Report - go.bluelinknow.com/t/clk?id=rxHwLpLtYnu0M6hq&s1=647363191b0b60000171b100&s2=81c67238&s8=

Report Overview

Submitted URL
go.bluelinknow.com/t/clk?id=rxHwLpLtYnu0M6hq&s1=647363191b0b60000171b100&s2=81c67238&s8=
IP
52.3.35.175
ASN
#14618 AMAZON-AES
Submitted
2023-05-28 14:20:39
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
6

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
cdn.content-loads.com	unknown	2022-06-04	2022-06-05	2023-05-28	7.5 kB	723 kB	104.26.9.128
secureanalytic.com	13422	2019-05-02	2015-12-31	2023-05-28	447 B	3.7 kB	172.64.128.12
event.secureanalytic.com	30491	2019-05-02	2021-07-14	2023-05-28	529 B	1.6 kB	172.64.128.12
get-booksnow.com	unknown	2023-05-22	2023-05-22	2023-05-28	2.4 kB	70 kB	188.114.96.1
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2023-05-28	452 B	9.1 kB	142.250.74.106
ocsp.r2m01.amazontrust.com	unknown	2007-05-11	2022-10-12	2023-05-28	340 B	944 B	54.230.80.227
go.bluelinknow.com	unknown	2021-03-08	2021-07-12	2023-05-28	544 B	761 B	34.226.82.85

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-05-28	medium	get-booksnow.com/lead/prefill

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-05-28	medium	get-booksnow.com
2023-05-28	medium	get-booksnow.com

ThreatFox

No alerts detected

JavaScript (10)

	URL	Size	First Seen	Last Seen
	get-booksnow.com/nb_no/unlock-content-now?subid=b320c891-9a0f-48c3-a993-01abebb8790f&networkid=200347&publisher=81c67238&isNewTr=1&stream=	53 kB	2023-05-10	2023-06-03
Pretty URL get-booksnow.com/nb_no/unlock-content-now?subid=b320c891-9a0f-48c3-a993-01abebb8790f&networkid=200347&publisher=81c67238&isNewTr=1&stream= IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-10 08:46:20 Last Seen2023-06-03 23:44:36 Times Seen41 Hash ec74ac1f8b509a9c56dc7b5945a18313 37c19aa170b4ee2a47943de90faeb1d4cd01afbb 32e37ee0f3df81f4c52383971583bc0d7fe51975b86ac8dcf0db79d2b48737c2 Loading...

	secureanalytic.com/scripts/push/script/02eyoyxdkz?url=get-booksnow.com	7.4 kB	2023-05-23	2023-07-01
Pretty URL secureanalytic.com/scripts/push/script/02eyoyxdkz?url=get-booksnow.com IP 172.64.128.12 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-23 22:14:15 Last Seen2023-07-01 19:16:48 Times Seen106 Hash 7a2e21065e05ac8b55c236b9e55d0c7e 271d62306e25824e1fe2041f97fd802aa6090ebc 4fe8bb210e9722eac6b288b9e80adbc2f2f1a8e174ed498934846412db04446c Loading...

	cdn.content-loads.com/prod/landings/assets/common/common/dist/vendors.js	520 kB	2023-03-07	2023-09-16
Pretty URL cdn.content-loads.com/prod/landings/assets/common/common/dist/vendors.js IP 104.26.9.128 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:48:53 Last Seen2023-09-16 19:20:39 Times Seen498 Hash 6006858cfd4c396a31a8d95f1fa68b0a 7f29df7d9050fbf512a136e46a9d568cc2a42951 6e654ebb898c8c46e71a40bda430b69e4c2d402e4dd336d1bbea37a677ea9e4a Loading...

	cdn.content-loads.com/prod/landings/assets/layout28/layout28/js/scripts.js	213 B	2023-03-12	2024-03-24
Pretty URL cdn.content-loads.com/prod/landings/assets/layout28/layout28/js/scripts.js IP 104.26.9.128 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 15:31:43 Last Seen2024-03-24 01:00:26 Times Seen373 Hash d3f41fa37fd73a2d6994ed4cb74ab103 dc3a21ae0bbf1c7e9211ea659b0b49517ff0f9b9 24fb42315d0ae1815b03842655cb8c712a1237ebaa3e93b14997704e4bdca2e2 Loading...

	get-booksnow.com/nb_no/unlock-content-now?subid=b320c891-9a0f-48c3-a993-01abebb8790f&networkid=200347&publisher=81c67238&isNewTr=1&stream=	428 B	2023-05-28	2023-05-28
Pretty URL get-booksnow.com/nb_no/unlock-content-now?subid=b320c891-9a0f-48c3-a993-01abebb8790f&networkid=200347&publisher=81c67238&isNewTr=1&stream= IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-28 16:20:39 Last Seen2023-05-28 16:20:39 Times Seen1 Hash 1248092564f8eedfcfaacd5654cf7ae9 c90200b6d437d09eb04cdd1a58d46c2746454491 ca8f6801a45d51a73196c0b172532602d78f3dc601e1f8dc8c730984788358ac Loading...

	cdn.content-loads.com/prod/landings/assets/common/common/dist/bundle.js	48 kB	2023-05-25	2023-06-27
Pretty URL cdn.content-loads.com/prod/landings/assets/common/common/dist/bundle.js IP 104.26.9.128 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-25 19:31:48 Last Seen2023-06-27 20:40:33 Times Seen224 Hash 98a573651d8ed656278bde024edae5ed 7ab07f7e47391a544ba4e272e2f867f8fd23bdae 281dcbb9b8bacb9502b78fa3dc69b7e1282757b645d495a5ebc09ccf8e2611d0 Loading...

	get-booksnow.com/nb_no/unlock-content-now?subid=b320c891-9a0f-48c3-a993-01abebb8790f&networkid=200347&publisher=81c67238&isNewTr=1&stream=	1.4 kB	2023-03-07	2023-12-17
Pretty URL get-booksnow.com/nb_no/unlock-content-now?subid=b320c891-9a0f-48c3-a993-01abebb8790f&networkid=200347&publisher=81c67238&isNewTr=1&stream= IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 13:48:53 Last Seen2023-12-17 22:27:55 Times Seen79 Hash 0d9a760d7532ca55229bfcb64f0566cc 275bc94c02e1acbb2a82e1af8eaf1ad7c8f21d0a cf3db841d61c6bfd3c1d0cbd53a42103fa952d85e2d81abbc5e1aded76fa9442 Loading...

	get-booksnow.com/nb_no/unlock-content-now?subid=b320c891-9a0f-48c3-a993-01abebb8790f&networkid=200347&publisher=81c67238&isNewTr=1&stream=	542 B	2023-03-07	2024-03-24
Pretty URL get-booksnow.com/nb_no/unlock-content-now?subid=b320c891-9a0f-48c3-a993-01abebb8790f&networkid=200347&publisher=81c67238&isNewTr=1&stream= IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 13:48:53 Last Seen2024-03-24 01:00:26 Times Seen529 Hash 2878eea34ecd1bcff175ecd73f4c0eea 2e69be47859c2496f178950cd25f668b41e18167 14630d12211d09130f90b452aaa27d07ea6dbe73584e8529cdff9a3f40495a93 Loading...

	get-booksnow.com/nb_no/unlock-content-now?subid=b320c891-9a0f-48c3-a993-01abebb8790f&networkid=200347&publisher=81c67238&isNewTr=1&stream=	246 B	2023-03-07	2024-03-24
Pretty URL get-booksnow.com/nb_no/unlock-content-now?subid=b320c891-9a0f-48c3-a993-01abebb8790f&networkid=200347&publisher=81c67238&isNewTr=1&stream= IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 13:48:53 Last Seen2024-03-24 01:00:26 Times Seen528 Hash 6211245c2e190e164fbc2beab42fde6b 073ee461a80c355706c32609b3ae45e8f2571453 3059d689779a9543212f00bb46608e519d2c6a2d049521207f0c0bc43627a848 Loading...

	get-booksnow.com/nb_no/unlock-content-now?subid=b320c891-9a0f-48c3-a993-01abebb8790f&networkid=200347&publisher=81c67238&isNewTr=1&stream=	303 B	2023-05-13	2023-06-03
Pretty URL get-booksnow.com/nb_no/unlock-content-now?subid=b320c891-9a0f-48c3-a993-01abebb8790f&networkid=200347&publisher=81c67238&isNewTr=1&stream= IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-13 12:33:17 Last Seen2023-06-03 23:09:05 Times Seen5 Hash 49fe334782cf17e61cc56ae2ed880f5b b44a063f3938de89951d2f63db88745fb1efae40 66afb47eaa1daaf704ff084658d22e56b9cdbf04ea6a7233c4c2a000905af037 Loading...

HTTP Transactions (22)

URL IP Response Size

ocsp.r2m01.amazontrust.com/

54.230.80.227

471 B

URL
ocsp.r2m01.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
e278f7b921f91f5b8ba323949cec1a75
580ee3a1a0b9dbf7325eef840ab0c89e364a7032
a46bfb0fd2fa124ae4b76136b64fe9713ca2969fc25ba0635cc2c244f44a735e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=7200'
Date: Sun, 28 May 2023 14:20:21 GMT
Last-Modified: Sun, 28 May 2023 14:03:14 GMT
Server: ECAcc (nya/7968)
X-Cache: Miss from cloudfront
Via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: jHzyYD99IVg3NELeD9msS41OmNhmyvo6GSADKk8YIfLh1oHhoXTH-Q==
Age: 1027

go.bluelinknow.com/t/clk?id=rxHwLpLtYnu0M6hq&s1=647363191b0b60000171b100&s2=81c67238&s8=

34.226.82.85

302 Found

0 B

URL User Request GET HTTP/2
go.bluelinknow.com/t/clk?id=rxHwLpLtYnu0M6hq&s1=647363191b0b60000171b100&s2=81c67238&s8=
IP
34.226.82.85:443
ASN
#14618 AMAZON-AES

Certificate
IssuerAmazon
Subject*.redlinknow.com
Fingerprint5F:68:F5:F1:60:F9:C1:7A:F3:D9:54:6E:6D:40:2C:38:13:45:2B:24
ValidityThu, 23 Feb 2023 00:00:00 GMT - Wed, 14 Feb 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /t/clk?id=rxHwLpLtYnu0M6hq&s1=647363191b0b60000171b100&s2=81c67238&s8= HTTP/1.1
Host: go.bluelinknow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Sun, 28 May 2023 14:20:21 GMT
content-type: text/html; charset=utf-8
content-length: 0
location: https://get-booksnow.com/nb_no/unlock-content-now?subid=b320c891-9a0f-48c3-a993-01abebb8790f&networkid=200347&publisher=81c67238&isNewTr=1&stream=
server: nginx/1.14.2
cache-control: no-transform
x-frame-options: SAMEORIGIN
vary: Cookie, Origin
set-cookie: uip="[\"UeH0oOccJy\"\054 {\"KbRV\": \"lPPBjQQ\"}]:1q3HFt:TSg6yfDDJR2yu3PJiW2Kjo1uRvw"; expires=Tue, 27 Jun 2023 14:20:21 GMT; Max-Age=2592000; Path=/
ydt_a31a0322edef4efaa328c3e667d70925="[\"b320c891-9a0f-48c3-a993-01abebb8790f\"]:1q3HFt:pUgk1WqmJ8UHhFVlekX1MEg4gAY"; expires=Tue, 27 Jun 2023 16:20:21 GMT; Max-Age=2599200; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2

cdn.content-loads.com/prod/landings/nb_no/unlock-content-now/images/e94acaa4a4639e77543b9035a1bb9771.png

104.26.9.128

200 OK

1.5 kB

URL GET HTTP/2
cdn.content-loads.com/prod/landings/nb_no/unlock-content-now/images/e94acaa4a4639e77543b9035a1bb9771.png
IP
104.26.9.128:443
ASN
#13335 CLOUDFLARENET

Requested by
https://get-booksnow.com/nb_no/unlock-content-now?subid=b320c891-9a0f-48c3-a993-01abebb8790f&networkid=200347&publisher=81c67238&isNewTr=1&stream=
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint46:D1:50:92:C0:52:B8:1F:56:0C:99:FD:C1:D2:52:6C:44:AC:E4:5D
ValidityFri, 27 Jan 2023 00:00:00 GMT - Fri, 26 Jan 2024 23:59:59 GMT

File type
PNG image data, 111 x 75, 8-bit colormap, non-interlaced\012- data
Size
1.5 kB (1538 bytes)
Hash
e94acaa4a4639e77543b9035a1bb9771
03a7c168585cf5ff29784d4c042041a78fa39ea1
244d6c76eb4b51de3683b616dfc37e268c988366e7acd9fadd8aa18305ffd88a

HTTP Headers

GET /prod/landings/nb_no/unlock-content-now/images/e94acaa4a4639e77543b9035a1bb9771.png HTTP/1.1
Host: cdn.content-loads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://get-booksnow.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 28 May 2023 14:20:21 GMT
content-type: image/png
content-length: 1538
last-modified: Wed, 26 Oct 2022 14:16:18 GMT
etag: "63594132-602"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 3586
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f7B9FPX2C2N6vp5DJkdIu0EntEY9TrdXz8yVqbwz1cNG6aIJ1wa%2F0E3UqSe4gC90%2Fs39FbxMTtYOdmHsRxOhh6UTc5ONxTlffK9sQYWq%2BR2wETT0bQkUK%2BAT4a1NKgYH8F88gvxYOw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce7234bcac0b518-OSL
X-Firefox-Spdy: h2

cdn.content-loads.com/prod/landings/assets/layout28/layout28/images/common/card-success-img.png

104.26.9.128

200 OK

5.5 kB

URL GET HTTP/2
cdn.content-loads.com/prod/landings/assets/layout28/layout28/images/common/card-success-img.png
IP
104.26.9.128:443
ASN
#13335 CLOUDFLARENET

Requested by
https://get-booksnow.com/nb_no/unlock-content-now?subid=b320c891-9a0f-48c3-a993-01abebb8790f&networkid=200347&publisher=81c67238&isNewTr=1&stream=
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint46:D1:50:92:C0:52:B8:1F:56:0C:99:FD:C1:D2:52:6C:44:AC:E4:5D
ValidityFri, 27 Jan 2023 00:00:00 GMT - Fri, 26 Jan 2024 23:59:59 GMT

File type
PNG image data, 225 x 155, 8-bit/color RGBA, non-interlaced\012- data
Size
5.5 kB (5532 bytes)
Hash
d4e9852797d8344d7cf548f0e995b3f9
24d735802263b5a4e213808f063768c2cab64526
df5b88dcdde24064831192cf91da1261929edd43ccd2109c9f48a657b6347dca

HTTP Headers

GET /prod/landings/assets/layout28/layout28/images/common/card-success-img.png HTTP/1.1
Host: cdn.content-loads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://get-booksnow.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 28 May 2023 14:20:21 GMT
content-type: image/png
content-length: 5532
last-modified: Mon, 15 May 2023 11:28:25 GMT
etag: "64621759-159c"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 6405
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vr%2Bw%2B2hi0kM5FUIfHUaFfBdrePO0jGySZ6K2IzU7l6dqcFkygpVTy7knYdAllOnR8FrmgZdkmli0QL%2BzEJ5cMLMJXrwDjV4t%2BUNndl340vCPf8dLSN9P00pnpeJCtXANujZknvyIow%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce7234bcac1b518-OSL
X-Firefox-Spdy: h2

cdn.content-loads.com/prod/landings/nb_no/unlock-content-now/images/f4a32eb2e5f203dab4882f7b7581b06e.png

104.26.9.128

200 OK

9.2 kB

URL GET HTTP/2
cdn.content-loads.com/prod/landings/nb_no/unlock-content-now/images/f4a32eb2e5f203dab4882f7b7581b06e.png
IP
104.26.9.128:443
ASN
#13335 CLOUDFLARENET

Requested by
https://get-booksnow.com/nb_no/unlock-content-now?subid=b320c891-9a0f-48c3-a993-01abebb8790f&networkid=200347&publisher=81c67238&isNewTr=1&stream=
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint46:D1:50:92:C0:52:B8:1F:56:0C:99:FD:C1:D2:52:6C:44:AC:E4:5D
ValidityFri, 27 Jan 2023 00:00:00 GMT - Fri, 26 Jan 2024 23:59:59 GMT

File type
PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Size
9.2 kB (9232 bytes)
Hash
f4a32eb2e5f203dab4882f7b7581b06e
8d51933205a3ed27c2c6bd0182142d6f8432d929
83ec91fc25549922aa0f873a3dc6a3e71f83d8b8cd75fb018475762be29a894e

HTTP Headers

GET /prod/landings/nb_no/unlock-content-now/images/f4a32eb2e5f203dab4882f7b7581b06e.png HTTP/1.1
Host: cdn.content-loads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://get-booksnow.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 28 May 2023 14:20:21 GMT
content-type: image/png
content-length: 9232
last-modified: Wed, 26 Oct 2022 14:16:18 GMT
etag: "63594132-2410"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 3586
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bc6BKdg9DUNAcuolWjQ%2FIEHEXgzTWKpnE0%2FCaN2Wc4X6P18P1SVUP6wtJD%2B8o2rKnL6Rx5g4h4H3OeEOhFY8EtpmS%2BsZFlH4ubPcDjUZ%2FOFLrbrLz6uyZCteKytJ7kSOWIlDAuezXA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce7234bcabfb518-OSL
X-Firefox-Spdy: h2

cdn.content-loads.com/prod/landings/assets/layout28/layout28/images/common/card-declined-img.png

104.26.9.128

200 OK

5.6 kB

URL GET HTTP/2
cdn.content-loads.com/prod/landings/assets/layout28/layout28/images/common/card-declined-img.png
IP
104.26.9.128:443
ASN
#13335 CLOUDFLARENET

Requested by
https://get-booksnow.com/nb_no/unlock-content-now?subid=b320c891-9a0f-48c3-a993-01abebb8790f&networkid=200347&publisher=81c67238&isNewTr=1&stream=
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint46:D1:50:92:C0:52:B8:1F:56:0C:99:FD:C1:D2:52:6C:44:AC:E4:5D
ValidityFri, 27 Jan 2023 00:00:00 GMT - Fri, 26 Jan 2024 23:59:59 GMT

File type
PNG image data, 225 x 155, 8-bit/color RGBA, non-interlaced\012- data
Size
5.6 kB (5580 bytes)
Hash
78b2d1575168ed90d031a3dca86563ca
b1b24b07ae83ec93b2e0f224973053abaa8c7acc
a8b45a0089c9ee6f6e4afd93b2468f0e2b6e970d02745747ebc93440e6baacc1

HTTP Headers

GET /prod/landings/assets/layout28/layout28/images/common/card-declined-img.png HTTP/1.1
Host: cdn.content-loads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://get-booksnow.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 28 May 2023 14:20:21 GMT
content-type: image/png
content-length: 5580
last-modified: Mon, 15 May 2023 11:28:25 GMT
etag: "64621759-15cc"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 6405
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NGbbxOPLxAlqm7pSUpDlBep%2FAEF%2BR2OAL3pSSGS%2B6t2xNLqmL1Le10%2F8ZDBee8UftPvsORI2eCtL1eNP4k6ZbGuwHn3fGvt4G38p5GJuKPzJw2RqOCZnzjI%2BYO6%2BJHBhfcMk2OBvrg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce7234bcac3b518-OSL
X-Firefox-Spdy: h2

cdn.content-loads.com/prod/landings/assets/layout28/layout28/images/common/email-existed-img.png

104.26.9.128

200 OK

6.0 kB

URL GET HTTP/2
cdn.content-loads.com/prod/landings/assets/layout28/layout28/images/common/email-existed-img.png
IP
104.26.9.128:443
ASN
#13335 CLOUDFLARENET

Requested by
https://get-booksnow.com/nb_no/unlock-content-now?subid=b320c891-9a0f-48c3-a993-01abebb8790f&networkid=200347&publisher=81c67238&isNewTr=1&stream=
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint46:D1:50:92:C0:52:B8:1F:56:0C:99:FD:C1:D2:52:6C:44:AC:E4:5D
ValidityFri, 27 Jan 2023 00:00:00 GMT - Fri, 26 Jan 2024 23:59:59 GMT

File type
PNG image data, 225 x 155, 8-bit/color RGBA, non-interlaced\012- data
Size
6.0 kB (6014 bytes)
Hash
51655898e6c2520a08a65e0eef729ea5
d05f1470dca9a5ef27bfa1f78db4b8ec569d9047
8f1ad81b346d3ee6d36229c7542e9bbd051e58de0c434b7f97cd01bddcd9d678

HTTP Headers

GET /prod/landings/assets/layout28/layout28/images/common/email-existed-img.png HTTP/1.1
Host: cdn.content-loads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://get-booksnow.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 28 May 2023 14:20:21 GMT
content-type: image/png
content-length: 6014
last-modified: Mon, 15 May 2023 11:28:25 GMT
etag: "64621759-177e"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 6405
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x73653Lr4Scf6FYgIVkDpHbb%2FASFYb1XJqcqokl8o4Ri4gyMHwCkTMz2ZsPjENP9zln2rTIqMv9QHIssWSaXO7HgFSEAD7Ph%2B%2BcEGMXcJEV3Ty6L0HRgDDdSi9g1SCoxJKFml7srXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce7234bdac8b518-OSL
X-Firefox-Spdy: h2

cdn.content-loads.com/prod/landings/assets/layout28/layout28/styles/brands/unlimited-soft.css

104.26.9.128

200 OK

2.7 kB

URL GET HTTP/2
cdn.content-loads.com/prod/landings/assets/layout28/layout28/styles/brands/unlimited-soft.css
IP
104.26.9.128:443
ASN
#13335 CLOUDFLARENET

Requested by
https://get-booksnow.com/nb_no/unlock-content-now?subid=b320c891-9a0f-48c3-a993-01abebb8790f&networkid=200347&publisher=81c67238&isNewTr=1&stream=
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint46:D1:50:92:C0:52:B8:1F:56:0C:99:FD:C1:D2:52:6C:44:AC:E4:5D
ValidityFri, 27 Jan 2023 00:00:00 GMT - Fri, 26 Jan 2024 23:59:59 GMT

File type
ASCII text, with very long lines (10341), with no line terminators
Size
2.7 kB (2688 bytes)
Hash
14f4c0a782ff9168b6227eae3dc84a7c
99e95a13d6e88454aad7220e40624d4e03a76d4b
1eaee480993414a7e5efd302d2ba98922b0d8e7372c8484dcfa7b25094290fe9

HTTP Headers

GET /prod/landings/assets/layout28/layout28/styles/brands/unlimited-soft.css HTTP/1.1
Host: cdn.content-loads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://get-booksnow.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 28 May 2023 14:20:21 GMT
content-type: text/css
access-control-allow-origin: *
cf-bgj: minify
cf-polished: origSize=12876
etag: W/"64621759-324c"
last-modified: Mon, 15 May 2023 11:28:25 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 6406
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sE8Gp8fGlRNJcSjf5AXO351NhKLMEI%2FsnkeLRwX76Jg4gxtFibA7a%2FsdgSW6IcXSOHB2mvJvbFCIRMLVO2YpA8B939lF5%2BJF17AGHz8rpbCrtZc0j%2FHall1zq42Lok3Vr6V59k2ytQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce7234bdaceb518-OSL
content-encoding: br
X-Firefox-Spdy: h2

cdn.content-loads.com/prod/landings/assets/layout28/layout28/styles/layout/layout.css

104.26.9.128

200 OK

4.3 kB

URL GET HTTP/2
cdn.content-loads.com/prod/landings/assets/layout28/layout28/styles/layout/layout.css
IP
104.26.9.128:443
ASN
#13335 CLOUDFLARENET

Requested by
https://get-booksnow.com/nb_no/unlock-content-now?subid=b320c891-9a0f-48c3-a993-01abebb8790f&networkid=200347&publisher=81c67238&isNewTr=1&stream=
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint46:D1:50:92:C0:52:B8:1F:56:0C:99:FD:C1:D2:52:6C:44:AC:E4:5D
ValidityFri, 27 Jan 2023 00:00:00 GMT - Fri, 26 Jan 2024 23:59:59 GMT

File type
ASCII text, with very long lines (17127), with no line terminators
Size
4.3 kB (4323 bytes)
Hash
6932a277e3f07190fc62f6ac753ff531
b873571caca4fab4446fb33cd8ecde960e2d8d4e
4fc50938e4bef1d68564cc70be5cbdcf83999fe2b6a53a7e7d10c1f287702212

HTTP Headers

GET /prod/landings/assets/layout28/layout28/styles/layout/layout.css HTTP/1.1
Host: cdn.content-loads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://get-booksnow.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 28 May 2023 14:20:21 GMT
content-type: text/css
access-control-allow-origin: *
cf-bgj: minify
cf-polished: origSize=22385
etag: W/"64621759-5771"
last-modified: Mon, 15 May 2023 11:28:25 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 6406
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UMeo1JLyGb0Wbj8lobE%2F42fkylgzJyJhsRMHOX4lEgsCexcgi8LJzwPKbWcWb89sfI6i3BPqFy24MdjIm5RsnBp%2BgPpQtTNefS5I2a2Ta3pdG%2BTtEeoTP916lUEabejI6qyF%2FiT6Iw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce7234bdacbb518-OSL
content-encoding: br
X-Firefox-Spdy: h2

cdn.content-loads.com/prod/landings/assets/layout28/layout28/fonts/poppins/poppins-600.woff2

104.26.9.128

200 OK

8.0 kB

URL GET HTTP/2
cdn.content-loads.com/prod/landings/assets/layout28/layout28/fonts/poppins/poppins-600.woff2
IP
104.26.9.128:443
ASN
#13335 CLOUDFLARENET

Requested by
https://get-booksnow.com/nb_no/unlock-content-now?subid=b320c891-9a0f-48c3-a993-01abebb8790f&networkid=200347&publisher=81c67238&isNewTr=1&stream=
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint46:D1:50:92:C0:52:B8:1F:56:0C:99:FD:C1:D2:52:6C:44:AC:E4:5D
ValidityFri, 27 Jan 2023 00:00:00 GMT - Fri, 26 Jan 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7988, version 1.0\012- data
Size
8.0 kB (7988 bytes)
Hash
087457026965f98466618a478c4b1b07
00b024ccb35e3694de662d180d6ea7f56de6d654
b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b

HTTP Headers

GET /prod/landings/assets/layout28/layout28/fonts/poppins/poppins-600.woff2 HTTP/1.1
Host: cdn.content-loads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://get-booksnow.com
DNT: 1
Connection: keep-alive
Referer: https://cdn.content-loads.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 28 May 2023 14:20:22 GMT
content-type: application/octet-stream
content-length: 7988
last-modified: Mon, 15 May 2023 11:28:25 GMT
etag: "64621759-1f34"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 6406
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1AnNs%2BMqOBQPfS%2BMNOT3MYb%2FXQbRvohnB5Ox0ggRTwrInq0sbwjNBomhgDfopYgb4ulaqHD8AovD9077c3SiYR6cxGsBbSDK9xIiZNdv97HpTV1bcFx56IghJCo0AqtkoLyX%2FBPuqA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce7234f0fbfb518-OSL
X-Firefox-Spdy: h2

cdn.content-loads.com/prod/landings/assets/layout28/layout28/fonts/poppins/poppins-regular.woff2

104.26.9.128

200 OK

7.9 kB

URL GET HTTP/2
cdn.content-loads.com/prod/landings/assets/layout28/layout28/fonts/poppins/poppins-regular.woff2
IP
104.26.9.128:443
ASN
#13335 CLOUDFLARENET

Requested by
https://get-booksnow.com/nb_no/unlock-content-now?subid=b320c891-9a0f-48c3-a993-01abebb8790f&networkid=200347&publisher=81c67238&isNewTr=1&stream=
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint46:D1:50:92:C0:52:B8:1F:56:0C:99:FD:C1:D2:52:6C:44:AC:E4:5D
ValidityFri, 27 Jan 2023 00:00:00 GMT - Fri, 26 Jan 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7900, version 1.0\012- data
Size
7.9 kB (7900 bytes)
Hash
9ed361bba8488aeb2797b82befda20f1
6f80d965a066aff81c0a344d4b7297bd009cc099
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c

HTTP Headers

GET /prod/landings/assets/layout28/layout28/fonts/poppins/poppins-regular.woff2 HTTP/1.1
Host: cdn.content-loads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://get-booksnow.com
DNT: 1
Connection: keep-alive
Referer: https://cdn.content-loads.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 28 May 2023 14:20:22 GMT
content-type: application/octet-stream
content-length: 7900
last-modified: Mon, 15 May 2023 11:28:25 GMT
etag: "64621759-1edc"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 6406
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2rlLtrddnX2YCB3N%2FIS4usyb7UdK37NR8i2S3KrpuLO2Nhp7DTobhI6jq2GexvE13elk5Y2LFolZkWrSpstbcIX66Kp3AIfxX%2Bb9UInytI2IgDPCcV52hNSXPMe6kczUzw5dgh8ucw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce7234f0fc7b518-OSL
X-Firefox-Spdy: h2

cdn.content-loads.com/prod/landings/nb_no/unlock-content-now/images/f4a32eb2e5f203dab4882f7b7581b06e.png

104.26.9.128

200 OK

9.2 kB

URL GET HTTP/2
cdn.content-loads.com/prod/landings/nb_no/unlock-content-now/images/f4a32eb2e5f203dab4882f7b7581b06e.png
IP
104.26.9.128:443
ASN
#13335 CLOUDFLARENET

Requested by
https://get-booksnow.com/nb_no/unlock-content-now?subid=b320c891-9a0f-48c3-a993-01abebb8790f&networkid=200347&publisher=81c67238&isNewTr=1&stream=
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint46:D1:50:92:C0:52:B8:1F:56:0C:99:FD:C1:D2:52:6C:44:AC:E4:5D
ValidityFri, 27 Jan 2023 00:00:00 GMT - Fri, 26 Jan 2024 23:59:59 GMT

File type
PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Size
9.2 kB (9232 bytes)
Hash
f4a32eb2e5f203dab4882f7b7581b06e
8d51933205a3ed27c2c6bd0182142d6f8432d929
83ec91fc25549922aa0f873a3dc6a3e71f83d8b8cd75fb018475762be29a894e

HTTP Headers

GET /prod/landings/nb_no/unlock-content-now/images/f4a32eb2e5f203dab4882f7b7581b06e.png HTTP/1.1
Host: cdn.content-loads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://get-booksnow.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 28 May 2023 14:20:22 GMT
content-type: image/png
content-length: 9232
last-modified: Wed, 26 Oct 2022 14:16:18 GMT
etag: "63594132-2410"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 3587
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JfN5Jv1fBawb22Nf43DwJmKCK7hxGmotGcgZ18AHhixRkwE9nnfuAswKwLz1%2FP1CHmZGK8MIduSaAtr%2BxJaVWU0QK2ZzWQen2OC7Za7dosm9KIkNGrSgQp15B0bIEWbZaDKL%2FQ1H%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce72350da79b518-OSL
X-Firefox-Spdy: h2

cdn.content-loads.com/prod/landings/nb_no/unlock-content-now/images/f4a32eb2e5f203dab4882f7b7581b06e.png

104.26.9.128

200 OK

9.2 kB

URL GET HTTP/2
cdn.content-loads.com/prod/landings/nb_no/unlock-content-now/images/f4a32eb2e5f203dab4882f7b7581b06e.png
IP
104.26.9.128:443
ASN
#13335 CLOUDFLARENET

Requested by
https://get-booksnow.com/nb_no/unlock-content-now?subid=b320c891-9a0f-48c3-a993-01abebb8790f&networkid=200347&publisher=81c67238&isNewTr=1&stream=
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint46:D1:50:92:C0:52:B8:1F:56:0C:99:FD:C1:D2:52:6C:44:AC:E4:5D
ValidityFri, 27 Jan 2023 00:00:00 GMT - Fri, 26 Jan 2024 23:59:59 GMT

File type
PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Size
9.2 kB (9232 bytes)
Hash
f4a32eb2e5f203dab4882f7b7581b06e
8d51933205a3ed27c2c6bd0182142d6f8432d929
83ec91fc25549922aa0f873a3dc6a3e71f83d8b8cd75fb018475762be29a894e

HTTP Headers

GET /prod/landings/nb_no/unlock-content-now/images/f4a32eb2e5f203dab4882f7b7581b06e.png HTTP/1.1
Host: cdn.content-loads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://get-booksnow.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 28 May 2023 14:20:22 GMT
content-type: image/png
content-length: 9232
last-modified: Wed, 26 Oct 2022 14:16:18 GMT
etag: "63594132-2410"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 3587
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QzOrOjox69dZd2FI%2BxKbzma0d1AMW4Ad%2FwUp0WivVlXwUojfh7fkqitS9vZWbvZCsbFppQ6SwxEdr5dZATORFqUA5h0l%2FdtQhbrMO4TV%2B8GISILhDxPt7Gplxhpt%2F2%2FhcNLE%2BE8NSw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce72350da7fb518-OSL
X-Firefox-Spdy: h2

secureanalytic.com/scripts/push/script/02eyoyxdkz?url=get-booksnow.com

172.64.128.12

200 OK

2.3 kB

URL GET HTTP/2
secureanalytic.com/scripts/push/script/02eyoyxdkz?url=get-booksnow.com
IP
172.64.128.12:443
ASN
#13335 CLOUDFLARENET

Requested by
https://get-booksnow.com/nb_no/unlock-content-now?subid=b320c891-9a0f-48c3-a993-01abebb8790f&networkid=200347&publisher=81c67238&isNewTr=1&stream=
Certificate
IssuerLet's Encrypt
Subject*.secureanalytic.com
FingerprintB7:04:3F:D4:BC:B4:6B:22:D9:A1:F2:0F:CB:58:26:1F:FB:99:71:E8
ValidityMon, 10 Apr 2023 04:24:52 GMT - Sun, 09 Jul 2023 04:24:51 GMT

File type
ASCII text, with very long lines (7353)
Size
2.3 kB (2325 bytes)
Hash
7a2e21065e05ac8b55c236b9e55d0c7e
271d62306e25824e1fe2041f97fd802aa6090ebc
4fe8bb210e9722eac6b288b9e80adbc2f2f1a8e174ed498934846412db04446c

HTTP Headers

GET /scripts/push/script/02eyoyxdkz?url=get-booksnow.com HTTP/1.1
Host: secureanalytic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://get-booksnow.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 28 May 2023 14:20:22 GMT
content-type: application/javascript;charset=UTF-8
expires: 0
cache-control: max-age=14400, must-revalidate
x-xss-protection: 1; mode=block
pragma: no-cache
x-frame-options: DENY
referrer-policy: strict-origin-when-cross-origin
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-content-type-options: nosniff
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self'; payment 'none'
cf-cache-status: HIT
age: 7026
last-modified: Sun, 28 May 2023 12:23:16 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G6n5oA2u2o6sxDHSOZa2iO3UrSj%2FItwFN%2FzCIAFwW6NooF6ll1KA3Tvl%2B9aJdD1CoumLCJSNsHzJXrPfMU1MysTt3boLl78R9K4eiSjsugOwALiVTzJKm04XYlapQ6mzq2%2BDmgc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ce7234f9c6cd16c-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

event.secureanalytic.com/register/event_log/w6g0q907e9

172.64.128.12

200 OK

0 B

URL POST HTTP/2
event.secureanalytic.com/register/event_log/w6g0q907e9
IP
172.64.128.12:443
ASN
#13335 CLOUDFLARENET

Requested by
https://get-booksnow.com/nb_no/unlock-content-now?subid=b320c891-9a0f-48c3-a993-01abebb8790f&networkid=200347&publisher=81c67238&isNewTr=1&stream=
Certificate
IssuerLet's Encrypt
Subject*.secureanalytic.com
FingerprintB7:04:3F:D4:BC:B4:6B:22:D9:A1:F2:0F:CB:58:26:1F:FB:99:71:E8
ValidityMon, 10 Apr 2023 04:24:52 GMT - Sun, 09 Jul 2023 04:24:51 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /register/event_log/w6g0q907e9 HTTP/1.1
Host: event.secureanalytic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://get-booksnow.com/
Content-type: application/json
Content-Length: 103
Origin: https://get-booksnow.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 28 May 2023 14:20:22 GMT
content-length: 0
expires: 0
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
x-pushplatformapp-params: 
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
x-pushplatformapp-alert: pushPlatformApp.pushSubscription.deleted
x-frame-options: DENY
access-control-expose-headers: Authorization, Link, X-Total-Count
access-control-allow-origin: https://get-booksnow.com
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-credentials: true
x-content-type-options: nosniff
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self'; payment 'none'
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dJnZjYKxrWrTCZ55oZV4be8qwCD9CpI15RFuq8bXsy2cJLZnhPjJIsABi2%2B%2F4KrwT7SQYLFzVRlAQmeOabr68A3loypG%2BcwAmWAGXF36%2FcZbA1BYbP%2FG3zGEqSwXyOxhhxYT1i%2BIVrtVYPg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ce72351689f24e6-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.content-loads.com/prod/landings/assets/layout28/layout28/styles/main/styles.css

104.26.9.128

200 OK

75 kB

URL GET HTTP/2
cdn.content-loads.com/prod/landings/assets/layout28/layout28/styles/main/styles.css
IP
104.26.9.128:443
ASN
#13335 CLOUDFLARENET

Requested by
https://get-booksnow.com/nb_no/unlock-content-now?subid=b320c891-9a0f-48c3-a993-01abebb8790f&networkid=200347&publisher=81c67238&isNewTr=1&stream=
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint46:D1:50:92:C0:52:B8:1F:56:0C:99:FD:C1:D2:52:6C:44:AC:E4:5D
ValidityFri, 27 Jan 2023 00:00:00 GMT - Fri, 26 Jan 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65328)
Size
75 kB (74798 bytes)
Hash
baddaf70bd6882c3686cc7a56c39d9fa
1f59bcf33a3a1a1b261aae82df88df442519b27d
e3e16c2155413ea674b0dc5c15ff92ef57aba3abfa0ea34673e7cf4c33d12647

HTTP Headers

GET /prod/landings/assets/layout28/layout28/styles/main/styles.css HTTP/1.1
Host: cdn.content-loads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://get-booksnow.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 28 May 2023 14:20:21 GMT
content-type: text/css
access-control-allow-origin: *
cf-bgj: minify
cf-polished: origSize=96829
etag: W/"64621759-17a3d"
last-modified: Mon, 15 May 2023 11:28:25 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 6406
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rjNDZ5ERP7sun2R%2FnIjFs45oIqejZcxUiYDFzG3Kgv%2FnhmfdmDNTWmTjN25n8cSw0Z4j8gBUlfEJQ7x6XnioLtt%2B17CvVSCrzWPGLhLec5Sp5zaLYPrUwt9%2FtvuBgSvI3IqPSNHTDw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce7234bcabeb518-OSL
content-encoding: br
X-Firefox-Spdy: h2

cdn.content-loads.com/prod/landings/assets/common/common/dist/vendors.js

104.26.9.128

200 OK

520 kB

URL GET HTTP/2
cdn.content-loads.com/prod/landings/assets/common/common/dist/vendors.js
IP
104.26.9.128:443
ASN
#13335 CLOUDFLARENET

Requested by
https://get-booksnow.com/nb_no/unlock-content-now?subid=b320c891-9a0f-48c3-a993-01abebb8790f&networkid=200347&publisher=81c67238&isNewTr=1&stream=
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint46:D1:50:92:C0:52:B8:1F:56:0C:99:FD:C1:D2:52:6C:44:AC:E4:5D
ValidityFri, 27 Jan 2023 00:00:00 GMT - Fri, 26 Jan 2024 23:59:59 GMT

File type

Size
520 kB (519854 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /prod/landings/assets/common/common/dist/vendors.js HTTP/1.1
Host: cdn.content-loads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://get-booksnow.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 28 May 2023 14:20:21 GMT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cf-polished: origSize=519858
etag: W/"6470c5c6-7eeb2"
last-modified: Fri, 26 May 2023 14:44:22 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 3877
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AvYgU6JfNaILCGnYRPDCtryQU7AFh96blAU9jqDGpVqgnzWMQEkQD3zWxefQDeRvw0Cov4zOK815MMl9OJBHHCOljkAA%2FA4thF2yJmzzBuc7NUfvO3%2F1jZgctpuBFzUYD%2FWHIZbl1w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce7234bdad0b518-OSL
content-encoding: br
X-Firefox-Spdy: h2

get-booksnow.com/lead/prefill

188.114.96.1

200 OK

64 B

URL POST HTTP/3
get-booksnow.com/lead/prefill
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://get-booksnow.com/nb_no/unlock-content-now?subid=b320c891-9a0f-48c3-a993-01abebb8790f&networkid=200347&publisher=81c67238&isNewTr=1&stream=
Certificate
IssuerGoogle Trust Services LLC
Subjectget-booksnow.com
FingerprintD3:F2:00:5F:1A:56:F7:60:DA:74:17:49:41:5B:22:78:76:23:1D:9C
ValidityMon, 22 May 2023 08:55:00 GMT - Sun, 20 Aug 2023 08:54:59 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
64 B (64 bytes)
Hash
0a00dc476383c35bcfbc0ea44c3a60ea
36ebdfa0bfa4aa0ec8f4d7417d2112bae7d406db
819bd596583bc3bc638b2fa8d87d80b16551a1d68abb86261795db848cc226d2

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

POST /lead/prefill HTTP/1.1
Host: get-booksnow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: Vg4OVFJWDRAFVFRTAQEHUFc=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI4OTU0NTUiLCJhcCI6IjUzNTkwNzUzNyIsImlkIjoiODYyMGFjZWI0NGJhNTQzZCIsInRyIjoiZDNjNTdkMGFmYTg2NDdiMjY4NjFjNWZkMjI4Y2Q0MDAiLCJ0aSI6MTY4NTI4MzYyMjAzNH19
traceparent: 00-d3c57d0afa8647b26861c5fd228cd400-8620aceb44ba543d-01
tracestate: 2895455@nr=0-1-2895455-535907537-8620aceb44ba543d----1685283622034
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
sentry-trace: 7953293ed62b481ea5b0940d91d1c479-ac13f02163cd99a8-0
Content-Length: 65
Origin: https://get-booksnow.com
DNT: 1
Connection: keep-alive
Referer: https://get-booksnow.com/nb_no/unlock-content-now?subid=b320c891-9a0f-48c3-a993-01abebb8790f&networkid=200347&publisher=81c67238&isNewTr=1&stream=
Cookie: product=0e3982bd1559d08e8610f056adf761fde2bcc64dca58a4af5e6a8c0c5056df52a%3A2%3A%7Bi%3A0%3Bs%3A7%3A%22product%22%3Bi%3A1%3Ba%3A1%3A%7Bs%3A9%3A%22productId%22%3Bi%3A1%3B%7D%7D; visitInfo::6591=ddc6fce2ddf343d2afc57c259e7d8bc9d099afbb879c4a26c80518ab24136ce5a%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A6591%22%3Bi%3A1%3Ba%3A4%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%22ebd780b4e8862e2b6d75a201465f156b%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%2281c67238%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22b320c891-9a0f-48c3-a993-01abebb8790f%22%3B%7D%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 28 May 2023 14:20:22 GMT
content-type: application/json; charset=UTF-8
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3r4fiGM7mRu7Dp5DC30IkZFeaRtSduebI4XfIKpdxub8jdz%2FubDVXxZ6MxwQLYjBCZYs1hEynZnvUjHEd0bi9%2BMv0VEfqWQIRYdyuAKImpwWNbUbnvzZ9wI0CezrQirTXCS6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ce7234fb8c1b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

cdn.content-loads.com/prod/landings/assets/layout28/layout28/js/scripts.js

104.26.9.128

200 OK

213 B

URL GET HTTP/2
cdn.content-loads.com/prod/landings/assets/layout28/layout28/js/scripts.js
IP
104.26.9.128:443
ASN
#13335 CLOUDFLARENET

Requested by
https://get-booksnow.com/nb_no/unlock-content-now?subid=b320c891-9a0f-48c3-a993-01abebb8790f&networkid=200347&publisher=81c67238&isNewTr=1&stream=
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint46:D1:50:92:C0:52:B8:1F:56:0C:99:FD:C1:D2:52:6C:44:AC:E4:5D
ValidityFri, 27 Jan 2023 00:00:00 GMT - Fri, 26 Jan 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
213 B (213 bytes)
Hash
1685abab05914f7a17388aedbd2f2d8c
b3a0a82c0ad6b940dd4f04c2536afafaf606c8c9
bd93716b19b202c539de7574e070cc724df3a945536b1b4a8c8654b85a2f56a6

HTTP Headers

GET /prod/landings/assets/layout28/layout28/js/scripts.js HTTP/1.1
Host: cdn.content-loads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://get-booksnow.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 28 May 2023 14:20:21 GMT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cf-polished: origSize=279
etag: W/"64621759-117"
last-modified: Mon, 15 May 2023 11:28:25 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 6406
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=smJxZvo7NsFgJ%2FPljGCK8oRjTEviyI70GyyI%2FkBUe0sc7c%2BU8f8WYx5Ujf8s3o%2BxwPCazXkANkDrvkzT95OjdZjVaMzMGOwpDh53cFZRULIsoBLuBtHZH9Oasx4YP1QTa4LMYjmdVA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce7234beae8b518-OSL
content-encoding: br
X-Firefox-Spdy: h2

get-booksnow.com/nb_no/unlock-content-now?subid=b320c891-9a0f-48c3-a993-01abebb8790f&networkid=200347&publisher=81c67238&isNewTr=1&stream=

188.114.96.1

200 OK

68 kB

URL User Request GET HTTP/2
get-booksnow.com/nb_no/unlock-content-now?subid=b320c891-9a0f-48c3-a993-01abebb8790f&networkid=200347&publisher=81c67238&isNewTr=1&stream=
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectget-booksnow.com
FingerprintD3:F2:00:5F:1A:56:F7:60:DA:74:17:49:41:5B:22:78:76:23:1D:9C
ValidityMon, 22 May 2023 08:55:00 GMT - Sun, 20 Aug 2023 08:54:59 GMT

File type

Size
68 kB (68291 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /nb_no/unlock-content-now?subid=b320c891-9a0f-48c3-a993-01abebb8790f&networkid=200347&publisher=81c67238&isNewTr=1&stream= HTTP/1.1
Host: get-booksnow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 28 May 2023 14:20:21 GMT
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
set-cookie: product=0e3982bd1559d08e8610f056adf761fde2bcc64dca58a4af5e6a8c0c5056df52a%3A2%3A%7Bi%3A0%3Bs%3A7%3A%22product%22%3Bi%3A1%3Ba%3A1%3A%7Bs%3A9%3A%22productId%22%3Bi%3A1%3B%7D%7D; path=/; HttpOnly; SameSite=Lax
visitInfo::6591=ddc6fce2ddf343d2afc57c259e7d8bc9d099afbb879c4a26c80518ab24136ce5a%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A6591%22%3Bi%3A1%3Ba%3A4%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%22ebd780b4e8862e2b6d75a201465f156b%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%2281c67238%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22b320c891-9a0f-48c3-a993-01abebb8790f%22%3B%7D%7D; path=/; HttpOnly; SameSite=Lax
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TVnnRKN5%2B2ATgm6gRLA%2BI%2Bwn2Lb8WxLKbnFO9THyez7EZRBeAI%2FvrCMd%2BNif1lsrRTK1tegaRQttUsXM533rkwrJjoMp0cP4Pjy0NUOtIBUkHF6sOmwkrdygY1GHy7OaBLxJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ce723496ceefac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.content-loads.com/prod/landings/assets/common/common/dist/bundle.js

104.26.9.128

200 OK

48 kB

URL GET HTTP/2
cdn.content-loads.com/prod/landings/assets/common/common/dist/bundle.js
IP
104.26.9.128:443
ASN
#13335 CLOUDFLARENET

Requested by
https://get-booksnow.com/nb_no/unlock-content-now?subid=b320c891-9a0f-48c3-a993-01abebb8790f&networkid=200347&publisher=81c67238&isNewTr=1&stream=
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint46:D1:50:92:C0:52:B8:1F:56:0C:99:FD:C1:D2:52:6C:44:AC:E4:5D
ValidityFri, 27 Jan 2023 00:00:00 GMT - Fri, 26 Jan 2024 23:59:59 GMT

File type
ASCII text, with very long lines (47555), with no line terminators
Size
48 kB (47555 bytes)
Hash
98a573651d8ed656278bde024edae5ed
7ab07f7e47391a544ba4e272e2f867f8fd23bdae
281dcbb9b8bacb9502b78fa3dc69b7e1282757b645d495a5ebc09ccf8e2611d0

HTTP Headers

GET /prod/landings/assets/common/common/dist/bundle.js HTTP/1.1
Host: cdn.content-loads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://get-booksnow.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 28 May 2023 14:20:21 GMT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
etag: W/"6470c5c6-b9c3"
last-modified: Fri, 26 May 2023 14:44:22 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 6274
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U3hDsx0xmQ6V1b9XqOT8SlLuZDRZpGky0vNpkPFwUT6%2BpW2swYVh2DVhJpDy%2BgcRmZpOHZ9GliRGw%2F6NM4vGHbLz5qqMm7iRsqZJcP8kZD70qBDDalCHdZIr20MXgWEo%2BF9TrZTxIw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce7234bdadbb518-OSL
content-encoding: br
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto:300,400,500,700

142.250.74.106

200 OK

8.5 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Roboto:300,400,500,700
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://get-booksnow.com/nb_no/unlock-content-now?subid=b320c891-9a0f-48c3-a993-01abebb8790f&networkid=200347&publisher=81c67238&isNewTr=1&stream=
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:AC:74:E6:97:66:CD:D0:F1:EA:0D:01:37:89:65:2E:98:22:84:6C
ValidityMon, 08 May 2023 08:24:50 GMT - Mon, 31 Jul 2023 08:24:49 GMT

File type
ASCII text, with very long lines (8716), with no line terminators
Size
8.5 kB (8492 bytes)
Hash
1303310bf811cbabe52e473a56247b05
76a5d89fcefb4e769642a6636f439f3f03833429
ccc9d8c0b923b1470e8ddb0309ed98c9419fd7abb32ead3c0dcebbc30ea84778

HTTP Headers

GET /css?family=Roboto:300,400,500,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn.content-loads.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 28 May 2023 14:20:22 GMT
date: Sun, 28 May 2023 14:20:22 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (10)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML