebookpdf.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 40128
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 29 May 2025 10:03:46 GMT
expires: Fri, 29 May 2026 10:03:46 GMT
cache-control: public, max-age=31536000
age: 335179
last-modified: Wed, 08 Jan 2025 18:23:10 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET shotgunchancecruel.com/pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fnotifications%2Fsweep%2Fdefault%2Fwindows-new%2F2%2Fjs%2Fscript.js&l=7172&fd=559

192.243.61.227

200 OK

0 B

URL GET
shotgunchancecruel.com/pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fnotifications%2Fsweep%2Fdefault%2Fwindows-new%2F2%2Fjs%2Fscript.js&l=7172&fd=559
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://nativebookpdf.com/download/4940626-Breakthrough%20Advertising
Certificate
IssuerLet's Encrypt
Subjectshotgunchancecruel.com
Fingerprint57:F1:91:12:31:BB:80:19:FF:41:09:D0:8D:7B:40:3F:77:DF:B2:B3
ValiditySun, 20 Apr 2025 02:16:11 GMT - Sat, 19 Jul 2025 02:16:10 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fnotifications%2Fsweep%2Fdefault%2Fwindows-new%2F2%2Fjs%2Fscript.js&l=7172&fd=559 HTTP/1.1
Host: shotgunchancecruel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nativebookpdf.com/
Cookie: uid_id2=a8d0a1a3-d534-40bd-98ac-2990a7eea5ae:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl26111397=1; slec8063885bd99612ad36eb78b960c7f724=[5967422]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 02 Jun 2025 07:10:05 GMT
Content-Length: 0
Connection: keep-alive
Host: shotgunchancecruel.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

GET fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2

142.250.74.35

200 OK

40 kB

URL GET
fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://nativebookpdf.com/download/4940626-Breakthrough%20Advertising
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint41:FF:72:9C:74:6F:D4:D1:3B:A8:03:EB:55:D2:D2:09:7E:7A:44:DC
ValidityMon, 12 May 2025 08:44:01 GMT - Mon, 04 Aug 2025 08:44:00 GMT

File type
Web Open Font Format (Version 2), TrueType, length 40128, version 1.0
Size
40 kB (40128 bytes)
Hash
9a01b69183a9604ab3a439e388b30501
8ed1d59003d0dbe6360481017b44665153665fbe
20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2

HTTP Headers

GET /s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://nativebookpdf.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 40128
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 29 May 2025 10:03:46 GMT
expires: Fri, 29 May 2026 10:03:46 GMT
cache-control: public, max-age=31536000
age: 335179
last-modified: Wed, 08 Jan 2025 18:23:10 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET nativebookpdf.com/img/276175_100002024608901_1930244181_q.jpg

104.21.64.1

200 OK

2.6 kB

URL GET
nativebookpdf.com/img/276175_100002024608901_1930244181_q.jpg
IP
104.21.64.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nativebookpdf.com/download/4940626-Breakthrough%20Advertising
Certificate
IssuerGoogle Trust Services
Subjectnativebookpdf.com
FingerprintDE:78:64:01:0A:B6:F7:64:CD:E5:F1:90:EF:35:AA:D4:B5:3E:58:E2
ValidityMon, 05 May 2025 09:40:52 GMT - Sun, 03 Aug 2025 10:39:32 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 95", baseline, precision 8, 50x50, components 3
Size
2.6 kB (2583 bytes)
Hash
e38f981bce9a2422d89bd67a14867a28
4a75057709512210e404a593f74c57b21869155e
9c778b5e538964b7e2ebc5e9aefe50699f1f68aca195dfef2052ddba3b7e3eac

HTTP Headers

GET /img/276175_100002024608901_1930244181_q.jpg HTTP/1.1
Host: nativebookpdf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nativebookpdf.com/download/4940626-Breakthrough%20Advertising
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Jun 2025 07:10:01 GMT
content-type: image/jpeg
content-length: 2583
server: cloudflare
last-modified: Fri, 07 Mar 2025 09:50:21 GMT
etag: "a17-62fbd8d0baa5c"
accept-ranges: bytes
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=bnU807xD5RRGxFu3Dbd5R0fmyFUUrMTlrI9iK0rjxM8Bpvb6HLxvakzR1k3kA7WgLQxuQG0gURsmUYcd%2BqM2wAgJYm5PF6kJmoWzjw9NwA%3D%3D"}]}
cache-control: max-age=14400
cf-cache-status: REVALIDATED
vary: accept-encoding
cf-ray: 949520ea8af2569c-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET experttrafficcounter.com/stats

3.223.89.16

200 OK

40 B

URL GET
experttrafficcounter.com/stats
IP
3.223.89.16:443
ASN
#14618 AMAZON-AES

Requested by
https://nativebookpdf.com/download/4940626-Breakthrough%20Advertising
Certificate
IssuerAmazon
Subjectexperttrafficcounter.com
Fingerprint87:3A:58:B8:11:C8:21:51:2F:8A:85:96:EF:A6:96:9E:D9:55:66:56
ValidityTue, 29 Apr 2025 00:00:00 GMT - Thu, 28 May 2026 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
974514ec3bd72cf6efd7d82897c6b575
980fcd38244664e20e21ddee46e2cab0e276a3a7
d4e47685bcc52a55e2d4525caad9e10c50ed9b6f85741508b50e50d7ae8eadf2

