getmymrewards.com
Open in
urlscan Pro
185.66.141.28
Malicious Activity!
Public Scan
Submission: On November 08 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by R3 on October 13th 2022. Valid for: 3 months.
This is the only time getmymrewards.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Scam (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
32 | 185.66.141.28 185.66.141.28 | 200514 (KNOWNSRV) (KNOWNSRV) | |
1 | 2600:9000:21f... 2600:9000:21f3:3c00:d:dc73:ab80:21 | 16509 (AMAZON-02) (AMAZON-02) | |
5 | 2600:9000:21f... 2600:9000:21f3:ec00:1b:9327:5500:21 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2600:3c01::f0... 2600:3c01::f03c:91ff:fe79:43b | 63949 (LINODE-AP...) (LINODE-AP Linode) | |
39 | 4 |
ASN16509 (AMAZON-02, US)
dby7kx9z9yzse.cloudfront.net |
ASN16509 (AMAZON-02, US)
dwmsurhf1svv8.cloudfront.net |
ASN63949 (LINODE-AP Linode, LLC, US)
www.jsonip.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
32 |
getmymrewards.com
getmymrewards.com |
653 KB |
6 |
cloudfront.net
dby7kx9z9yzse.cloudfront.net dwmsurhf1svv8.cloudfront.net |
29 KB |
1 |
jsonip.com
www.jsonip.com |
411 B |
39 | 3 |
Domain | Requested by | |
---|---|---|
32 | getmymrewards.com |
getmymrewards.com
|
5 | dwmsurhf1svv8.cloudfront.net |
dby7kx9z9yzse.cloudfront.net
|
1 | www.jsonip.com |
getmymrewards.com
|
1 | dby7kx9z9yzse.cloudfront.net |
getmymrewards.com
|
39 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.getmymrewards.com R3 |
2022-10-13 - 2023-01-11 |
3 months | crt.sh |
*.cloudfront.net Amazon |
2022-02-01 - 2023-01-31 |
a year | crt.sh |
jsonip.com R3 |
2022-09-13 - 2022-12-12 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://getmymrewards.com/
Frame ID: 798310930BD87ED19A586600C30C277B
Requests: 39 HTTP requests in this frame
Screenshot
Page Title
Earn MyMcDonald's® RewardsDetected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
animate.css (Web Frameworks) Expand
Detected patterns
- <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
SweetAlert (JavaScript Libraries) Expand
Detected patterns
- <link[^>]+?href="[^"]+sweet-alert(?:\.min)?\.css
- sweet(?:-)?alert(?:\.min)?\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
39 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
getmymrewards.com/ |
38 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css8f84.css
getmymrewards.com/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
getmymrewards.com/font-awesome/4.5.0/css/ |
27 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fancySelect.css
getmymrewards.com/css/ |
4 KB 950 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
getmymrewards.com/css/ |
118 KB 18 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sweet-alert.css
getmymrewards.com/css/ |
14 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
animate.css
getmymrewards.com/css/ |
67 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
magnific-popup.css
getmymrewards.com/css/ |
8 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
getmymrewards.com/css/ |
35 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3a08f39.js
dby7kx9z9yzse.cloudfront.net/ |
23 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cellphone.png
getmymrewards.com/img/ |
342 B 404 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.png
getmymrewards.com/img/ |
49 KB 49 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gems-icon.png
getmymrewards.com/img/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sectionfirstbg2.png
getmymrewards.com/img/ |
94 KB 94 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mcdpoints.png
getmymrewards.com/img/ |
139 KB 139 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
getmymrewards.com/ajax/libs/jquery/2.1.4/ |
82 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fancySelect.js
getmymrewards.com/js/ |
7 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.equalheights.js
getmymrewards.com/js/ |
467 B 314 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.parallax-1.1.3.js
getmymrewards.com/js/ |
58 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sweet-alert.min.js
getmymrewards.com/js/ |
10 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.animatecss.min.js
getmymrewards.com/js/ |
1 KB 536 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.magnific-popup.min.js
getmymrewards.com/js/ |
21 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.nicescroll.min.js
getmymrewards.com/js/ |
60 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.smooth-scroll.min.js
getmymrewards.com/js/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
validator.min.js
getmymrewards.com/js/ |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
form-scripts.js
getmymrewards.com/js/ |
1 KB 569 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.js
getmymrewards.com/js/ |
41 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
html.2481791.b991a.0.js
dwmsurhf1svv8.cloudfront.net/public/external/v2/ |
14 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css_front.css
