urlscan.io logo urlscan.io
SecurityTrails logo

mcdonalds.promobr.site Open in urlscan Pro
188.166.202.210  Public Scan

Go To Rescan Add Verdict Report
URL: https://mcdonalds.promobr.site/?rEWjz
Submission: On December 09 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 3 countries across 2 domains to perform 2 HTTP transactions. The main IP is 188.166.202.210, located in Amsterdam, Netherlands and belongs to DIGITALOCEAN-ASN - DigitalOcean, LLC, US. The main domain is mcdonalds.promobr.site.
TLS certificate: Issued by 142.93.140.12 on May 12th 2019. Valid for: 10 years.
This is the only time mcdonalds.promobr.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 188.166.202.210 14061 (DIGITALOC...)
1 1 67.202.94.86 32748 (STEADFAST)
1 185.225.208.133 13213 (UK2NET-AS)
2 2
Apex Domain
Subdomains		 Transfer
2 amung.us
whos.amung.us
widgets.amung.us
664 B
1 promobr.site
mcdonalds.promobr.site
993 B
2 2
Domain Requested by
1 widgets.amung.us mcdonalds.promobr.site
1 whos.amung.us 1 redirects
1 mcdonalds.promobr.site
2 3

This site contains no links.

Subject Issuer Validity Valid
142.93.140.12
142.93.140.12		 2019-05-12 -
2029-05-09		 10 years crt.sh
whos.amung.us
GeoTrust EV RSA CA 2018		 2018-03-09 -
2020-05-25		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://mcdonalds.promobr.site/?rEWjz
Frame ID: 240BC4AA15967AF2E42A3C52E92A2A7D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

2
Requests

50 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

2
IPs

3
Countries

1 kB
Transfer

1 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://whos.amung.us/swidget/ofertala.png HTTP 307
  • https://widgets.amung.us/small/00/1.png

2 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
mcdonalds.promobr.site/ 		210 B
993 B 		Document
General
Check archive.org
Download Go to
Full URL
https://mcdonalds.promobr.site/?rEWjz
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.166.202.210 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
nginx / PHP/7.2.18
Resource Hash
5764bcafed0e2ab001498c6fb65fed06f4b01c107adc7a2a4e133c6d898227db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Host
mcdonalds.promobr.site
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-User
?1
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-User
?1

Response headers

Server
nginx
Date
Mon, 09 Dec 2019 23:12:58 GMT
Content-Type
text/html;charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/7.2.18
Last-Modified
Mon, 09 Dec 2019 23:12:58 GMT
Cache-Control
no-cache, no-store, must-revalidate,post-check=0,pre-check=0
Pragma
no-cache
Expires
0
Set-Cookie
_subid=2fk7poqde4bv296fjunin;Expires=Thursday, 09-Jan-2020 23:12:58 GMT;Max-Age=2678400;Path=/ b3e3d=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjM3XCI6MTU3NTkzMzE3OH0sXCJjYW1wYWlnbnNcIjp7XCIyN1wiOjE1NzU5MzMxNzh9LFwidGltZVwiOjE1NzU5MzMxNzh9In0.69PLjAuVfiZdw8CWx1AKpaREXOoJwwCdVMVhGgiVicI;Expires=Thursday, 09-Jan-2020 23:12:58 GMT;Max-Age=2678400;Path=/
X-Content-Type-Options
nosniff
Content-Encoding
gzip
1.png
widgets.amung.us/small/00/
Redirect Chain
  • https://whos.amung.us/swidget/ofertala.png
  • https://widgets.amung.us/small/00/1.png
308 B
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.amung.us/small/00/1.png
Requested by
Host: mcdonalds.promobr.site
URL: https://mcdonalds.promobr.site/?rEWjz
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.225.208.133 , Germany, ASN13213 (UK2NET-AS, GB),
Reverse DNS
Software
/
Resource Hash
f05e8eb89115b462b9eed4c6f8fb2df9a885d2bc613bbad7ecabec03ef0cfc47

Request headers

Referer
https://mcdonalds.promobr.site/?rEWjz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 09 Dec 2019 23:16:18 GMT
last-modified
Sun, 13 Jun 2010 09:48:29 GMT
access-control-allow-origin
*
etag
"4c14a96d-134"
content-type
image/png
status
200
cache-control
max-age=86400, private
accept-ranges
bytes
content-length
308
expires
Tue, 10 Dec 2019 23:16:18 GMT

Redirect headers

status
307
date
Mon, 09 Dec 2019 23:16:18 GMT
cache-control
no-cache, no-store, must-revalidate
location
https://widgets.amung.us/small/00/1.png
content-type
text/html; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

2 Cookies

Domain/Path Name / Value
mcdonalds.promobr.site/ Name: b3e3d
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjM3XCI6MTU3NTkzMzE3OH0sXCJjYW1wYWlnbnNcIjp7XCIyN1wiOjE1NzU5MzMxNzh9LFwidGltZVwiOjE1NzU5MzMxNzh9In0.69PLjAuVfiZdw8CWx1AKpaREXOoJwwCdVMVhGgiVicI
mcdonalds.promobr.site/ Name: _subid
Value: 2fk7poqde4bv296fjunin

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

mcdonalds.promobr.site
whos.amung.us
widgets.amung.us
185.225.208.133
188.166.202.210
67.202.94.86
5764bcafed0e2ab001498c6fb65fed06f4b01c107adc7a2a4e133c6d898227db
f05e8eb89115b462b9eed4c6f8fb2df9a885d2bc613bbad7ecabec03ef0cfc47