HTTP Headers

GET /stats HTTP/1.1
Host: experttrafficcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nativebookpdf.com
DNT: 1
Connection: keep-alive
Referer: https://nativebookpdf.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Jun 2025 07:10:02 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://nativebookpdf.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=a8d0a1a3-d534-40bd-98ac-2990a7eea5ae:3:1; expires=Thu, 31 May 2035 07:10:02 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

GET praystakeinstinct.com/watch.1032219285777.js?dev=e&key=c5bb839ff299c2abad7231d4209b59fa&kw=%5B%22breakthrough%22%2C%22advertising%22%5D&pst=1748848263&rb=&refer=https%3A%2F%2Fnativebookpdf.com%2Fdownload%2F4940626-Breakthrough%2520Advertising&res=14.3095&rmtc=t&shu=cf524767a896afe3446fbbae00cc46423b1bb196d80751d3f08ea0da7a4a59f77c140b3398a3f41bb35931932710a696fc1037685d926f1279d4afc6b2c6abef2245477c1fd7fc2b9efe169fd1381499d0997b7114e1150f5018&tz=0&uuid=a8d0a1a3-d534-40bd-98ac-2990a7eea5ae%3A3%3A1

192.243.59.12

200 OK

5.0 kB

URL GET
praystakeinstinct.com/watch.1032219285777.js?dev=e&key=c5bb839ff299c2abad7231d4209b59fa&kw=%5B%22breakthrough%22%2C%22advertising%22%5D&pst=1748848263&rb=&refer=https%3A%2F%2Fnativebookpdf.com%2Fdownload%2F4940626-Breakthrough%2520Advertising&res=14.3095&rmtc=t&shu=cf524767a896afe3446fbbae00cc46423b1bb196d80751d3f08ea0da7a4a59f77c140b3398a3f41bb35931932710a696fc1037685d926f1279d4afc6b2c6abef2245477c1fd7fc2b9efe169fd1381499d0997b7114e1150f5018&tz=0&uuid=a8d0a1a3-d534-40bd-98ac-2990a7eea5ae%3A3%3A1
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://nativebookpdf.com/download/4940626-Breakthrough%20Advertising
Certificate
IssuerLet's Encrypt
Subjectpraystakeinstinct.com
FingerprintEB:32:11:47:9B:33:13:C9:D7:C7:F1:D3:1F:81:A6:05:E1:9D:89:CC
ValidityTue, 29 Apr 2025 22:08:44 GMT - Mon, 28 Jul 2025 22:08:43 GMT

File type
JavaScript source, ASCII text, with very long lines (4094)
Size
5.0 kB (4970 bytes)
Hash
3ef88d2b159bb7dbba4c61797b0c9beb
5eb40ee65f3a578185cde36834557ef150dd160f
65afbf11b9f5ff4c6935e4bce9f62fd36c350577172bbc900e7a744d29b87ab8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.1032219285777.js?dev=e&key=c5bb839ff299c2abad7231d4209b59fa&kw=%5B%22breakthrough%22%2C%22advertising%22%5D&pst=1748848263&rb=&refer=https%3A%2F%2Fnativebookpdf.com%2Fdownload%2F4940626-Breakthrough%2520Advertising&res=14.3095&rmtc=t&shu=cf524767a896afe3446fbbae00cc46423b1bb196d80751d3f08ea0da7a4a59f77c140b3398a3f41bb35931932710a696fc1037685d926f1279d4afc6b2c6abef2245477c1fd7fc2b9efe169fd1381499d0997b7114e1150f5018&tz=0&uuid=a8d0a1a3-d534-40bd-98ac-2990a7eea5ae%3A3%3A1 HTTP/1.1
Host: praystakeinstinct.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nativebookpdf.com
Referer: https://nativebookpdf.com/
DNT: 1
Connection: keep-alive
Cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyNDI1MDM0NywiayI6IjUxZmY0MTgyYzdkYzM2NGNmMzVkYjEwNzZmNDE1ZTdjIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MTkzNTg3LCJwaWQiOjIwMDYzMDEsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MjcsImFpZCI6NSwicHQiOjQsInBrIjoiZmZldGM0Mno1IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjI2NjU2MTExNSwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEzNjkyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMzQuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL25hdGl2ZWJvb2twZGYuY29tL2Rvd25sb2FkLzQ5NDA2MjYtQnJlYWt0aHJvdWdoJTIwQWR2ZXJ0aXNpbmciLCJhciI6W119fQ.zvbqSKMTfCiQQlC2-9DrOc3E6GW3awS3c3MJxotPVBE
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 02 Jun 2025 07:10:03 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://nativebookpdf.com
Access-Control-Allow-Origin: https://nativebookpdf.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=a8d0a1a3-d534-40bd-98ac-2990a7eea5ae:3:1; expires=Mon, 09 Jun 2025 07:10:03 GMT; path=/; secure; SameSite=None
pdhtkv=true; expires=Tue, 03 Jun 2025 07:10:03 GMT; path=/; secure; SameSite=None
uncs=1; expires=Tue, 03 Jun 2025 07:10:03 GMT; path=/; secure; SameSite=None
pdhtkv23=true; expires=Tue, 03 Jun 2025 07:10:03 GMT; path=/; secure; SameSite=None
uncs23=1; expires=Tue, 03 Jun 2025 07:10:03 GMT; path=/; secure; SameSite=None
u_pl25946419=1; expires=Tue, 03 Jun 2025 07:10:03 GMT; path=/; secure; SameSite=None
Host: praystakeinstinct.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: a2515acfba7875556982828d76c10b50
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

GET shotgunchancecruel.com/pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.show-sb.com%2Fsb%2Fnotifications%2Fsweep%2Fdefault%2Fwindows-new%2F2%2Findex.html&l=1249&fd=576

192.243.61.227

200 OK

0 B

URL GET
shotgunchancecruel.com/pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.show-sb.com%2Fsb%2Fnotifications%2Fsweep%2Fdefault%2Fwindows-new%2F2%2Findex.html&l=1249&fd=576
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://nativebookpdf.com/download/4940626-Breakthrough%20Advertising
Certificate
IssuerLet's Encrypt
Subjectshotgunchancecruel.com
Fingerprint57:F1:91:12:31:BB:80:19:FF:41:09:D0:8D:7B:40:3F:77:DF:B2:B3
ValiditySun, 20 Apr 2025 02:16:11 GMT - Sat, 19 Jul 2025 02:16:10 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.show-sb.com%2Fsb%2Fnotifications%2Fsweep%2Fdefault%2Fwindows-new%2F2%2Findex.html&l=1249&fd=576 HTTP/1.1
Host: shotgunchancecruel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nativebookpdf.com/
Cookie: uid_id2=a8d0a1a3-d534-40bd-98ac-2990a7eea5ae:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl26111397=1; slec8063885bd99612ad36eb78b960c7f724=[5967422]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 02 Jun 2025 07:10:04 GMT
Content-Length: 0
Connection: keep-alive
Host: shotgunchancecruel.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

GET nativebookpdf.com/source/style.css

104.21.64.1

200 OK

4.5 kB

URL GET
nativebookpdf.com/source/style.css
IP
104.21.64.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nativebookpdf.com/download/4940626-Breakthrough%20Advertising
Certificate
IssuerGoogle Trust Services
Subjectnativebookpdf.com
FingerprintDE:78:64:01:0A:B6:F7:64:CD:E5:F1:90:EF:35:AA:D4:B5:3E:58:E2
ValidityMon, 05 May 2025 09:40:52 GMT - Sun, 03 Aug 2025 10:39:32 GMT

File type
ASCII text
Size
4.5 kB (4484 bytes)
Hash
5bf4887c4eeee2b89f7151a0dc871da9
19c1d4ddee46aa1391b8e7ce9e0b462d1d63965d
17b91be64c5624496118b94861ed6daf7ca040778c3ee2cf6edccd64ba181c50

HTTP Headers

GET /source/style.css HTTP/1.1
Host: nativebookpdf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nativebookpdf.com/download/4940626-Breakthrough%20Advertising
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Jun 2025 07:10:01 GMT
content-type: text/css
content-length: 1426
server: cloudflare
last-modified: Fri, 07 Mar 2025 09:50:22 GMT
etag: "1184-62fbd8d0ce2e1-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: EXPIRED
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=C1yC4fkUFzBJm%2BNlp1R90RI9QVZ7fDX5qqOpan4cWv8rHDTJuEqgGkyBWluSkoTGEWTQiF3pr%2BI0gpnRqkTa0cZzJPaE7fWQpbaL8OEG8g%3D%3D"}]}
cf-ray: 949520ea5a9f569c-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET nativebookpdf.com/img/27383_100001191353904_1534_q.jpg

104.21.64.1

200 OK

2.4 kB

URL GET
nativebookpdf.com/img/27383_100001191353904_1534_q.jpg
IP
104.21.64.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nativebookpdf.com/download/4940626-Breakthrough%20Advertising
Certificate
IssuerGoogle Trust Services
Subjectnativebookpdf.com
FingerprintDE:78:64:01:0A:B6:F7:64:CD:E5:F1:90:EF:35:AA:D4:B5:3E:58:E2
ValidityMon, 05 May 2025 09:40:52 GMT - Sun, 03 Aug 2025 10:39:32 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 95", baseline, precision 8, 50x50, components 3
Size
2.4 kB (2383 bytes)
Hash
a5bff2263499c44c8bc5468dac719e2e
7a8f5255409ca351a72a145c23de0c2b080c0071
101befcbf61846282d548eb3417468774594725ce57d085e68f2d868fee46a21

HTTP Headers

GET /img/27383_100001191353904_1534_q.jpg HTTP/1.1
Host: nativebookpdf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nativebookpdf.com/download/4940626-Breakthrough%20Advertising
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Jun 2025 07:10:01 GMT
content-type: image/jpeg
content-length: 2383
server: cloudflare
last-modified: Fri, 07 Mar 2025 09:50:21 GMT
etag: "94f-62fbd8d0baa5c"
accept-ranges: bytes
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=7WepQHG5EqQTNEVjy33O%2B1oASKmgkriwwGGs39y7t5rWJD795bX%2BpmniTsLqI2qIr4pWFS%2BG3k2TVuVpG7BlydnLbxX4J7xnOD25OBuqcw%3D%3D"}]}
cache-control: max-age=14400
cf-cache-status: REVALIDATED
vary: accept-encoding
cf-ray: 949520ea7acf569c-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET nativebookpdf.com/download/SITE_HOST/js/sizzle.js

104.21.64.1

200 OK

26 kB

URL GET
nativebookpdf.com/download/SITE_HOST/js/sizzle.js
IP
104.21.64.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nativebookpdf.com/download/4940626-Breakthrough%20Advertising
Certificate
IssuerGoogle Trust Services
Subjectnativebookpdf.com
FingerprintDE:78:64:01:0A:B6:F7:64:CD:E5:F1:90:EF:35:AA:D4:B5:3E:58:E2
ValidityMon, 05 May 2025 09:40:52 GMT - Sun, 03 Aug 2025 10:39:32 GMT

File type
HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
26 kB (25981 bytes)
Hash
42d59196d13e717acc1874adc038471b
66850cd4bf8c878d81ba504edffe63724da347eb
69040a7b754856f59a37a334d8848b0e21696aeb435b185dd24512e8df413c70

HTTP Headers

GET /download/SITE_HOST/js/sizzle.js HTTP/1.1
Host: nativebookpdf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nativebookpdf.com/download/4940626-Breakthrough%20Advertising
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Jun 2025 07:10:01 GMT
content-type: text/html; charset=UTF-8
server: cloudflare
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=mPa6Ah6yN%2FTo2An6C90rQ4YS3cReDrqImChWxDJep1CuhkjtUEqAlzUolctPBotHcrbQuAO5u2Im2MKwIPjFJuQp16Z3oFhXvRZcRd3rCg%3D%3D"}]}
cache-control: max-age=14400
cf-cache-status: EXPIRED
last-modified: Mon, 02 Jun 2025 07:10:01 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-encoding: br
cf-ray: 949520eaab17569c-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET netdna.bootstrapcdn.com/bootstrap/3.0.0/fonts/glyphicons-halflings-regular.woff

104.18.10.207

200 OK

16 kB

URL GET
netdna.bootstrapcdn.com/bootstrap/3.0.0/fonts/glyphicons-halflings-regular.woff
IP
104.18.10.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nativebookpdf.com/download/4940626-Breakthrough%20Advertising
Certificate
IssuerGoogle Trust Services
Subjectbootstrapcdn.com
Fingerprint73:3E:54:5A:E7:0A:B5:3C:11:79:4A:9F:FE:64:7B:38:B7:15:03:C0
ValidityWed, 14 May 2025 02:01:13 GMT - Tue, 12 Aug 2025 03:00:50 GMT

File type
Web Open Font Format, TrueType, length 16448, version 1.0
Size
16 kB (16448 bytes)
Hash
7c4cbe928205c888831ba76548563ca3
c707207e52ffe555a36880e9873d146c226e3533
71c12656535e99119c2a952c10554cd6f47c6923d2d96155a7833276e68992af

HTTP Headers

GET /bootstrap/3.0.0/fonts/glyphicons-halflings-regular.woff HTTP/1.1
Host: netdna.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://nativebookpdf.com
DNT: 1
Connection: keep-alive
Referer: https://netdna.bootstrapcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Jun 2025 07:10:02 GMT
content-type: font/woff
content-length: 16448
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: "7c4cbe928205c888831ba76548563ca3"
last-modified: Mon, 25 Jan 2021 22:03:55 GMT
cdn-cachedat: 09/09/2023 16:29:37
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 864
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requesttime: 1
cdn-requestid: 0db12835c105205cd0a2acc3f13c2a5a
cdn-cache: HIT
cf-cache-status: HIT
age: 5391802
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 949520f089035684-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET praystakeinstinct.com/watch.589199063047.js?key=51ff4182c7dc364cf35db1076f415e7c&kw=%5B%22breakthrough%22%2C%22advertising%22%5D&refer=https%3A%2F%2Fnativebookpdf.com%2Fdownload%2F4940626-Breakthrough%2520Advertising&tz=0&dev=e&res=14.3095&rb=&uuid=55551621-c3b2-44a1-a025-3ceee4aec45f%3A3%3A1

192.243.59.12

307 Temporary Redirect

5.0 kB

URL GET
praystakeinstinct.com/watch.589199063047.js?key=51ff4182c7dc364cf35db1076f415e7c&kw=%5B%22breakthrough%22%2C%22advertising%22%5D&refer=https%3A%2F%2Fnativebookpdf.com%2Fdownload%2F4940626-Breakthrough%2520Advertising&tz=0&dev=e&res=14.3095&rb=&uuid=55551621-c3b2-44a1-a025-3ceee4aec45f%3A3%3A1
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://nativebookpdf.com/download/4940626-Breakthrough%20Advertising
Certificate
IssuerLet's Encrypt
Subjectpraystakeinstinct.com
FingerprintEB:32:11:47:9B:33:13:C9:D7:C7:F1:D3:1F:81:A6:05:E1:9D:89:CC
ValidityTue, 29 Apr 2025 22:08:44 GMT - Mon, 28 Jul 2025 22:08:43 GMT

File type

Size
5.0 kB (4976 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.589199063047.js?key=51ff4182c7dc364cf35db1076f415e7c&kw=%5B%22breakthrough%22%2C%22advertising%22%5D&refer=https%3A%2F%2Fnativebookpdf.com%2Fdownload%2F4940626-Breakthrough%2520Advertising&tz=0&dev=e&res=14.3095&rb=&uuid=55551621-c3b2-44a1-a025-3ceee4aec45f%3A3%3A1 HTTP/1.1
Host: praystakeinstinct.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nativebookpdf.com
DNT: 1
Connection: keep-alive
Referer: https://nativebookpdf.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Mon, 02 Jun 2025 07:10:03 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://nativebookpdf.com
Access-Control-Allow-Origin: https://nativebookpdf.com
Access-Control-Allow-Credentials: true
Location: https://praystakeinstinct.com/watch.589199063047.js?dev=e&key=51ff4182c7dc364cf35db1076f415e7c&kw=%5B%22breakthrough%22%2C%22advertising%22%5D&pst=1748848263&rb=&refer=https%3A%2F%2Fnativebookpdf.com%2Fdownload%2F4940626-Breakthrough%2520Advertising&res=14.3095&rmtc=t&shu=0343dbd377b562f39a403a8259bcbe7d8291a90ab7920d964fb28e48e451e14b8b552a07708c3c80b60d5d855e0379663a9e96938e09d07a85a8ba82d5dd318b46ceebf8ff5eb56793d21c4c6f141adc8362e29f1bf1d66aac19&tz=0&uuid=55551621-c3b2-44a1-a025-3ceee4aec45f%3A3%3A1
Set-Cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyNDI1MDM0NywiayI6IjUxZmY0MTgyYzdkYzM2NGNmMzVkYjEwNzZmNDE1ZTdjIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MTkzNTg3LCJwaWQiOjIwMDYzMDEsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MjcsImFpZCI6NSwicHQiOjQsInBrIjoiZmZldGM0Mno1IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjI2NjU2MTExNSwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEzNjkyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMzQuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL25hdGl2ZWJvb2twZGYuY29tL2Rvd25sb2FkLzQ5NDA2MjYtQnJlYWt0aHJvdWdoJTIwQWR2ZXJ0aXNpbmciLCJhciI6W119fQ.zvbqSKMTfCiQQlC2-9DrOc3E6GW3awS3c3MJxotPVBE; expires=Mon, 02 Jun 2025 07:11:03 GMT; path=/; secure; SameSite=None
Host: praystakeinstinct.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: d1b0fc0b3776143e8924c08a773117fd
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET balmyrind.com/51ff4182c7dc364cf35db1076f415e7c/invoke.js

192.243.59.12

200 OK

27 kB

URL GET
balmyrind.com/51ff4182c7dc364cf35db1076f415e7c/invoke.js
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://nativebookpdf.com/download/4940626-Breakthrough%20Advertising
Certificate
IssuerLet's Encrypt
Subjectbalmyrind.com
Fingerprint59:46:06:32:49:23:A4:93:33:FE:B3:1D:DC:9F:6E:45:27:52:94:54
ValiditySat, 19 Apr 2025 21:07:05 GMT - Fri, 18 Jul 2025 21:07:04 GMT

File type
JavaScript source, ASCII text, with very long lines (27391), with no line terminators
Size
27 kB (27391 bytes)
Hash
4f42cb70c20e880b4a3114384a78604c
ba454a4f0aca15b8320d13e0a84ed04f33157541
fb61372e7119973c4c700483cb41bb50f1af2d1553bc0c42b0ee241cbb42f277

HTTP Headers

GET /51ff4182c7dc364cf35db1076f415e7c/invoke.js HTTP/1.1
Host: balmyrind.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nativebookpdf.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 02 Jun 2025 07:10:02 GMT
Content-Type: application/javascript
Content-Length: 11521
Connection: keep-alive
Content-Encoding: gzip
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: balmyrind.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 85799fe93266338d3c2486962d30d621
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET www.googletagmanager.com/gtag/js?id=G-GHQ1VYP4VS

142.250.178.40

200 OK

329 kB

URL GET
www.googletagmanager.com/gtag/js?id=G-GHQ1VYP4VS
IP
142.250.178.40:443
ASN
#15169 GOOGLE

Requested by
https://nativebookpdf.com/download/4940626-Breakthrough%20Advertising
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
Fingerprint10:76:57:2F:C3:21:F2:5F:71:E4:85:A5:DB:F7:65:3F:51:03:55:07
ValidityMon, 12 May 2025 08:42:57 GMT - Mon, 04 Aug 2025 08:42:56 GMT

File type
JavaScript source, ASCII text, with very long lines (6125)
Size
329 kB (329347 bytes)
Hash
e27031716b4fc0b76d76d74e53e960bd
bfad427aa5da41811fd463aae1cc19777beda54d
18323112cbb350e92b32a238c6cfd4f841585cb21f70d7ad920feb31925b21f9

HTTP Headers

GET /gtag/js?id=G-GHQ1VYP4VS HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nativebookpdf.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 02 Jun 2025 07:10:01 GMT
expires: Mon, 02 Jun 2025 07:10:01 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1077:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1077:0
report-to: {"group":"ascgcycc:1077:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1077:0"}],}
server: Google Tag Manager
content-length: 115905
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET unseenreport.com/pxf.gif?uuid=5a503d6f-e327-48bd-9c59-f002d3799a6c&eb=56a3745424804a23b12899170f9076de&te=9c9b2bc1fcb866fe34b4078d4dc2b749&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0&dev=e&res=14.3095&b_frame=0&pk=79cff3ffb119ee9289f2e7e5fe2c0498&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=7

192.243.61.227

200 OK

0 B

URL GET
unseenreport.com/pxf.gif?uuid=5a503d6f-e327-48bd-9c59-f002d3799a6c&eb=56a3745424804a23b12899170f9076de&te=9c9b2bc1fcb866fe34b4078d4dc2b749&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0&dev=e&res=14.3095&b_frame=0&pk=79cff3ffb119ee9289f2e7e5fe2c0498&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=7
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://nativebookpdf.com/download/4940626-Breakthrough%20Advertising
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
Fingerprint70:62:DC:6C:0A:F4:AA:56:4E:74:DC:EF:DA:CC:60:5A:C4:34:CE:F2
ValiditySat, 17 May 2025 22:34:21 GMT - Fri, 15 Aug 2025 22:34:20 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=5a503d6f-e327-48bd-9c59-f002d3799a6c&eb=56a3745424804a23b12899170f9076de&te=9c9b2bc1fcb866fe34b4078d4dc2b749&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0&dev=e&res=14.3095&b_frame=0&pk=79cff3ffb119ee9289f2e7e5fe2c0498&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=7 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nativebookpdf.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 02 Jun 2025 07:10:04 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Host: unseenreport.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: e264b2fde99ad94ff7d0f6e221e6544d
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET cdn.show-sb.com/sb/notifications/sweep/default/windows-new/2/index.html

172.67.170.115

200 OK

1.2 kB

URL GET
cdn.show-sb.com/sb/notifications/sweep/default/windows-new/2/index.html
IP
172.67.170.115:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nativebookpdf.com/download/4940626-Breakthrough%20Advertising
Certificate
IssuerGoogle Trust Services
Subjectshow-sb.com
Fingerprint1D:98:CF:D5:11:E1:60:97:76:85:27:F9:55:AF:5E:13:60:3F:67:B7
ValidityMon, 14 Apr 2025 03:51:48 GMT - Sun, 13 Jul 2025 04:50:09 GMT

File type
HTML document, ASCII text
Size
1.2 kB (1249 bytes)
Hash
31bc6165edef156192bda3533537a57e
78db84e9591f1f31bff4f03314e4e4e0142b8395
880c411bd200472c3e6ce22f26c8123bc2147e34af6138e40c5eba1f6ab51e83

HTTP Headers

GET /sb/notifications/sweep/default/windows-new/2/index.html HTTP/1.1
Host: cdn.show-sb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nativebookpdf.com
DNT: 1
Connection: keep-alive
Referer: https://nativebookpdf.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Jun 2025 07:10:04 GMT
content-type: text/html
server: cloudflare
last-modified: Fri, 19 Jan 2024 14:20:58 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: accept-encoding
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-expose-headers: Date
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=2toZCg5EQwEGo38JbIYFppXgCfY%2B1KaCo6wgtwAvql2XslEolo%2BrdbzNnM8N%2BUE5zjFxqt8e3QMmInKLdAKEMGDjHXNRyscxFbf%2BzfQ%3D"}]}
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 949520fc4c6b5690-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET shotgunchancecruel.com/ren.gif?sid=H4sIAAAAAAAC_1RSz2skVRd9lczq-2DEQdwMI71woWA61V3VP8phHBzHSDAmcWYki1m9V-9V55lX9Wreq-rq9MZgYJiVtBtxI1ROJxMcB1FwOyAddwHBdpXFZOM_IAiDS-lOQ-td3HtPnVtw7rnv4UF-Tnzk9GzzI92XStHlRtWtvLElE64LW1m_V6m5Vfd6ZUsmTf96pTdJpvt2zfOr7puVD0S4o5frbs11a26tsiKNiHRvecpCpk-DWjVwq369Wmv46Jn_Yps7sNQB756TK5B8_NIf0X3IcIQk_uG2sDuZTt96P84VzbRBlx9_kuwkukgQz9vIOIiS49k0tB0T8vUCdHI82wC6ezjZAEyOycKrz8GS45lMsO7RhVKmIBIw_n8U3RGEGkHSEUK9D8l_I0DIsb6BJH68rk1Bdy9YOmHH5NKLvyCLMbn0_BUk8fe3lOxV7mqVZ1InFr2ohOyNIDsjpPkJsv4CZHGCMPsckv9Kll-sIYkPN6zSkPzsddrmLq1Rb4k3PH_JdxlfCto0XKoHgUtbQtAGFVOLZDSCEgNQu4jcOsilgzxykKcOYn5W8d22H9ao14wCHrZcn_o-F8wN2nXXpUHYQh5O9A-QpQOEaoDQ7CE1e9iRA5j8Z9jtEpYvwGZj4ny8hy4vUQiCwhIUlKCQBEVGUHTLI65s3ZaPubI5q81qfVa9cqizzgE90llHJATUDGB4eSjTB3YfYbY47EeWD_UkUZaVQ8p4eZCek5cn9jpfxEfYEWeVttv02u0G40HQrNUp95qCtdosaLphK2rVfVhZQtoFUOugL8fkxk_PkMoxee2ba2D0BFadIJRXQfNroEUJul2inzxhwmYPqjKJNLgukWaXkO06B-qcXJ2e9_7ldyDC05t_kmkgNCVSU-JT-QtBRz0a3tEFObyjC0t-3EgzGcs-nZz-bkYzsfjkQ7FbaMNXb9vBt--GE2LSPr0nbLZGEy6TjiXf3ZKcC7OiTSjIs1W7Jdhmbrdv5SbJ07XN91ZW49QIa6VORqByTP7HP0Mox-TK35enz9p7-BWkGcHkJeL8lMwCUp8gTPdg07l-qwmMms-w1EGRl0NTZ_OPShIoMceUlbD_wmzeDw2d_E1leWAfoWMc0GwfSVyia0p0VQmqBrD54jBLzenN371pgClnyJRxDpky6ssLm608qzTqzGu2200RNXnkca_u8aDhisCnQdMP_AYyO96-sb72TwAAAP__u9ZWcLgEAAA=

192.243.61.227

200 OK

0 B

URL GET
shotgunchancecruel.com/ren.gif?sid=H4sIAAAAAAAC_1RSz2skVRd9lczq-2DEQdwMI71woWA61V3VP8phHBzHSDAmcWYki1m9V-9V55lX9Wreq-rq9MZgYJiVtBtxI1ROJxMcB1FwOyAddwHBdpXFZOM_IAiDS-lOQ-td3HtPnVtw7rnv4UF-Tnzk9GzzI92XStHlRtWtvLElE64LW1m_V6m5Vfd6ZUsmTf96pTdJpvt2zfOr7puVD0S4o5frbs11a26tsiKNiHRvecpCpk-DWjVwq369Wmv46Jn_Yps7sNQB756TK5B8_NIf0X3IcIQk_uG2sDuZTt96P84VzbRBlx9_kuwkukgQz9vIOIiS49k0tB0T8vUCdHI82wC6ezjZAEyOycKrz8GS45lMsO7RhVKmIBIw_n8U3RGEGkHSEUK9D8l_I0DIsb6BJH68rk1Bdy9YOmHH5NKLvyCLMbn0_BUk8fe3lOxV7mqVZ1InFr2ohOyNIDsjpPkJsv4CZHGCMPsckv9Kll-sIYkPN6zSkPzsddrmLq1Rb4k3PH_JdxlfCto0XKoHgUtbQtAGFVOLZDSCEgNQu4jcOsilgzxykKcOYn5W8d22H9ao14wCHrZcn_o-F8wN2nXXpUHYQh5O9A-QpQOEaoDQ7CE1e9iRA5j8Z9jtEpYvwGZj4ny8hy4vUQiCwhIUlKCQBEVGUHTLI65s3ZaPubI5q81qfVa9cqizzgE90llHJATUDGB4eSjTB3YfYbY47EeWD_UkUZaVQ8p4eZCek5cn9jpfxEfYEWeVttv02u0G40HQrNUp95qCtdosaLphK2rVfVhZQtoFUOugL8fkxk_PkMoxee2ba2D0BFadIJRXQfNroEUJul2inzxhwmYPqjKJNLgukWaXkO06B-qcXJ2e9_7ldyDC05t_kmkgNCVSU-JT-QtBRz0a3tEFObyjC0t-3EgzGcs-nZz-bkYzsfjkQ7FbaMNXb9vBt--GE2LSPr0nbLZGEy6TjiXf3ZKcC7OiTSjIs1W7Jdhmbrdv5SbJ07XN91ZW49QIa6VORqByTP7HP0Mox-TK35enz9p7-BWkGcHkJeL8lMwCUp8gTPdg07l-qwmMms-w1EGRl0NTZ_OPShIoMceUlbD_wmzeDw2d_E1leWAfoWMc0GwfSVyia0p0VQmqBrD54jBLzenN371pgClnyJRxDpky6ssLm608qzTqzGu2200RNXnkca_u8aDhisCnQdMP_AYyO96-sb72TwAAAP__u9ZWcLgEAAA=
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://nativebookpdf.com/download/4940626-Breakthrough%20Advertising
Certificate
IssuerLet's Encrypt
Subjectshotgunchancecruel.com
Fingerprint57:F1:91:12:31:BB:80:19:FF:41:09:D0:8D:7B:40:3F:77:DF:B2:B3
ValiditySun, 20 Apr 2025 02:16:11 GMT - Sat, 19 Jul 2025 02:16:10 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC_1RSz2skVRd9lczq-2DEQdwMI71woWA61V3VP8phHBzHSDAmcWYki1m9V-9V55lX9Wreq-rq9MZgYJiVtBtxI1ROJxMcB1FwOyAddwHBdpXFZOM_IAiDS-lOQ-td3HtPnVtw7rnv4UF-Tnzk9GzzI92XStHlRtWtvLElE64LW1m_V6m5Vfd6ZUsmTf96pTdJpvt2zfOr7puVD0S4o5frbs11a26tsiKNiHRvecpCpk-DWjVwq369Wmv46Jn_Yps7sNQB756TK5B8_NIf0X3IcIQk_uG2sDuZTt96P84VzbRBlx9_kuwkukgQz9vIOIiS49k0tB0T8vUCdHI82wC6ezjZAEyOycKrz8GS45lMsO7RhVKmIBIw_n8U3RGEGkHSEUK9D8l_I0DIsb6BJH68rk1Bdy9YOmHH5NKLvyCLMbn0_BUk8fe3lOxV7mqVZ1InFr2ohOyNIDsjpPkJsv4CZHGCMPsckv9Kll-sIYkPN6zSkPzsddrmLq1Rb4k3PH_JdxlfCto0XKoHgUtbQtAGFVOLZDSCEgNQu4jcOsilgzxykKcOYn5W8d22H9ao14wCHrZcn_o-F8wN2nXXpUHYQh5O9A-QpQOEaoDQ7CE1e9iRA5j8Z9jtEpYvwGZj4ny8hy4vUQiCwhIUlKCQBEVGUHTLI65s3ZaPubI5q81qfVa9cqizzgE90llHJATUDGB4eSjTB3YfYbY47EeWD_UkUZaVQ8p4eZCek5cn9jpfxEfYEWeVttv02u0G40HQrNUp95qCtdosaLphK2rVfVhZQtoFUOugL8fkxk_PkMoxee2ba2D0BFadIJRXQfNroEUJul2inzxhwmYPqjKJNLgukWaXkO06B-qcXJ2e9_7ldyDC05t_kmkgNCVSU-JT-QtBRz0a3tEFObyjC0t-3EgzGcs-nZz-bkYzsfjkQ7FbaMNXb9vBt--GE2LSPr0nbLZGEy6TjiXf3ZKcC7OiTSjIs1W7Jdhmbrdv5SbJ07XN91ZW49QIa6VORqByTP7HP0Mox-TK35enz9p7-BWkGcHkJeL8lMwCUp8gTPdg07l-qwmMms-w1EGRl0NTZ_OPShIoMceUlbD_wmzeDw2d_E1leWAfoWMc0GwfSVyia0p0VQmqBrD54jBLzenN371pgClnyJRxDpky6ssLm608qzTqzGu2200RNXnkca_u8aDhisCnQdMP_AYyO96-sb72TwAAAP__u9ZWcLgEAAA= HTTP/1.1
Host: shotgunchancecruel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nativebookpdf.com/
Cookie: uid_id2=a8d0a1a3-d534-40bd-98ac-2990a7eea5ae:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl26111397=1; slec8063885bd99612ad36eb78b960c7f724=[5967422]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 02 Jun 2025 07:10:04 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: shotgunchancecruel.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 43a3299f7741d65b6d056d579fd5c427
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET cdnjs.cloudflare.com/ajax/libs/flag-icon-css/3.5.0/css/flag-icon.min.css

104.17.25.14

200 OK

34 kB

URL GET
cdnjs.cloudflare.com/ajax/libs/flag-icon-css/3.5.0/css/flag-icon.min.css
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nativebookpdf.com/download/4940626-Breakthrough%20Advertising
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint4B:06:E9:E2:47:47:F5:3C:33:58:F8:2A:95:70:22:5E:23:19:03:77
ValidityThu, 22 May 2025 14:38:44 GMT - Wed, 20 Aug 2025 15:38:38 GMT

File type
ASCII text, with very long lines (33960)
Size
34 kB (33961 bytes)
Hash
1c7783936db99706c52edb52174b0d86
f9dfb9d7cf68cb78a5e1619cfa3e3ef361879db0
d27e980d821ec562661f24cab514474d7be86a742b5e915fa6c7efd21e77aaf9

HTTP Headers

GET /ajax/libs/flag-icon-css/3.5.0/css/flag-icon.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nativebookpdf.com
DNT: 1
Connection: keep-alive
Referer: https://nativebookpdf.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Jun 2025 07:10:01 GMT
content-type: text/css; charset=utf-8
content-length: 1482
server: cloudflare
strict-transport-security: max-age=15780000
cf-ray: 949520eadc6ab529-OSL
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5ee0cbd8-84a9"
last-modified: Wed, 10 Jun 2020 12:02:32 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1002908
expires: Sat, 23 May 2026 07:10:01 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wLdX5O7LPFMSKMGq1oPgJ7eJ3xWWcpgcAIO5TaOCyiJ4WW26hr0CaOuUZ64MwfmP7D5NEWI%2BxXR6sc26ifcZcbYccuYRxtntU1gGREIE4h34s7JFWfklrGdnjDlagCk3cqFe6LlY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET wearychallengeraise.com/80/63/88/8063885bd99612ad36eb78b960c7f724.js

192.243.59.12

200 OK

65 kB

URL GET
wearychallengeraise.com/80/63/88/8063885bd99612ad36eb78b960c7f724.js
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://nativebookpdf.com/download/4940626-Breakthrough%20Advertising
Certificate
IssuerLet's Encrypt
Subjectwearychallengeraise.com
Fingerprint59:0D:D9:8E:52:01:C0:D1:1E:83:C9:8F:D9:E2:AA:FF:AF:B7:B8:51
ValiditySun, 20 Apr 2025 03:17:43 GMT - Sat, 19 Jul 2025 03:17:42 GMT

File type
JavaScript source, ASCII text, with very long lines (64931), with no line terminators
Size
65 kB (64931 bytes)
Hash
eede68af935f2876c8ac0666fb8e7f9a
2115d42cd16eb4c928ae9a1d17ecc0cb82b3dc0a
f2cadc0785edfaf1834068078242d3b52f66780115b47e17e41d41e17eb7fef7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /80/63/88/8063885bd99612ad36eb78b960c7f724.js HTTP/1.1
Host: wearychallengeraise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nativebookpdf.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 02 Jun 2025 07:10:02 GMT
Content-Type: application/javascript
Content-Length: 23631
Connection: keep-alive
Content-Encoding: gzip
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: wearychallengeraise.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: f736e1f32cdf65582b0cc7154b4465d7
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (36)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML