urlscan.io logo urlscan.io
SecurityTrails logo

ww38.wsalgreensusa.com Open in urlscan Pro
185.53.179.29  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://discord.sarrp.net/
Effective URL: http://ww38.wsalgreensusa.com/
Submission Tags: phishingrod
Submission: On July 12 via api from DE — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 7 domains to perform 9 HTTP transactions. The main IP is 185.53.179.29, located in Germany and belongs to TEAMINTERNET-AS, DE. The main domain is ww38.wsalgreensusa.com.
This is the only time ww38.wsalgreensusa.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 172.232.25.148 63949 (AKAMAI-LI...)
2 69.16.230.228 32244 (LIQUIDWEB)
1 1 139.177.202.97 63949 (AKAMAI-LI...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 3 44.236.11.165 16509 (AMAZON-02)
1 1 103.224.182.241 133618 (TRELLIAN-...)
2 185.53.179.29 61969 (TEAMINTER...)
1 2600:9000:244... 16509 (AMAZON-02)
9 5
1    172.232.25.148 (Chicago, United States)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 172-232-25-148.ip.linodeusercontent.com
discord.sarrp.net
2    69.16.230.228 (United States)

ASN32244 (LIQUIDWEB, US)
PTR: lb05.parklogic.com
ww99.sarrp.net
1    139.177.202.97 (Atlanta, United States)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 139-177-202-97.ip.linodeusercontent.com
264.modelomy.xyz
1    2606:4700:3033::6815:3ae4 (United States)

ASN13335 (CLOUDFLARENET, US)
trackme.wdk18.com
3    44.236.11.165 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-236-11-165.us-west-2.compute.amazonaws.com
www.clkmg.com
1    103.224.182.241 (Australia)

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-182-241.above.com
wsalgreensusa.com
2    185.53.179.29 (Germany)

ASN61969 (TEAMINTERNET-AS, DE)
ww38.wsalgreensusa.com
1    2600:9000:244d:c800:1d:4618:5c80:21 (United States)

ASN16509 (AMAZON-02, US)
d38psrni17bvxu.cloudfront.net
Apex Domain
Subdomains		 Transfer
3 wsalgreensusa.com
wsalgreensusa.com
ww38.wsalgreensusa.com
8 KB
3 clkmg.com
www.clkmg.com — Cisco Umbrella Rank: 401395
3 KB
3 sarrp.net
discord.sarrp.net
ww99.sarrp.net
4 KB
1 cloudfront.net
d38psrni17bvxu.cloudfront.net
12 KB
1 wdk18.com
trackme.wdk18.com
751 B
1 modelomy.xyz
264.modelomy.xyz
188 B
0 google.com Failed
www.google.com — Cisco Umbrella Rank: 5 Failed
9 7
Domain Requested by
3 www.clkmg.com 1 redirects ww99.sarrp.net
2 ww38.wsalgreensusa.com ww38.wsalgreensusa.com
2 ww99.sarrp.net ww99.sarrp.net
1 d38psrni17bvxu.cloudfront.net ww38.wsalgreensusa.com
1 wsalgreensusa.com 1 redirects
1 trackme.wdk18.com 1 redirects
1 264.modelomy.xyz 1 redirects
1 discord.sarrp.net 1 redirects
0 www.google.com Failed ww38.wsalgreensusa.com
9 9

This site contains links to these domains. Also see Links.

Domain
www.mydomaincontact.com
Subject Issuer Validity Valid
pltraffic.com
pltraffic.com		 2022-02-16 -
2032-02-16		 10 years crt.sh
*.clkmg.com
GlobalSign GCC R6 AlphaSSL CA 2023		 2024-02-28 -
2025-03-31		 a year crt.sh

This page contains 1 frames:

Primary Page: http://ww38.wsalgreensusa.com/
Frame ID: 6D61476D0377BB53750DA41533707132
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

wsalgreensusa.com

Page URL History Show full URLs

  1. https://discord.sarrp.net/ HTTP 302
    http://ww99.sarrp.net/ HTTP 307
    https://ww99.sarrp.net/ Page URL
  2. https://ww99.sarrp.net/page/bouncy.php?&bpae=GbhGtDkb%2FUx%2FttthqW1dTd3nRJfnxVpf7wJbpQ8saycGABmIfw... Page URL
  3. http://264.modelomy.xyz/match-264/86809/226912147/1720775127/mf_8b91523d-32f0-4143-b360-56a2118809e5... HTTP 307
    https://264.modelomy.xyz/match-264/86809/226912147/1720775127/mf_8b91523d-32f0-4143-b360-56a2118809e5... HTTP 307
    http://264.modelomy.xyz/match-264/86809/226912147/1720775127/mf_8b91523d-32f0-4143-b360-56a2118809e5... HTTP 302
    https://trackme.wdk18.com/overnightprints/apix34-sarrp.net HTTP 302
    https://www.clkmg.com/qvikar/overnightprints/apix34-sarrp.net HTTP 302
    https://www.clkmg.com/redir.cgi?url=A1rqdDJRUiu5Nc8NUoLmbLKQBFdvoObIRk6RyP702xvW8XX2lzLt3Cv49FbuA1... Page URL
  4. http://wsalgreensusa.com/ HTTP 307
    https://wsalgreensusa.com/ HTTP 302
    http://ww38.wsalgreensusa.com/ HTTP 307
    https://ww38.wsalgreensusa.com/ HTTP 307
    http://ww38.wsalgreensusa.com/ Page URL

Page Statistics

9
Requests

22 %
HTTPS

25 %
IPv6

7
Domains

9
Subdomains

5
IPs

3
Countries

24 kB
Transfer

30 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://discord.sarrp.net/ HTTP 302
    http://ww99.sarrp.net/ HTTP 307
    https://ww99.sarrp.net/ Page URL
  2. https://ww99.sarrp.net/page/bouncy.php?&bpae=GbhGtDkb%2FUx%2FttthqW1dTd3nRJfnxVpf7wJbpQ8saycGABmIfwsD3MeOJWTUE8YaUulbb09T%2F3H8kn9NZJjk%2FF9WdHwWlzaVnmdNYc8wodBhLmRnLCalVf5PcDrBbq5ofYHVWQPhfH%2FuNuRfHZ4FAk8Cq%2BjdDQkIlifrBRJ2N3C3ztcZEbFXc0MzQtTYgE9t8yo2jumFdOdu5s7irFtgCfexbvhFdrBHdq0wcMJXu53C3067ndxUNwga356IADoxdVzbxJ3ch%2Bm1wiVUbScpHehvLtFeFMQpGFOKKJixGzoL6m1v%2F9ykJsrYtciWkmGeLSNCZdLPyOjogDh7AMRmgqbs5RMwYHxhz%2B5AeYPlv16m8LP9J52KwIGO%2FZ5OV%2BBN3vbvVCmtzwlOosPWvNsi4g04ZoYBFfok4L9HQaFReW3szSdbXHIO3XJckk4aH6oSoxwZ0l8Gjn9b0OOL7uk2kihziBz47DkXARChpQJ1uhGDkFjQrImS11wWDXXL3O3S9L84hFfpsR60twPNVk8yUe34Qj%2FUHBwMaQbtK0MknN4uJ6%2FWiA%3D%3D&redirectType=js&inIframe=false&inPopUp=false Page URL
  3. http://264.modelomy.xyz/match-264/86809/226912147/1720775127/mf_8b91523d-32f0-4143-b360-56a2118809e5/YXBpeDM0LXNhcnJwLm5ldHxHWFlQNkhKSFhRM1IzSUo3MVVaRFNNRkF8MTY0Mg== HTTP 307
    https://264.modelomy.xyz/match-264/86809/226912147/1720775127/mf_8b91523d-32f0-4143-b360-56a2118809e5/YXBpeDM0LXNhcnJwLm5ldHxHWFlQNkhKSFhRM1IzSUo3MVVaRFNNRkF8MTY0Mg== HTTP 307
    http://264.modelomy.xyz/match-264/86809/226912147/1720775127/mf_8b91523d-32f0-4143-b360-56a2118809e5/YXBpeDM0LXNhcnJwLm5ldHxHWFlQNkhKSFhRM1IzSUo3MVVaRFNNRkF8MTY0Mg== HTTP 302
    https://trackme.wdk18.com/overnightprints/apix34-sarrp.net HTTP 302
    https://www.clkmg.com/qvikar/overnightprints/apix34-sarrp.net HTTP 302
    https://www.clkmg.com/redir.cgi?url=A1rqdDJRUiu5Nc8NUoLmbLKQBFdvoObIRk6RyP702xvW8XX2lzLt3Cv49FbuA1XrJ%2fm%2bvTGxXXzLqY13&pixel=0&lidc=1665510284 Page URL
  4. http://wsalgreensusa.com/ HTTP 307
    https://wsalgreensusa.com/ HTTP 302
    http://ww38.wsalgreensusa.com/ HTTP 307
    https://ww38.wsalgreensusa.com/ HTTP 307
    http://ww38.wsalgreensusa.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://discord.sarrp.net/ HTTP 302
  • http://ww99.sarrp.net/ HTTP 307
  • https://ww99.sarrp.net/
Request Chain 2
  • http://264.modelomy.xyz/match-264/86809/226912147/1720775127/mf_8b91523d-32f0-4143-b360-56a2118809e5/YXBpeDM0LXNhcnJwLm5ldHxHWFlQNkhKSFhRM1IzSUo3MVVaRFNNRkF8MTY0Mg== HTTP 307
  • https://264.modelomy.xyz/match-264/86809/226912147/1720775127/mf_8b91523d-32f0-4143-b360-56a2118809e5/YXBpeDM0LXNhcnJwLm5ldHxHWFlQNkhKSFhRM1IzSUo3MVVaRFNNRkF8MTY0Mg== HTTP 307
  • http://264.modelomy.xyz/match-264/86809/226912147/1720775127/mf_8b91523d-32f0-4143-b360-56a2118809e5/YXBpeDM0LXNhcnJwLm5ldHxHWFlQNkhKSFhRM1IzSUo3MVVaRFNNRkF8MTY0Mg== HTTP 302
  • https://trackme.wdk18.com/overnightprints/apix34-sarrp.net HTTP 302
  • https://www.clkmg.com/qvikar/overnightprints/apix34-sarrp.net HTTP 302
  • https://www.clkmg.com/redir.cgi?url=A1rqdDJRUiu5Nc8NUoLmbLKQBFdvoObIRk6RyP702xvW8XX2lzLt3Cv49FbuA1XrJ%2fm%2bvTGxXXzLqY13&pixel=0&lidc=1665510284
Request Chain 7
  • http://www.google.com/adsense/domains/caf.js?abp=1&adsdeli=true HTTP 307
  • https://www.google.com/adsense/domains/caf.js?abp=1&adsdeli=true

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
ww99.sarrp.net/
Redirect Chain
  • https://discord.sarrp.net/
  • http://ww99.sarrp.net/
  • https://ww99.sarrp.net/
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ww99.sarrp.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.230.228 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
lb05.parklogic.com
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 / PHP/5.4.16
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control
no-cache
content-length
2428
content-type
text/html; charset=UTF-8
date
Fri, 12 Jul 2024 09:05:26 GMT
pragma
no-cache
server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
x-powered-by
PHP/5.4.16

Redirect headers

Location
https://ww99.sarrp.net/
Non-Authoritative-Reason
HttpsUpgrades
bouncy.php
ww99.sarrp.net/page/ 		1021 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ww99.sarrp.net/page/bouncy.php?&bpae=GbhGtDkb%2FUx%2FttthqW1dTd3nRJfnxVpf7wJbpQ8saycGABmIfwsD3MeOJWTUE8YaUulbb09T%2F3H8kn9NZJjk%2FF9WdHwWlzaVnmdNYc8wodBhLmRnLCalVf5PcDrBbq5ofYHVWQPhfH%2FuNuRfHZ4FAk8Cq%2BjdDQkIlifrBRJ2N3C3ztcZEbFXc0MzQtTYgE9t8yo2jumFdOdu5s7irFtgCfexbvhFdrBHdq0wcMJXu53C3067ndxUNwga356IADoxdVzbxJ3ch%2Bm1wiVUbScpHehvLtFeFMQpGFOKKJixGzoL6m1v%2F9ykJsrYtciWkmGeLSNCZdLPyOjogDh7AMRmgqbs5RMwYHxhz%2B5AeYPlv16m8LP9J52KwIGO%2FZ5OV%2BBN3vbvVCmtzwlOosPWvNsi4g04ZoYBFfok4L9HQaFReW3szSdbXHIO3XJckk4aH6oSoxwZ0l8Gjn9b0OOL7uk2kihziBz47DkXARChpQJ1uhGDkFjQrImS11wWDXXL3O3S9L84hFfpsR60twPNVk8yUe34Qj%2FUHBwMaQbtK0MknN4uJ6%2FWiA%3D%3D&redirectType=js&inIframe=false&inPopUp=false
Requested by
Host: ww99.sarrp.net
URL: https://ww99.sarrp.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.230.228 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
lb05.parklogic.com
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 / PHP/5.4.16
Resource Hash
873decea14cc4541a6780cc2d8953685e78930e67b4e1296f2e99f7b54476cbc

Request headers

Referer
https://ww99.sarrp.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control
no-cache
content-length
1021
content-type
text/html; charset=UTF-8
date
Fri, 12 Jul 2024 09:05:27 GMT
pragma
no-cache
server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
x-powered-by
PHP/5.4.16
redir.cgi
www.clkmg.com/
Redirect Chain
  • http://264.modelomy.xyz/match-264/86809/226912147/1720775127/mf_8b91523d-32f0-4143-b360-56a2118809e5/YXBpeDM0LXNhcnJwLm5ldHxHWFlQNkhKSFhRM1IzSUo3MVVaRFNNRkF8MTY0Mg==
  • https://264.modelomy.xyz/match-264/86809/226912147/1720775127/mf_8b91523d-32f0-4143-b360-56a2118809e5/YXBpeDM0LXNhcnJwLm5ldHxHWFlQNkhKSFhRM1IzSUo3MVVaRFNNRkF8MTY0Mg==
  • http://264.modelomy.xyz/match-264/86809/226912147/1720775127/mf_8b91523d-32f0-4143-b360-56a2118809e5/YXBpeDM0LXNhcnJwLm5ldHxHWFlQNkhKSFhRM1IzSUo3MVVaRFNNRkF8MTY0Mg==
  • https://trackme.wdk18.com/overnightprints/apix34-sarrp.net
  • https://www.clkmg.com/qvikar/overnightprints/apix34-sarrp.net
  • https://www.clkmg.com/redir.cgi?url=A1rqdDJRUiu5Nc8NUoLmbLKQBFdvoObIRk6RyP702xvW8XX2lzLt3Cv49FbuA1XrJ%2fm%2bvTGxXXzLqY13&pixel=0&lidc=1665510284
116 B
775 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.clkmg.com/redir.cgi?url=A1rqdDJRUiu5Nc8NUoLmbLKQBFdvoObIRk6RyP702xvW8XX2lzLt3Cv49FbuA1XrJ%2fm%2bvTGxXXzLqY13&pixel=0&lidc=1665510284
Requested by
Host: ww99.sarrp.net
URL: https://ww99.sarrp.net/page/bouncy.php?&bpae=GbhGtDkb%2FUx%2FttthqW1dTd3nRJfnxVpf7wJbpQ8saycGABmIfwsD3MeOJWTUE8YaUulbb09T%2F3H8kn9NZJjk%2FF9WdHwWlzaVnmdNYc8wodBhLmRnLCalVf5PcDrBbq5ofYHVWQPhfH%2FuNuRfHZ4FAk8Cq%2BjdDQkIlifrBRJ2N3C3ztcZEbFXc0MzQtTYgE9t8yo2jumFdOdu5s7irFtgCfexbvhFdrBHdq0wcMJXu53C3067ndxUNwga356IADoxdVzbxJ3ch%2Bm1wiVUbScpHehvLtFeFMQpGFOKKJixGzoL6m1v%2F9ykJsrYtciWkmGeLSNCZdLPyOjogDh7AMRmgqbs5RMwYHxhz%2B5AeYPlv16m8LP9J52KwIGO%2FZ5OV%2BBN3vbvVCmtzwlOosPWvNsi4g04ZoYBFfok4L9HQaFReW3szSdbXHIO3XJckk4aH6oSoxwZ0l8Gjn9b0OOL7uk2kihziBz47DkXARChpQJ1uhGDkFjQrImS11wWDXXL3O3S9L84hFfpsR60twPNVk8yUe34Qj%2FUHBwMaQbtK0MknN4uJ6%2FWiA%3D%3D&redirectType=js&inIframe=false&inPopUp=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.236.11.165 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-236-11-165.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b72cb9d09c97b892a58dca8c3c403aa660f806ec0f9c4084a60ffea1639de653
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ww99.sarrp.net/page/bouncy.php?&bpae=GbhGtDkb%2FUx%2FttthqW1dTd3nRJfnxVpf7wJbpQ8saycGABmIfwsD3MeOJWTUE8YaUulbb09T%2F3H8kn9NZJjk%2FF9WdHwWlzaVnmdNYc8wodBhLmRnLCalVf5PcDrBbq5ofYHVWQPhfH%2FuNuRfHZ4FAk8Cq%2BjdDQkIlifrBRJ2N3C3ztcZEbFXc0MzQtTYgE9t8yo2jumFdOdu5s7irFtgCfexbvhFdrBHdq0wcMJXu53C3067ndxUNwga356IADoxdVzbxJ3ch%2Bm1wiVUbScpHehvLtFeFMQpGFOKKJixGzoL6m1v%2F9ykJsrYtciWkmGeLSNCZdLPyOjogDh7AMRmgqbs5RMwYHxhz%2B5AeYPlv16m8LP9J52KwIGO%2FZ5OV%2BBN3vbvVCmtzwlOosPWvNsi4g04ZoYBFfok4L9HQaFReW3szSdbXHIO3XJckk4aH6oSoxwZ0l8Gjn9b0OOL7uk2kihziBz47DkXARChpQJ1uhGDkFjQrImS11wWDXXL3O3S9L84hFfpsR60twPNVk8yUe34Qj%2FUHBwMaQbtK0MknN4uJ6%2FWiA%3D%3D&redirectType=js&inIframe=false&inPopUp=false
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
undefined-origin
Access-Control-Max-Age
300
Connection
keep-alive
Content-Length
116
Content-Type
text/html; charset=UTF-8
Date
Fri, 12 Jul 2024 09:05:31 GMT
P3P
CP="This is not a P3P policy! See http://www.clkmg.com for more info."
Server
nginx
X-CM-FE
httpfe-2
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
X-XSS-Protection
1; mode=block

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
undefined-origin
Access-Control-Max-Age
300
Connection
keep-alive
Content-Length
336
Content-Type
text/html; charset=iso-8859-1
Date
Fri, 12 Jul 2024 09:05:31 GMT
Location
https://www.clkmg.com/redir.cgi?url=A1rqdDJRUiu5Nc8NUoLmbLKQBFdvoObIRk6RyP702xvW8XX2lzLt3Cv49FbuA1XrJ%2fm%2bvTGxXXzLqY13&pixel=0&lidc=1665510284
P3P
CP="This is not a P3P policy! See https://www.clkmg.com for more info."
Server
nginx
X-CM-FE
httpfe-1
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
X-XSS-Protection
1; mode=block
Primary Request /
ww38.wsalgreensusa.com/
Redirect Chain
  • http://wsalgreensusa.com/
  • https://wsalgreensusa.com/
  • http://ww38.wsalgreensusa.com/
  • https://ww38.wsalgreensusa.com/
  • http://ww38.wsalgreensusa.com/
16 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://ww38.wsalgreensusa.com/
Protocol
HTTP/1.1
Server
185.53.179.29 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
badcd329c41c809f74ccc86f880696cf577c5b4b2ea816e5e93c9e6bb9ae326e

Request headers

Referer
https://www.clkmg.com/redir.cgi?url=A1rqdDJRUiu5Nc8NUoLmbLKQBFdvoObIRk6RyP702xvW8XX2lzLt3Cv49FbuA1XrJ%2fm%2bvTGxXXzLqY13&pixel=0&lidc=1665510284
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Accept-CH
viewport-width dpr device-memory rtt downlink ect ua ua-full-version ua-platform ua-platform-version ua-arch ua-model ua-mobile
Accept-CH-Lifetime
30
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Fri, 12 Jul 2024 09:05:34 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Adblock-Key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_umsGI+JApGGb4b0dD80KSf8Ts/8wU5wtdGXv+3BkWQ5GuQmN3F0sSD+xVzDWcV39GABt9A4EWQczWcuu0TZvCA==
X-Buckets
bucket011
X-Domain
wsalgreensusa.com
X-Language
english
X-Subdomain
ww38
X-Template
tpl_CleanPeppermintBlack_twoclick

Redirect headers

Location
http://ww38.wsalgreensusa.com/
Non-Authoritative-Reason
HttpsUpgrades
favicon.ico
www.clkmg.com/ 		78 B
776 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.clkmg.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.236.11.165 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-236-11-165.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Referer
https://www.clkmg.com/redir.cgi?url=A1rqdDJRUiu5Nc8NUoLmbLKQBFdvoObIRk6RyP702xvW8XX2lzLt3Cv49FbuA1XrJ%2fm%2bvTGxXXzLqY13&pixel=0&lidc=1665510284
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Fri, 12 Jul 2024 09:05:31 GMT
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Content-Length
78
Pragma
public
Last-Modified
Tue, 09 Jan 2024 19:59:58 GMT
Server
nginx
ETag
"659da5be-4e"
Access-Control-Max-Age
300
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/x-icon
Access-Control-Allow-Origin
undefined-origin
Cache-Control
max-age=2592000, public, no-transform
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires
Sun, 11 Aug 2024 09:05:31 GMT
track.php
ww38.wsalgreensusa.com/ 		0
608 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://ww38.wsalgreensusa.com/track.php?domain=wsalgreensusa.com&toggle=browserjs&uid=MTcyMDc3NTEzNC42Nzg3OmYwZTViZDM4NTg4M2JlMzcxYzFlNjg1NTk2ZmFiYmRlNWVjMjY2YmZkNmU1OGExYjFiNWVlMjZkMTVhODdjY2M6NjY5MGYxZGVhNWIzMA%3D%3D
Requested by
Host: ww38.wsalgreensusa.com
URL: http://ww38.wsalgreensusa.com/
Protocol
HTTP/1.1
Server
185.53.179.29 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://ww38.wsalgreensusa.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Fri, 12 Jul 2024 09:05:35 GMT
Content-Encoding
gzip
Server
nginx
Accept-CH
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
X-Custom-Track
browserjs
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Accept-CH-Lifetime
30
Connection
keep-alive
arrows.png
d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/img/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/img/arrows.png
Requested by
Host: ww38.wsalgreensusa.com
URL: http://ww38.wsalgreensusa.com/
Protocol
HTTP/1.1
Server
2600:9000:244d:c800:1d:4618:5c80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
67dff0aad873050f12609885f2264417ccdd0d438311000a704c89f0865f7865

Request headers

Referer
http://ww38.wsalgreensusa.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Thu, 11 Jul 2024 20:00:28 GMT
Via
1.1 3a60765023a93f6346539d2ca40f0b12.cloudfront.net (CloudFront)
Last-Modified
Thu, 21 Mar 2024 11:48:11 GMT
Server
nginx
X-Amz-Cf-Pop
IAD61-P2
Age
47107
ETag
"65fc1e7b-2c6f"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11375
X-Amz-Cf-Id
geUMjHBn9logVHEDucku672_EBnx5xuP0LYYBshVbJfE4rSde-WmUA==
ls.php
ww38.wsalgreensusa.com/ 		0
0
caf.js
www.google.com/adsense/domains/
Redirect Chain
  • http://www.google.com/adsense/domains/caf.js?abp=1&adsdeli=true
  • https://www.google.com/adsense/domains/caf.js?abp=1&adsdeli=true
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ww38.wsalgreensusa.com
URL
http://ww38.wsalgreensusa.com/ls.php?t=6690f1de&token=ccdf6fe6bfbbabf34be3328fde57bdd4a067cf88
Domain
www.google.com
URL
https://www.google.com/adsense/domains/caf.js?abp=1&adsdeli=true

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| tcblock object| searchboxBlock object| containerNames string| uniqueTrackingID string| themedata string| domain string| adtest object| pageOptions function| x function| getXMLhttp function| ajaxQuery function| ajaxBackfill function| loadFeed function| relatedCallback function| relatedFallback object| xmlHttp function| ls function| getLoadFeedArguments

4 Cookies

Domain/Path Name / Value
.clkmg.com/ Name: alc
Value: 1
.clkmg.com/ Name: lids
Value: 2315333-169764+
.clkmg.com/ Name: vid
Value: 1047805531
wsalgreensusa.com/ Name: __tad
Value: 1720775131.4741689