dwmsurhf1svv8.cloudfront.net/public/external/ |
6 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
headerbg.png
getmymrewards.com/img/ |
147 KB 147 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sectionfirstbg.png
getmymrewards.com/img/ |
1 KB 1 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sectionsecondbg.jpg
getmymrewards.com/img/ |
1 KB 1 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sectionthirdbg.png
getmymrewards.com/img/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome-webfont3295.woff2
getmymrewards.com/font-awesome/4.5.0/fonts/ |
65 KB 65 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
US.png
getmymrewards.com/img/cf/ |
541 B 595 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css.css
dwmsurhf1svv8.cloudfront.net/public/clockers/PrimeApps/ |
1010 B 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
json
www.jsonip.com/ |
110 B 411 B |
Script
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
guid
dwmsurhf1svv8.cloudfront.net/public/ |
0 276 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
check.php
dwmsurhf1svv8.cloudfront.net/public/external/ |
78 B 371 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Scam (Online)58 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| CPABUILDSETTINGS object| CPABUILDContentLocker number| __cfRLUnblockHandlers function| CPBContentLocker function| CPABuildLock function| CPABuildGetFeedURL function| CPABuildGetIframeURL function| CPABuildGetIframeHTML function| CPABuildUnlock function| CPABuildOfferComplete function| CPABuildOffersComplete function| CPABuildCheckForLead function| og_load function| CPABuildComplete function| call_locker function| MyIP number| eenum number| ee function| dis_num2 function| formatAMPM function| $ function| jQuery function| swal function| sweetAlert object| NiceScroll function| submitForm function| formSuccess function| formError function| submitMSG object| X00Gems object| X00CF function| X00Random number| X00ActivityIntervalSeconds number| X00ActivitySecondsCurrent function| X00ActivitiesAdd number| eenum2 function| dis_num3 boolean| ChatReplied object| ChatDate string| ChatUserName object| ChatUserNames object| ChatContent object| ChatAntiBot function| rng function| Random function| ChatAddEntry function| ChatLog function| ChatStart1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
getmymrewards.com/ | Name: _cpguid Value: 2v8ixhh8u |
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
dby7kx9z9yzse.cloudfront.net
dwmsurhf1svv8.cloudfront.net
getmymrewards.com
www.jsonip.com
185.66.141.28
2600:3c01::f03c:91ff:fe79:43b
2600:9000:21f3:3c00:d:dc73:ab80:21
2600:9000:21f3:ec00:1b:9327:5500:21
0095cb079d1aa7e7f3fa395f908f9ee3ab6cf5fdbbbdcfedd0a313dd0a951dcd
0d3020fb8b26be3f731c75b17fa0538bc04e63f26693934efb381b393a5915fd
0de0e24ac0788d1b1f1933371cb4cb24a96a042b9323f827415cef531e885f8c
0f3ffa7f0b928b893a75953b1b233b2bf8dc84f94851a6d24225a59d862c270b
121398dd2faed62e967f9667a0006feb09aff16207fb4db790a7e223cff30fe6
135922615df355461155701925a7534d9e94c0d0433160ffa68c100ed9524e14
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
23c47e5ffaef8f1acd13d7126549a7a15f8e01f3eb8be1afbc765816a4affaa6
2b06722bc2e39524bbc2dba9f215f09b5a84ada1b7ac1af8ea604faa8f314731
38ba4aae0abb134bb6c0f2075220ae4c9e526114627f39362b7c5c0562e0dbf7
39f71d43cf66415c9f6950197fc0d51682f2113c57cb04c635f18686355e0c31
3aae03f8a8daad95440b46d78675838c8fc7a52362a6d657071554d86f2c9c55
44e3b50966649f43d330e62a4ce131b86a45dab067b5f27a0c19d86895575f9d
4c9ba1536953b70ddeace06f11e12ea6d4522926d93c1288e485a9f6cd9f28c3
5a3d165856e87df2c5b89f4d95340837e537b658abc2574554644b00247f87c6
5bddfe151456d353615c71bff6088636fc1d97a927c89546766269c9d5529621
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
7e15a70fdc29b8f26e7955290c23c2753232f7c6996e32220dd93b226932873b
988df212c000f1c5b3043b9813ed991815089f0dac63ad094351eb372166f9ff
9b814101cf60ce8c628991f20ebbb274e1b183600c94ab38c0d31162bbdef34c
9e84a63f3fd12a7cfbc7ba74e643da3989adcafcd9e6b7f41e1dcdc066c5f51a
9ef4a63fc5e0a14a7301d693d65d6acfc44cdf14853c4a20890198f2d5e52e3b
a626902c69a38f8014e49e23d257c61cef15195ab30c5fabce469dad0cea995b
a7081a117335212b9e7f2e348f7369a64423d51db1666310b3451e7375f0b7de
a7bd79b6fba60944ee3a9c153108ff0819d2db57850116ac7065a86db08af4ec
bab43c7d2a6329d37b30e4f14682676bbfdbb9e13214516b98629027cf37cc44
be013828b8a66ccdbdc65234532cfd4a04a73c7778a42d7b0bf952278846f1a2
c31a654938abf168fca328d9663ea83999b87ff36d18b016ea8aace1a9cb2cb1
cc734238641e59ae87317b7d147951136d34104d4bffa68fb4be0470637fce3b
d2a026b54fde762eb74ee1fe14172a88d29100f80f08659e036c1611fdfe18e3
d34b191097c6eeebcf260831797e381db3d1214bdc6a2a281256eb6ae1f5ce94
e38dc1eb6b124c750b20d45ce60306a770ef2e1dd0d5039d93115199a9d63511
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecbef0f33e8ccedd2c605816e052cfff778abcc0e30a80b874c097a5fddd24fc
fabba2271f29d8ed07720af5e92f3761370a10d21e3f15bcfacb786fcd849cc0
ff5f3e5d9a83c364489d794b9bb009f3f7a06ff2c5ff0d8f6df2b5270cea2de2
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995