Report - acesecureshop.com/img-files/wav.exe?e

Report Overview

Visited public
2024-03-10 10:40:26
Tags
URL
acesecureshop.com/img-files/wav.exe?e
Finishing URL
ww1.acesecureshop.com/
IP / ASN
212.32.237.101
#60781 LeaseWeb Netherlands B.V.
Title
Acesecureshop.com

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
acesecureshop.com	unknown	2023-10-23	2014-01-16 19:29:17	2024-03-09 17:32:04	1.2 kB	1.3 kB	212.32.237.101
ww1.acesecureshop.com	unknown	2023-10-23	2023-10-29 14:38:30	2024-02-29 03:28:45	1.4 kB	38 kB	199.59.243.225
parking.bodiscdn.com	43768	2021-07-26	2021-08-15 16:11:49	2024-03-09 05:10:37	1.3 kB	1.0 MB	104.22.41.120
www.google.com	7	1997-09-15	2015-05-10 13:11:19	2024-03-08 10:58:00	416 B	54 kB	142.250.74.132
www.adsensecustomsearchads.com	unknown	2011-01-28	2015-09-02 02:57:40	2024-03-09 18:17:38	524 B	681 B	216.58.211.14
us-central1-adzapier-us.cloudfunctions.net	unknown	2015-12-03	2021-09-23 14:17:28	2024-03-09 05:10:38	463 B	500 B	216.239.36.54

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-03-10	medium	acesecureshop.com	Sinkholed
2024-03-10	medium	acesecureshop.com	Sinkholed
2024-03-10	medium	acesecureshop.com	Sinkholed
2024-03-10	medium	acesecureshop.com	Sinkholed
2024-03-10	medium	acesecureshop.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (5)

	URL	From	Size	First Seen	Last Seen
	www.google.com/adsense/domains/caf.js	ScriptElement	144 kB	2024-02-29	2024-08-20
Pretty URL www.google.com/adsense/domains/caf.js IP 142.250.74.132 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-29 21:04 Last Seen2024-08-20 08:35 Times Seen381 Hash 51d44b7fb9798d7deaff6625b82ce80f e06ee611f67339926c921bfb3b874b8db0385c29 7d061db3f965a9f55a41cdf36470b36501e293122145237f6e159dc29680c1e2 Loading...

	ww1.acesecureshop.com/	ScriptElement	367 B	2024-08-20	2024-08-20
Pretty URL ww1.acesecureshop.com/ IP 199.59.243.225 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 08:02 Last Seen2024-08-20 08:02 Times Seen1 Hash 70a031bd9b785b67d99b066d7e907877 6e5b07922c5a3805b47788857890a93eef7b6957 f94e1ff89027875b567d7985022f282b6c3d752e523996719b107da376a9f596 Loading...

	ww1.acesecureshop.com/byvVSUOpm.js	ScriptElement	33 kB	2024-03-07	2024-08-20
Pretty URL ww1.acesecureshop.com/byvVSUOpm.js IP 199.59.243.225 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-07 19:42 Last Seen2024-08-20 08:11 Times Seen344 Hash e4e6d0b84ba6d1d021052eea6e166f76 0f3f720f0c3f63f798530d6163ccc1498a1f5a5f 85cb962521f7df02b28d4274e550c92f0ec13ca2fbf5623c24660979ec47e9ee Loading...

	parking.bodiscdn.com/cmp/cmp1.js	ScriptElement	26 kB	2024-02-06	2024-08-20
Pretty URL parking.bodiscdn.com/cmp/cmp1.js IP 104.22.41.120 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-06 21:53 Last Seen2024-08-20 10:07 Times Seen404 Hash 6f36558e242ec4207622dec75869137a 8a243c049b27c527a26072259ad928cb11562426 45af9520964c6774f0061f72b70f0b0d67180416fb6c1483b2357468cca8cd75 Loading...

	parking.bodiscdn.com/cmp/cookie-consent.js	ScriptElement	896 kB	2024-03-07	2024-08-20
Pretty URL parking.bodiscdn.com/cmp/cookie-consent.js IP 104.22.41.120 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-07 19:42 Last Seen2024-08-20 08:11 Times Seen344 Hash 69a9b0fb4e2d843d53e4da1409cda306 03c1c3487000513a05344645c6b3af60eead96ba cb2666b88c02977b9c05064d6f4bf17a45b05aade77223b9675a718c96ee40dd Loading...

HTTP Transactions (11)

URL IP Response Size

acesecureshop.com/img-files/wav.exe?e

212.32.237.101

498 B

URL
acesecureshop.com/img-files/wav.exe?e
IP
212.32.237.101:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
HTML document, ASCII text, with very long lines (498), with no line terminators
Size
498 B (498 bytes)
Hash
384e43b618cc4522061cdeb4274d9fca
ae85a72e74f16378d0313d7a6d7495daaf7cc0d8
c47e0c50ab6b48d8e855d834e00d8a1c1eddbce398cc7a50944af302c8dec863

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img-files/wav.exe?e HTTP/1.1
Host: acesecureshop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 498
content-type: text/html; charset=utf-8
date: Sun, 10 Mar 2024 10:39:59 GMT
server: nginx
set-cookie: sid=8ba6db37-deca-11ee-ae66-e01f98514aa0; path=/; domain=.acesecureshop.com; expires=Fri, 28 Mar 2092 13:54:07 GMT; max-age=2147483647; HttpOnly

acesecureshop.com/img-files/wav.exe?ch=1&e=&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTcxMDA3NDQwMCwiaWF0IjoxNzEwMDY3MjAwLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydXRtMjNuZXBkZGljaThpMmczZWdsc2QiLCJuYmYiOjE3MTAwNjcyMDAsInRzIjoxNzEwMDY3MjAwMjgwOTAwfQ.kZqjh8cGVCyENEG6rOHETCTbGvOTrhjyiZ9OevIowi4&sid=8ba6db37-deca-11ee-ae66-e01f98514aa0

212.32.237.101

302 Found

11 B

URL User Request GET HTTP/1.1
acesecureshop.com/img-files/wav.exe?ch=1&e=&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTcxMDA3NDQwMCwiaWF0IjoxNzEwMDY3MjAwLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydXRtMjNuZXBkZGljaThpMmczZWdsc2QiLCJuYmYiOjE3MTAwNjcyMDAsInRzIjoxNzEwMDY3MjAwMjgwOTAwfQ.kZqjh8cGVCyENEG6rOHETCTbGvOTrhjyiZ9OevIowi4&sid=8ba6db37-deca-11ee-ae66-e01f98514aa0
IP
212.32.237.101:80
ASN
#60781 LeaseWeb Netherlands B.V.

File type
ASCII text, with no line terminators
Size
11 B (11 bytes)
Hash
32682312d17c7cbf18e73594f5570319
60e22121bdd0bc71cdb2bae2a3aa577006b2eae9
e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img-files/wav.exe?ch=1&e=&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTcxMDA3NDQwMCwiaWF0IjoxNzEwMDY3MjAwLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydXRtMjNuZXBkZGljaThpMmczZWdsc2QiLCJuYmYiOjE3MTAwNjcyMDAsInRzIjoxNzEwMDY3MjAwMjgwOTAwfQ.kZqjh8cGVCyENEG6rOHETCTbGvOTrhjyiZ9OevIowi4&sid=8ba6db37-deca-11ee-ae66-e01f98514aa0 HTTP/1.1
Host: acesecureshop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://acesecureshop.com/img-files/wav.exe?e
DNT: 1
Connection: keep-alive
Cookie: sid=8ba6db37-deca-11ee-ae66-e01f98514aa0
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Sun, 10 Mar 2024 10:40:00 GMT
location: http://ww1.acesecureshop.com
server: nginx
set-cookie: sid=8ba6db37-deca-11ee-ae66-e01f98514aa0; path=/; domain=.acesecureshop.com; expires=Fri, 28 Mar 2092 13:54:07 GMT; max-age=2147483647; HttpOnly

ww1.acesecureshop.com/

199.59.243.225

1.1 kB

URL User Request GET
ww1.acesecureshop.com/
IP
199.59.243.225:0
ASN
#16509 AMAZON-02

File type
HTML document, ASCII text, with very long lines (382)
Size
1.1 kB (1114 bytes)
Hash
420cdc8f25f6e089ef153ad046fc1e41
5e37d359dc6472aa57e5e16da388feed6ce7ef60
9de47b8539a7f6706eae362e6fa500703f0253cbb8c3c9093ca7cafc6ca3ee2c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: ww1.acesecureshop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://acesecureshop.com/
DNT: 1
Connection: keep-alive
Cookie: sid=8ba6db37-deca-11ee-ae66-e01f98514aa0
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
date: Sun, 10 Mar 2024 10:40:00 GMT
content-type: text/html; charset=utf-8
content-length: 1114
x-request-id: 2021a0b8-a214-4f7d-8b30-bd79104ea2f1
cache-control: no-store, max-age=0
accept-ch: sec-ch-prefers-color-scheme
critical-ch: sec-ch-prefers-color-scheme
vary: sec-ch-prefers-color-scheme
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_oXvO0p+lxwig+7l7eHbaJ0pERiBpABUCz/1p8ag+Oahd4VjkxzoU6QP2+uk1ffoGplTmog9vn3vImc6CsN5bfg==
set-cookie: parking_session=2021a0b8-a214-4f7d-8b30-bd79104ea2f1; expires=Sun, 10 Mar 2024 10:55:01 GMT; path=/

ww1.acesecureshop.com/byvVSUOpm.js

199.59.243.225

200 OK

33 kB

URL GET HTTP/1.1
ww1.acesecureshop.com/byvVSUOpm.js
IP
199.59.243.225:80
ASN
#16509 AMAZON-02

Requested by
http://ww1.acesecureshop.com/

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (33177)
Size
33 kB (33180 bytes)
Hash
e4e6d0b84ba6d1d021052eea6e166f76
0f3f720f0c3f63f798530d6163ccc1498a1f5a5f
85cb962521f7df02b28d4274e550c92f0ec13ca2fbf5623c24660979ec47e9ee

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /byvVSUOpm.js HTTP/1.1
Host: ww1.acesecureshop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ww1.acesecureshop.com/
Cookie: sid=8ba6db37-deca-11ee-ae66-e01f98514aa0; parking_session=2021a0b8-a214-4f7d-8b30-bd79104ea2f1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
date: Sun, 10 Mar 2024 10:40:00 GMT
content-type: application/javascript; charset=utf-8
content-length: 33180
x-request-id: 940ed2aa-1f1c-48bf-b65a-4576d6911c67
set-cookie: parking_session=2021a0b8-a214-4f7d-8b30-bd79104ea2f1; expires=Sun, 10 Mar 2024 10:55:01 GMT

ww1.acesecureshop.com/_fd

199.59.243.225

200 OK

2.1 kB

URL POST HTTP/1.1
ww1.acesecureshop.com/_fd
IP
199.59.243.225:80
ASN
#16509 AMAZON-02

Requested by
http://ww1.acesecureshop.com/

File type
ASCII text, with very long lines (4061), with no line terminators
Size
2.1 kB (2073 bytes)
Hash
06977e1c285893cb51c543c4d7df821b
c0294a9644d20b7ecf53fed05c764d1240bf76cc
ed363e8723128f3df4cef5ec51ba7ff169829fcece3d25e55e3fd7c41631520d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /_fd HTTP/1.1
Host: ww1.acesecureshop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww1.acesecureshop.com/
Content-Type: application/json
Origin: http://ww1.acesecureshop.com
DNT: 1
Connection: keep-alive
Cookie: sid=8ba6db37-deca-11ee-ae66-e01f98514aa0; parking_session=2021a0b8-a214-4f7d-8b30-bd79104ea2f1
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0

HTTP/1.1 200 OK
server: openresty
date: Sun, 10 Mar 2024 10:40:00 GMT
content-type: text/html; charset=UTF-8
content-encoding: gzip
content-length: 2073
x-version: 2.115.2
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
set-cookie: parking_session=2021a0b8-a214-4f7d-8b30-bd79104ea2f1; expires=Sun, 10 Mar 2024 10:55:01 GMT; Max-Age=900; path=/; httponly

parking.bodiscdn.com/cmp/cookie-consent.css

104.22.41.120

200 OK

9.0 kB

URL GET HTTP/2
parking.bodiscdn.com/cmp/cookie-consent.css
IP
104.22.41.120:443
ASN
#13335 CLOUDFLARENET

Requested by
http://ww1.acesecureshop.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7D:33:B8:7D:6E:12:06:C8:AC:51:FA:DD:32:46:4F:F1:D5:AC:F6:F4
ValidityThu, 25 May 2023 00:00:00 GMT - Fri, 24 May 2024 23:59:59 GMT

File type
ASCII text, with CRLF, LF line terminators
Size
9.0 kB (8998 bytes)
Hash
e92d84f9c9654b841b4bcaf167d33bfe
81a97278ae1ac00230f27fec617732764ba92029
eb447840cc4d58fae9e3988d29aff084967e1415d1563234489f25d3d03888e5

HTTP Headers

GET /cmp/cookie-consent.css HTTP/1.1
Host: parking.bodiscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://ww1.acesecureshop.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 10 Mar 2024 10:40:01 GMT
content-type: text/css
x-amz-id-2: 6p0cjIv5K3pb3Sji8RO738DTzD4WkgFIeWRST9RyR0KbzrekljsWYFCJBZBAgXR29EhXC9Vm+WI=
x-amz-request-id: AMEN7A88YHQ4FFXT
last-modified: Mon, 29 Jan 2024 20:22:40 GMT
etag: W/"e92d84f9c9654b841b4bcaf167d33bfe"
x-amz-server-side-encryption: AES256
cache-control: max-age=14400
cf-cache-status: HIT
age: 3251
vary: Accept-Encoding
server: cloudflare
cf-ray: 8622af2b0f3d92dc-CPH
content-encoding: br
X-Firefox-Spdy: h2

www.google.com/adsense/domains/caf.js

142.250.74.132

200 OK

53 kB

URL GET HTTP/2
www.google.com/adsense/domains/caf.js
IP
142.250.74.132:443
ASN
#15169 GOOGLE

Requested by
http://ww1.acesecureshop.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectwww.google.com
Fingerprint8E:AB:CA:05:82:01:0A:64:AD:90:F4:20:F3:F0:DD:E7:06:7B:BD:E3
ValidityMon, 19 Feb 2024 08:19:14 GMT - Mon, 13 May 2024 08:19:13 GMT

File type
gzip compressed data, max compression
Size
53 kB (52915 bytes)
Hash
2b183da60a0d6cdce8e6a5c13deed99f
3ea64321356acc94ef8a5709138db1df66e52abc
9cddcc928d71c4933d4129e027363e2ea5a74424e9a03836e14e853c2793cce4

HTTP Headers

GET /adsense/domains/caf.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://ww1.acesecureshop.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Sun, 10 Mar 2024 10:40:02 GMT
expires: Sun, 10 Mar 2024 10:40:02 GMT
cache-control: private, max-age=3600
etag: "11007164386035630606"
x-content-type-options: nosniff
link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.adsensecustomsearchads.com/afs/gen_204?client=dp-bodis30_3ph&output=uds_ads_only&zx=kvlzyopxfgf9&pbt=rd&ivt=true&dA=true

216.58.211.14

204 No Content

0 B

URL GET HTTP/2
www.adsensecustomsearchads.com/afs/gen_204?client=dp-bodis30_3ph&output=uds_ads_only&zx=kvlzyopxfgf9&pbt=rd&ivt=true&dA=true
IP
216.58.211.14:443
ASN
#15169 GOOGLE

Requested by
http://ww1.acesecureshop.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectmisc-sni.google.com
FingerprintD1:F4:F3:40:14:91:35:C9:74:80:B1:79:91:E4:2B:20:61:3B:40:92
ValidityMon, 19 Feb 2024 08:06:33 GMT - Mon, 13 May 2024 08:06:32 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /afs/gen_204?client=dp-bodis30_3ph&output=uds_ads_only&zx=kvlzyopxfgf9&pbt=rd&ivt=true&dA=true HTTP/1.1
Host: www.adsensecustomsearchads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://ww1.acesecureshop.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
content-type: text/html; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-BX_RCAFn5HNaakJpRo6iiw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
date: Sun, 10 Mar 2024 10:40:02 GMT
server: gws
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

parking.bodiscdn.com/cmp/cmp1.js

104.22.41.120

200 OK

109 kB

URL GET HTTP/2
parking.bodiscdn.com/cmp/cmp1.js
IP
104.22.41.120:443
ASN
#13335 CLOUDFLARENET

Requested by
http://ww1.acesecureshop.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7D:33:B8:7D:6E:12:06:C8:AC:51:FA:DD:32:46:4F:F1:D5:AC:F6:F4
ValidityThu, 25 May 2023 00:00:00 GMT - Fri, 24 May 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (996)
Size
109 kB (108625 bytes)
Hash
6f36558e242ec4207622dec75869137a
8a243c049b27c527a26072259ad928cb11562426
45af9520964c6774f0061f72b70f0b0d67180416fb6c1483b2357468cca8cd75

HTTP Headers

GET /cmp/cmp1.js HTTP/1.1
Host: parking.bodiscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://ww1.acesecureshop.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 10 Mar 2024 10:40:01 GMT
content-type: application/javascript
x-amz-id-2: Tj8WXvnZ3Ap1sH6sgbLC57nnFnZjf6vYgt5yBBL54tD6rXwqMTrG2KwhBIjSOIBE1uEdkCmB7V8=
x-amz-request-id: 7FZMWYJMQS2SS9N0
last-modified: Tue, 06 Feb 2024 20:29:09 GMT
etag: W/"6f36558e242ec4207622dec75869137a"
x-amz-server-side-encryption: AES256
cache-control: max-age=14400
cf-cache-status: HIT
age: 3293
vary: Accept-Encoding
server: cloudflare
cf-ray: 8622af29bd7f92dc-CPH
content-encoding: br
X-Firefox-Spdy: h2

parking.bodiscdn.com/cmp/cookie-consent.js

104.22.41.120

200 OK

896 kB

URL GET HTTP/2
parking.bodiscdn.com/cmp/cookie-consent.js
IP
104.22.41.120:443
ASN
#13335 CLOUDFLARENET

Requested by
http://ww1.acesecureshop.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7D:33:B8:7D:6E:12:06:C8:AC:51:FA:DD:32:46:4F:F1:D5:AC:F6:F4
ValidityThu, 25 May 2023 00:00:00 GMT - Fri, 24 May 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with CRLF line terminators
Size
896 kB (896476 bytes)
Hash
69a9b0fb4e2d843d53e4da1409cda306
03c1c3487000513a05344645c6b3af60eead96ba
cb2666b88c02977b9c05064d6f4bf17a45b05aade77223b9675a718c96ee40dd

HTTP Headers

GET /cmp/cookie-consent.js HTTP/1.1
Host: parking.bodiscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://ww1.acesecureshop.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 10 Mar 2024 10:40:01 GMT
content-type: application/javascript
x-amz-id-2: md1QIMDCwatFQrZG6p3X9vDgov1eBA9LB8GnaHPkV3VWgD4zzVHa+AJXjuGZZ0dFIxLHRLTNScM=
x-amz-request-id: J31FJMQRTXHAW57Q
last-modified: Thu, 07 Mar 2024 15:46:41 GMT
etag: W/"69a9b0fb4e2d843d53e4da1409cda306"
x-amz-server-side-encryption: AES256
cache-control: max-age=14400
cf-cache-status: HIT
age: 3293
vary: Accept-Encoding
server: cloudflare
cf-ray: 8622af2a6e7e92dc-CPH
content-encoding: br
X-Firefox-Spdy: h2

us-central1-adzapier-us.cloudfunctions.net/geoip

216.239.36.54

200 OK

117 B

URL GET HTTP/2
us-central1-adzapier-us.cloudfunctions.net/geoip
IP
216.239.36.54:443
ASN
#15169 GOOGLE

Requested by
http://ww1.acesecureshop.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectmisc.google.com
Fingerprint77:95:B1:74:E1:49:71:F7:60:A9:EA:73:C1:11:5D:3C:D3:27:2F:19
ValidityMon, 19 Feb 2024 08:06:33 GMT - Mon, 13 May 2024 08:06:32 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
117 B (117 bytes)
Hash
e785d28344c6ef09b9baa8559524cfbc
112b2a112a3183b58241473b7623f458db71aa70
b131d8c133fb434dc42dbfd131354daa3683d07115d1fbd9e58b83c249f49b22

HTTP Headers

GET /geoip HTTP/1.1
Host: us-central1-adzapier-us.cloudfunctions.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ww1.acesecureshop.com/
Origin: http://ww1.acesecureshop.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
content-type: application/json
function-execution-id: 6xb89j2w17xz
x-cloud-trace-context: 9d41c15583b6b504ec80f1a872d9d727
content-encoding: gzip
date: Sun, 10 Mar 2024 10:40:01 GMT
server: Google Frontend
cache-control: private
content-length: 123
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (5)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (11)

URL

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL User Request GET HTTP/1.1

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL User Request GET

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

File type

Size

Hash