www.macys.com Open in urlscan Pro
184.30.24.173 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://dev.googld.sk/
Effective URL:
https://www.macys.com/?m_sc=sem&m_sb=Resilion&m_tp=Search&m_ac=Google_Resilion&cm_mmc=Google_Resilion-_-Macys_-_Brand_...
Submission Tags: @phishunt_io
Submission: On November 01 via api (November 1st 2021, 8:40:23 pm UTC) from DE — Scanned from DE

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 5 domains to perform 10 HTTP transactions. The main IP is 184.30.24.173, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is www.macys.com.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on April 23rd 2020. Valid for: 2 years.

This is the only time www.macys.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	199.59.242.153 199.59.242.153	395082 (BODIS-NJ) (BODIS-NJ)
1	142.250.186.132 142.250.186.132	15169 (GOOGLE) (GOOGLE)
1	35.163.155.193 35.163.155.193	16509 (AMAZON-02) (AMAZON-02)
1 1	52.33.166.114 52.33.166.114	16509 (AMAZON-02) (AMAZON-02)
1 1	34.249.182.181 34.249.182.181	16509 (AMAZON-02) (AMAZON-02)
1 2	184.30.24.173 184.30.24.173	16625 (AKAMAI-AS) (AKAMAI-AS)
10	4

7 199.59.242.153 (United States)

ASN395082 (BODIS-NJ, US)

dev.googld.sk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.132 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.163.155.193 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-163-155-193.us-west-2.compute.amazonaws.com

query.pureleads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.33.166.114 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-33-166-114.us-west-2.compute.amazonaws.com

queryclick.pureleads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.249.182.181 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-182-181.eu-west-1.compute.amazonaws.com

6102.xg4ken.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.30.24.173 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-173.deploy.static.akamaitechnologies.com

www.macys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	googld.sk dev.googld.sk	24 KB
2	macys.com 1 redirects www.macys.com	2 KB
2	pureleads.com 1 redirects query.pureleads.com queryclick.pureleads.com	1 KB
1	xg4ken.com 1 redirects 6102.xg4ken.com	809 B
1	google.com www.google.com	55 KB
10	5

	Domain	Requested by
7	dev.googld.sk	dev.googld.sk
2	www.macys.com	1 redirects
1	6102.xg4ken.com	1 redirects
1	queryclick.pureleads.com	1 redirects
1	query.pureleads.com	dev.googld.sk
1	www.google.com	dev.googld.sk
10	6

This site contains no links.

Subject Issuer	Validity	Valid
dev.googld.sk R3	`2021-11-01` - `2022-01-30`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
query.pureleads.com Amazon	`2021-09-10` - `2022-10-09`	a year	crt.sh
www.macys.com Sectigo RSA Organization Validation Secure Server CA	`2020-04-23` - `2022-04-23`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://www.macys.com/?m_sc=sem&m_sb=Resilion&m_tp=Search&m_ac=Google_Resilion&cm_mmc=Google_Resilion-_-Macys_-_Brand_Brand-_-macys-_-kclickid_56638c79-0db2-483e-903f-c8c1046e777e_&m_ag=macys&m_cn=Macys_-_Brand&m_pi=kclickid_56638c79-0db2-483e-903f-c8c1046e777e__shorelinesearch27-11-01_201839899_451263060
Frame ID: 4897E92079FC5FEAA0C4F144EC10E467
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Access Denied

Page URL History Show full URLs

https://dev.googld.sk/ Page URL
https://query.pureleads.com/?data=1bgK1opw1sVEQWwoTgab88A%2Bc1zaV%2BSubIJj1%2Fe6gcKCr%2FR4dS8yAHc5lKgb74... Page URL
https://queryclick.pureleads.com/index_click.php?q=https%3A%2F%2F6102.xg4ken.com%2Fmedia%2Fredir.php%3Fprof%3... HTTP 302
https://6102.xg4ken.com/media/redir.php?prof=502&affcode=uc|resilion|Macys%20-%20Brand|Brand|macys|E... HTTP 307
https://www.macys.com/?m_sc=sem&m_sb=Resilion&m_tp=Search&m_ac=Google_Resilion&cm_mmc=Google_Resil... HTTP 302
https://www.macys.com/?m_sc=sem&m_sb=Resilion&m_tp=Search&m_ac=Google_Resilion&cm_mmc=Google_Resil... Page URL

Page Statistics

10
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

6
Subdomains

4
IPs

3
Countries

80 kB
Transfer

215 kB
Size

9
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://dev.googld.sk/ Page URL
https://query.pureleads.com/?data=1bgK1opw1sVEQWwoTgab88A%2Bc1zaV%2BSubIJj1%2Fe6gcKCr%2FR4dS8yAHc5lKgb74uiQBOergmoVRy817MemzT2ZZ6YxjtenNBEeNudJOMEI7DXM8Jy85PjJJPDaRTVW%2BGSu12KzgVLIzO99giA26jvQZQSLx2oJ8oiMC%2BztPbVwl71I%2BzLv5TSPv4AcJUEFderALR3kTY7xGdNjBYFMb8u%2BA%2BhyHpy5mbpozumXelNSjWZpoSuGvc37zogsea9yHs3oEXKO26tdOQW8PSFGBtRlP6g%2FD6xQ9HfU5E%2BGGCTTl1W61nA8R2JhiHVPbUkrWwTJh4XmDaQYZfQ9aBVbOcvwkjq74otDV8hK4cjEINUcKrm9qruxbE32VwQWuqDdqatJbyKq0WqB7b2DZ13voqzdN5keqGEyITVmpoVwq74hnT3PnjPJe1DAwB%2BkIAIyObC0lxrOk11klwp88FQo7Kzs%2BVeT38ejb3rMyEkBWqhr%2FbgL0ww6jYBQsROuGSQXhQsoFryVoDZBqvQnE6F%2Bsgyv0%2F2rqVoHVgVc6n6YpN6DN8xrHlFqanK1jG46wx%2FmCVQK919IzXJUrH75ySZF4F%2BPAq0MkmcU3oOj4iwjiEYwtK0gCLrN5gOTWrs1WiMawQpII80YTFCdCwYZUL2pV1TGFthxjdHzi9Xj2LserRXlsGDQWIXK20oQubCDcgCUZezViIdrzCZZ5ep%2FookB1Y4C%2BF2p%2FJOK1o4I4Upq3Vwhc5fQ%2Bkk2MaUNLrsu2dfaDSvsEYZezDuY1IEAnlrBDjGJWijpr3TLv9Z3psCEQUwr5LBr%2BJpbeU7i1jq9FvAsPyTLsa2LF0ZBhSptNw%2B0vYbu5WLbzvEoRvZ2ZAp3xRaAtaqKQkuQThkW%2FszVs1TRVAbBHc3NPMysBti%2F829xeefFzRMY0woZg3z727WUbCxryz5zEnCuApwJq4JgFWASY1F1oWMVk87%2B%2BULiSRsyQ655hH4HIP9qWW85wOCXjTtZIGMKzR7NuesMfriUH4wf%2FxBaCBBIcxrrj8LoGwi1fP1irTXY%2BmY610ThjpxKtEXVkJTD%2FmU2q%2F7WlfO4MnL%2FyGWvxQBF1j4jvz%2FJNHujxHeFDa7H%2BXbIWKdRzMPIh15mmoPyDvqkoM%2FgUFoIZNIg2DknjsG1tZFhOtthZIg4ewmVI1O1x%2FKkl5IISUloZaVOr%2F3RcGhcqEOMN4xxhM6m0psBLPsUgwkMsnX3HqDJ9A7CkuedqjKMs%2BibWXHMkiKAAU%3D Page URL
https://queryclick.pureleads.com/index_click.php?q=https%3A%2F%2F6102.xg4ken.com%2Fmedia%2Fredir.php%3Fprof%3D502%26affcode%3Duc%7Cresilion%7CMacys%20-%20Brand%7CBrand%7Cmacys%7CExact%26url%3Dhttps%3A%2F%2Fwww.macys.com%2F%3Fm_sc%3Dsem%26m_sb%3DResilion%26m_tp%3DSearch%26m_ac%3DGoogle_Resilion%26cm_mmc%3DGoogle_Resilion-_-Macys_-_Brand_Brand-_-macys-_-kclickid__kenshoo_clickid__%26m_ag%3Dmacys%26m_cn%3DMacys_-_Brand%26m_pi%3Dkclickid__kenshoo_clickid___shorelinesearch27-11-01_201839899_451263060&i=shorelinesearch27-11-01_201839899_451263060 HTTP 302
https://6102.xg4ken.com/media/redir.php?prof=502&affcode=uc|resilion|Macys%20-%20Brand|Brand|macys|Exact&url=https://www.macys.com/?m_sc=sem&m_sb=Resilion&m_tp=Search&m_ac=Google_Resilion&cm_mmc=Google_Resilion-_-Macys_-_Brand_Brand-_-macys-_-kclickid__kenshoo_clickid__&m_ag=macys&m_cn=Macys_-_Brand&m_pi=kclickid__kenshoo_clickid___shorelinesearch27-11-01_201839899_451263060 HTTP 307
https://www.macys.com/?m_sc=sem&m_sb=Resilion&m_tp=Search&m_ac=Google_Resilion&cm_mmc=Google_Resilion-_-Macys_-_Brand_Brand-_-macys-_-kclickid_56638c79-0db2-483e-903f-c8c1046e777e_&m_ag=macys&m_cn=Macys_-_Brand&m_pi=kclickid_56638c79-0db2-483e-903f-c8c1046e777e__shorelinesearch27-11-01_201839899_451263060 HTTP 302
https://www.macys.com/?m_sc=sem&m_sb=Resilion&m_tp=Search&m_ac=Google_Resilion&cm_mmc=Google_Resilion-_-Macys_-_Brand_Brand-_-macys-_-kclickid_56638c79-0db2-483e-903f-c8c1046e777e_&m_ag=macys&m_cn=Macys_-_Brand&m_pi=kclickid_56638c79-0db2-483e-903f-c8c1046e777e__shorelinesearch27-11-01_201839899_451263060 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
dev.googld.sk/ 2 KB
2 KB 381ms
106ms Document
text/html 199.59.242.153
BODIS-NJ

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.googld.sk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.59.242.153 , United States, ASN395082 (BODIS-NJ, US),
Reverse DNS
Software: openresty /
Resource Hash: 35d582b193fa059b5161b0df916e4d77f129dcb6c096f089df8106a882332cf6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: openresty
date: Mon, 01 Nov 2021 20:40:19 GMT
content-type: text/html; charset=UTF-8
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_NYIxi+qA3IkH3zr7OCcJ67ulIDdNJMy7P7/uuKaE4ACtpN3kUEUNCdJNiA3rOqNsvYHsOHVKuFpzpTCIw9ZzHw==
cache-control: no-cache no-store, must-revalidate post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
pragma: no-cache
content-encoding: gzip

GET
H2 200 parking.2.72.5.js Show response
dev.googld.sk/js/ 58 KB
19 KB 88ms
88ms Script
application/javascript 199.59.242.153
BODIS-NJ

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.googld.sk/js/parking.2.72.5.js
Requested by: Host: dev.googld.sk
URL: https://dev.googld.sk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.59.242.153 , United States, ASN395082 (BODIS-NJ, US),
Reverse DNS
Software: openresty /
Resource Hash: e4c90707455684821393510b76477f714adad6b50aac178cd8188555996f9a0b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dev.googld.sk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Nov 2021 20:40:19 GMT
content-encoding: gzip
last-modified: Fri, 29 Oct 2021 20:43:55 GMT
server: openresty
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H2 200 _fd Show response
dev.googld.sk/ 505 B
735 B 192ms
192ms Fetch
text/html 199.59.242.153
BODIS-NJ

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.googld.sk/_fd
Requested by: Host: dev.googld.sk
URL: https://dev.googld.sk/js/parking.2.72.5.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.59.242.153 , United States, ASN395082 (BODIS-NJ, US),
Reverse DNS
Software: openresty /
Resource Hash: a535aae1b8929152be06f223f6762d5c3e8e20eae09430b77b5b1c8b07f91418

Request headers

Accept: application/json
Referer: https://dev.googld.sk/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Mon, 01 Nov 2021 20:40:19 GMT
content-encoding: gzip
server: openresty
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
x-version: 2.72.5
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 caf.js Show response
www.google.com/adsense/domains/ 152 KB
55 KB 78ms
26ms Script
text/javascript 142.250.186.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/adsense/domains/caf.js

Requested by

Host: dev.googld.sk
URL: https://dev.googld.sk/js/parking.2.72.5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f4.1e100.net

Software

sffe /

Resource Hash

4c1196b1d09f9e4f3d5f9f8c3c5f6178382ace54d6a8d5f85a21eb36f99afa5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dev.googld.sk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 20:40:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: sffe
etag: "6064212550269180432"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-afs-ui"
expires: Mon, 01 Nov 2021 20:40:19 GMT

GET
H2 200 px.gif
dev.googld.sk/ 42 B
269 B 96ms
95ms Image
image/gif 199.59.242.153
BODIS-NJ

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dev.googld.sk/px.gif?ch=1&rn=3.7217339510124647
Requested by: Host: dev.googld.sk
URL: https://dev.googld.sk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.59.242.153 , United States, ASN395082 (BODIS-NJ, US),
Reverse DNS
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dev.googld.sk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Nov 2021 20:40:19 GMT
last-modified: Thu, 06 Aug 2020 15:09:01 GMT
server: openresty
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
accept-ranges: bytes
content-length: 42
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 px.gif
dev.googld.sk/ 42 B
269 B 96ms
95ms Image
image/gif 199.59.242.153
BODIS-NJ

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dev.googld.sk/px.gif?ch=2&rn=3.7217339510124647
Requested by: Host: dev.googld.sk
URL: https://dev.googld.sk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.59.242.153 , United States, ASN395082 (BODIS-NJ, US),
Reverse DNS
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dev.googld.sk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Nov 2021 20:40:19 GMT
last-modified: Thu, 06 Aug 2020 15:09:01 GMT
server: openresty
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
accept-ranges: bytes
content-length: 42
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H2 200 _zc Show response
dev.googld.sk/ 2 KB
2 KB 687ms
687ms Fetch
text/html 199.59.242.153
BODIS-NJ

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.googld.sk/_zc
Requested by: Host: dev.googld.sk
URL: https://dev.googld.sk/js/parking.2.72.5.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.59.242.153 , United States, ASN395082 (BODIS-NJ, US),
Reverse DNS
Software: openresty /
Resource Hash: 53f4e6dd3b318665541701ae215254933a89b468db1a38d0d720929f73cb0c54

Request headers

Accept: application/json
Referer: https://dev.googld.sk/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Mon, 01 Nov 2021 20:40:20 GMT
content-encoding: gzip
server: openresty
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
x-version: 2.72.5
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H2 200 _tr
dev.googld.sk/ 2 B
0 163ms
163ms Fetch
text/html 199.59.242.153
BODIS-NJ

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.googld.sk/_tr
Requested by: Host: dev.googld.sk
URL: https://dev.googld.sk/js/parking.2.72.5.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.59.242.153 , United States, ASN395082 (BODIS-NJ, US),
Reverse DNS
Software: openresty /
Resource Hash

Request headers

Accept: application/json
Referer: https://dev.googld.sk/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Mon, 01 Nov 2021 20:40:20 GMT
content-encoding: gzip
server: openresty
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
x-version: 2.72.5
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 / Show response
query.pureleads.com/ 720 B
851 B 559ms
206ms Document
text/html 35.163.155.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://query.pureleads.com/?data=1bgK1opw1sVEQWwoTgab88A%2Bc1zaV%2BSubIJj1%2Fe6gcKCr%2FR4dS8yAHc5lKgb74uiQBOergmoVRy817MemzT2ZZ6YxjtenNBEeNudJOMEI7DXM8Jy85PjJJPDaRTVW%2BGSu12KzgVLIzO99giA26jvQZQSLx2oJ8oiMC%2BztPbVwl71I%2BzLv5TSPv4AcJUEFderALR3kTY7xGdNjBYFMb8u%2BA%2BhyHpy5mbpozumXelNSjWZpoSuGvc37zogsea9yHs3oEXKO26tdOQW8PSFGBtRlP6g%2FD6xQ9HfU5E%2BGGCTTl1W61nA8R2JhiHVPbUkrWwTJh4XmDaQYZfQ9aBVbOcvwkjq74otDV8hK4cjEINUcKrm9qruxbE32VwQWuqDdqatJbyKq0WqB7b2DZ13voqzdN5keqGEyITVmpoVwq74hnT3PnjPJe1DAwB%2BkIAIyObC0lxrOk11klwp88FQo7Kzs%2BVeT38ejb3rMyEkBWqhr%2FbgL0ww6jYBQsROuGSQXhQsoFryVoDZBqvQnE6F%2Bsgyv0%2F2rqVoHVgVc6n6YpN6DN8xrHlFqanK1jG46wx%2FmCVQK919IzXJUrH75ySZF4F%2BPAq0MkmcU3oOj4iwjiEYwtK0gCLrN5gOTWrs1WiMawQpII80YTFCdCwYZUL2pV1TGFthxjdHzi9Xj2LserRXlsGDQWIXK20oQubCDcgCUZezViIdrzCZZ5ep%2FookB1Y4C%2BF2p%2FJOK1o4I4Upq3Vwhc5fQ%2Bkk2MaUNLrsu2dfaDSvsEYZezDuY1IEAnlrBDjGJWijpr3TLv9Z3psCEQUwr5LBr%2BJpbeU7i1jq9FvAsPyTLsa2LF0ZBhSptNw%2B0vYbu5WLbzvEoRvZ2ZAp3xRaAtaqKQkuQThkW%2FszVs1TRVAbBHc3NPMysBti%2F829xeefFzRMY0woZg3z727WUbCxryz5zEnCuApwJq4JgFWASY1F1oWMVk87%2B%2BULiSRsyQ655hH4HIP9qWW85wOCXjTtZIGMKzR7NuesMfriUH4wf%2FxBaCBBIcxrrj8LoGwi1fP1irTXY%2BmY610ThjpxKtEXVkJTD%2FmU2q%2F7WlfO4MnL%2FyGWvxQBF1j4jvz%2FJNHujxHeFDa7H%2BXbIWKdRzMPIh15mmoPyDvqkoM%2FgUFoIZNIg2DknjsG1tZFhOtthZIg4ewmVI1O1x%2FKkl5IISUloZaVOr%2F3RcGhcqEOMN4xxhM6m0psBLPsUgwkMsnX3HqDJ9A7CkuedqjKMs%2BibWXHMkiKAAU%3D
Requested by: Host: dev.googld.sk
URL: https://dev.googld.sk/js/parking.2.72.5.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.163.155.193 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-163-155-193.us-west-2.compute.amazonaws.com
Software: Apache/2.4.27 (Amazon) PHP/7.1.20 / PHP/7.1.20
Resource Hash: de4808cf78afe947b6e749720092b6313edca5d1a5941ebbba646ff41facf01f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://dev.googld.sk/

Response headers

date: Mon, 01 Nov 2021 20:40:21 GMT
content-type: text/html; charset=UTF-8
content-length: 720
server: Apache/2.4.27 (Amazon) PHP/7.1.20
x-powered-by: PHP/7.1.20

GET
H2

302

Primary Request / Show response
www.macys.com/
Redirect Chain

https://queryclick.pureleads.com/index_click.php?q=https%3A%2F%2F6102.xg4ken.com%2Fmedia%2Fredir.php%3Fprof%3D502%26affcode%3Duc%7Cresilion%7CMacys%20-%20Brand%7CBrand%7Cmacys%7CExact%26url%3Dhttps...
https://6102.xg4ken.com/media/redir.php?prof=502&affcode=uc|resilion|Macys%20-%20Brand|Brand|macys|Exact&url=https://www.macys.com/?m_sc=sem&m_sb=Resilion&m_tp=Search&m_ac=Google_Resilion&cm_mmc=Go...
https://www.macys.com/?m_sc=sem&m_sb=Resilion&m_tp=Search&m_ac=Google_Resilion&cm_mmc=Google_Resilion-_-Macys_-_Brand_Brand-_-macys-_-kclickid_56638c79-0db2-483e-903f-c8c1046e777e_&m_ag=macys&m_cn=...
https://www.macys.com/?m_sc=sem&m_sb=Resilion&m_tp=Search&m_ac=Google_Resilion&cm_mmc=Google_Resilion-_-Macys_-_Brand_Brand-_-macys-_-kclickid_56638c79-0db2-483e-903f-c8c1046e777e_&m_ag=macys&m_cn=...

224 B
358 B

449ms
449ms

Document
text/html

184.30.24.173
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.macys.com/?m_sc=sem&m_sb=Resilion&m_tp=Search&m_ac=Google_Resilion&cm_mmc=Google_Resilion-_-Macys_-_Brand_Brand-_-macys-_-kclickid_56638c79-0db2-483e-903f-c8c1046e777e_&m_ag=macys&m_cn=Macys_-_Brand&m_pi=kclickid_56638c79-0db2-483e-903f-c8c1046e777e__shorelinesearch27-11-01_201839899_451263060
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.24.173 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-173.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: bb4c8e4a7208d386c82537ca1bd5315ac6864d7b510e3e58c36ba9d84d8b62ce

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://query.pureleads.com/?data=1bgK1opw1sVEQWwoTgab88A%2Bc1zaV%2BSubIJj1%2Fe6gcKCr%2FR4dS8yAHc5lKgb74uiQBOergmoVRy817MemzT2ZZ6YxjtenNBEeNudJOMEI7DXM8Jy85PjJJPDaRTVW%2BGSu12KzgVLIzO99giA26jvQZQSLx2oJ8oiMC%2BztPbVwl71I%2BzLv5TSPv4AcJUEFderALR3kTY7xGdNjBYFMb8u%2BA%2BhyHpy5mbpozumXelNSjWZpoSuGvc37zogsea9yHs3oEXKO26tdOQW8PSFGBtRlP6g%2FD6xQ9HfU5E%2BGGCTTl1W61nA8R2JhiHVPbUkrWwTJh4XmDaQYZfQ9aBVbOcvwkjq74otDV8hK4cjEINUcKrm9qruxbE32VwQWuqDdqatJbyKq0WqB7b2DZ13voqzdN5keqGEyITVmpoVwq74hnT3PnjPJe1DAwB%2BkIAIyObC0lxrOk11klwp88FQo7Kzs%2BVeT38ejb3rMyEkBWqhr%2FbgL0ww6jYBQsROuGSQXhQsoFryVoDZBqvQnE6F%2Bsgyv0%2F2rqVoHVgVc6n6YpN6DN8xrHlFqanK1jG46wx%2FmCVQK919IzXJUrH75ySZF4F%2BPAq0MkmcU3oOj4iwjiEYwtK0gCLrN5gOTWrs1WiMawQpII80YTFCdCwYZUL2pV1TGFthxjdHzi9Xj2LserRXlsGDQWIXK20oQubCDcgCUZezViIdrzCZZ5ep%2FookB1Y4C%2BF2p%2FJOK1o4I4Upq3Vwhc5fQ%2Bkk2MaUNLrsu2dfaDSvsEYZezDuY1IEAnlrBDjGJWijpr3TLv9Z3psCEQUwr5LBr%2BJpbeU7i1jq9FvAsPyTLsa2LF0ZBhSptNw%2B0vYbu5WLbzvEoRvZ2ZAp3xRaAtaqKQkuQThkW%2FszVs1TRVAbBHc3NPMysBti%2F829xeefFzRMY0woZg3z727WUbCxryz5zEnCuApwJq4JgFWASY1F1oWMVk87%2B%2BULiSRsyQ655hH4HIP9qWW85wOCXjTtZIGMKzR7NuesMfriUH4wf%2FxBaCBBIcxrrj8LoGwi1fP1irTXY%2BmY610ThjpxKtEXVkJTD%2FmU2q%2F7WlfO4MnL%2FyGWvxQBF1j4jvz%2FJNHujxHeFDa7H%2BXbIWKdRzMPIh15mmoPyDvqkoM%2FgUFoIZNIg2DknjsG1tZFhOtthZIg4ewmVI1O1x%2FKkl5IISUloZaVOr%2F3RcGhcqEOMN4xxhM6m0psBLPsUgwkMsnX3HqDJ9A7CkuedqjKMs%2BibWXHMkiKAAU%3D

Response headers

server: AkamaiNetStorage
content-length: 224
content-type: text/html
etag: "bfb4b334be4999f9b14aefe6a14b6e59:1555390819"
cache-control: max-age=600
date: Mon, 01 Nov 2021 20:40:22 GMT

Redirect headers

server: AkamaiGHost
content-length: 0
location: /?m_sc=sem&m_sb=Resilion&m_tp=Search&m_ac=Google_Resilion&cm_mmc=Google_Resilion-_-Macys_-_Brand_Brand-_-macys-_-kclickid_56638c79-0db2-483e-903f-c8c1046e777e_&m_ag=macys&m_cn=Macys_-_Brand&m_pi=kclickid_56638c79-0db2-483e-903f-c8c1046e777e__shorelinesearch27-11-01_201839899_451263060
date: Mon, 01 Nov 2021 20:40:21 GMT
server-timing: cdn-cache; desc=HIT edge; dur=2
content-security-policy: upgrade-insecure-requests;
cache-control: private, max-age=0, no-cache, must-revalidate
x-macys-device: PC

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
dev.googld.sk/	1970-01-19 22:23:20	Name: parking_session Value: 0091a1a8-c453-cb97-a0c1-de8a25bed2f5
.xg4ken.com/	1970-01-20 07:08:55	Name: kenshoo_id Value: 56638c79-0db2-483e-903f-c8c1046e777e
.macys.com/	1969-12-31 23:59:59	Name: shippingCountry Value: DE
.macys.com/	1969-12-31 23:59:59	Name: currency Value: EUR
.macys.com/	1969-12-31 23:59:59	Name: SignedIn Value: 0
.macys.com/	1969-12-31 23:59:59	Name: GCs Value: CartItem1_92_03_87_UserName1_92_4_02_
www.macys.com/	1969-12-31 23:59:59	Name: akavpau_www_www1_macys Value: 1635799521~id=c7b8260b2460836fe20810427157d210
.macys.com/	1970-01-20 07:08:55	Name: _abck Value: 5A04B185E35283D0A69EF5973BDAEE0A~-1~YAAQvyR+aNtGi9Z8AQAAsEY73QYEnScd1YRoqoR6xWefGdyXp5LQDdbarqp+pdGQ1bh5ACbJFwMqZnb0wPyWQjVFm91A1N6fButCGzKOKvbACtNQ0y/Wax/lNjRcEhQsSFJj/kpN1C84nedf6HQDO7Lxf37dgYoZCvLqYarXKh1Q3eZdFNxZPSRIS5hKvqhAqERkGBNyVUhizeBK3VkOBaNOm/EfUoX3ERT+luMWpMzqVNq6ROzI7TR7BEShq6VIjelTDXDJP9wYXaGoG5HEF8z5iJtfYUW1G543t8Kwhxozn2WPfmrusyGBNFPC/Y+kIqLkT7cp6a9NlVbC/xwtH7995mD86n2iXkocpccdLqANRuMuRo7MDok8MA==~-1~-1~-1
.macys.com/	1970-01-19 22:23:33	Name: bm_sz Value: FB3F90A3C5619B32C0E7485D2E139263~YAAQvyR+aNxGi9Z8AQAAsEY73Q2D8qGdNua8/FlIwCOJOKkCVQXAyhTiIA1d9DPHelOXl+JtiUnaXa1RXYK2F68WOeNZ+YckOgHsJraktLP2QIwtgMMAxYVg1Elv9WQ5dDsn0mWq/vxd+zGyCzL1JD0o/xzWI2ZYZhPGlhx91vCcq4joV6sddN5dPEdOGWPbZCq2qtrWkYD1f3G2c3I9xjpuTcm8sW00dazNqqD3AS6CGlDy4DXqVecUv1Co3hyKCUSgrUXxkVg+b2/odg4jnaG5obSJTwNe0StnWwhEKU5UPw==~3421491~3752243

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6102.xg4ken.com
dev.googld.sk
query.pureleads.com
queryclick.pureleads.com
www.google.com
www.macys.com
142.250.186.132
184.30.24.173
199.59.242.153
34.249.182.181
35.163.155.193
52.33.166.114
35d582b193fa059b5161b0df916e4d77f129dcb6c096f089df8106a882332cf6
4c1196b1d09f9e4f3d5f9f8c3c5f6178382ace54d6a8d5f85a21eb36f99afa5b
53f4e6dd3b318665541701ae215254933a89b468db1a38d0d720929f73cb0c54
a535aae1b8929152be06f223f6762d5c3e8e20eae09430b77b5b1c8b07f91418
bb4c8e4a7208d386c82537ca1bd5315ac6864d7b510e3e58c36ba9d84d8b62ce
de4808cf78afe947b6e749720092b6313edca5d1a5941ebbba646ff41facf01f
e4c90707455684821393510b76477f714adad6b50aac178cd8188555996f9a0b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

www.macys.com Open in urlscan Pro 184.30.24.173 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

10 Requests

100 %HTTPS

0 %IPv6

5 Domains

6 Subdomains

4 IPs

3 Countries

80 kBTransfer

215 kBSize

9 Cookies

0 Outgoing links

Page URL History

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

9 Cookies

Indicators

www.macys.com Open in urlscan Pro
184.30.24.173 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

6
Subdomains

4
IPs

3
Countries

80 kB
Transfer

215 kB
Size

9
Cookies

10 HTTP transactions
0 data transactions