www.rewardcardsusa.co
Open in
urlscan Pro
2.20.142.236
Malicious Activity!
Public Scan
URL:
http://www.rewardcardsusa.co/service/index.html?city=Cleveland&isp=KeyBank%20National%20Association&var1=probate.cuyahogacoun...
Submission: On June 08 via manual from US
Submission: On June 08 via manual from US
Summary
This website contacted 3 IPs
in 2 countries
across 2 domains to perform 22 HTTP transactions.
The main IP is 2.20.142.236, located in
European Union and
belongs to AKAMAI-ASN1, US.
The main domain is www.rewardcardsusa.co.
This is the only time www.rewardcardsusa.co was scanned on urlscan.io!
This is the only time www.rewardcardsusa.co was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Scam (Online)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 4 | 2.20.142.236 2.20.142.236 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
| 1 | 216.58.205.234 216.58.205.234 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 17 | 2.20.143.15 2.20.143.15 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
| 22 | 3 |
4
2.20.142.236
(European Union)
ASN20940 (AKAMAI-ASN1, US)
PTR: a2-20-142-236.deploy.static.akamaitechnologies.com
ASN20940 (AKAMAI-ASN1, US)
PTR: a2-20-142-236.deploy.static.akamaitechnologies.com
| www.rewardcardsusa.co |
1
216.58.205.234
(Mountain View, United States)
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s24-in-f234.1e100.net
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s24-in-f234.1e100.net
| ajax.googleapis.com |
17
2.20.143.15
(European Union)
ASN20940 (AKAMAI-ASN1, US)
PTR: a2-20-143-15.deploy.static.akamaitechnologies.com
ASN20940 (AKAMAI-ASN1, US)
PTR: a2-20-143-15.deploy.static.akamaitechnologies.com
| www.rewardcardsusa.co |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 21 |
rewardcardsusa.co
www.rewardcardsusa.co |
152 KB |
| 1 |
googleapis.com
ajax.googleapis.com |
33 KB |
| 22 | 2 |
| Domain | Requested by | |
|---|---|---|
| 21 | www.rewardcardsusa.co |
www.rewardcardsusa.co
|
| 1 | ajax.googleapis.com |
www.rewardcardsusa.co
|
| 22 | 2 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.offerswalk.com |
| Subject Issuer | Validity | Valid |
|---|
This page contains 1 frames:
Primary Page:
http://www.rewardcardsusa.co/service/index.html?city=Cleveland&isp=KeyBank%20National%20Association&var1=probate.cuyahogacounty.us&voluumdata=deprecated&eda=deprecated&cep=RmCECfF05HETJq0kOO26K5jmVemgBtfI3LZJ7mbnnxqsQJHrKPaXnp_LF4XpY1VHSWrzkZYXhpbTuRPT8v3pSFbu_jVz3DuWI-1BcJaoE6w4JQFwrvrNNZ1xPBWUs9Cl3PEZ6dSngPLIrLrUFyY8oQaNnzPWrne4V06MF0Dqetj5-g6nEVgTyb0bpL5mnqWREbAWvzExZG_9_pIW4GzJqkbzGFO7j7V8zUKFLylTAFynVL7JsSENT0ZO3sP8BX9Iwsr-SuNiO6qUTC2bLBJoT0e7CgwGlzZHVRW_7icnLk3fGuBWr8HCGf_QTr74m-rf&keyword=probate.cuyahogacounty.us&bid=0.0059&targetlink=
Frame ID: 344D7AFBFC4C718A3099AD8FDCC7AF9B
Requests: 22 HTTP requests in this frame
2 Outgoing links
These are links going to different origins than the main page.
URL: http://www.offerswalk.com/click/1
Title:
Title:
Search URL Search Domain Scan URL
URL: http://www.offerswalk.com/click/2
Title:
Title:
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
22 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
index.html
www.rewardcardsusa.co/service/ |
20 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.0/ |
94 KB 33 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
index.css
www.rewardcardsusa.co/service/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
logo.png
www.rewardcardsusa.co/service/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
loading.gif
www.rewardcardsusa.co/service/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
fb-check.jpg
www.rewardcardsusa.co/service/ |
681 B 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
walmart1000.png
www.rewardcardsusa.co/service/ |
19 KB 20 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
5star.png
www.rewardcardsusa.co/service/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
amazonsum1000.png
www.rewardcardsusa.co/service/ |
14 KB 15 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
45star.png
www.rewardcardsusa.co/service/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
iphonex.jpg
www.rewardcardsusa.co/service/ |
10 KB 11 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
8.jpg
www.rewardcardsusa.co/service/ |
7 KB 7 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
wal1.jpg
www.rewardcardsusa.co/service/ |
7 KB 7 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
9.jpg
www.rewardcardsusa.co/service/ |
7 KB 7 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
10.jpg
www.rewardcardsusa.co/service/ |
7 KB 7 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
12.jpg
www.rewardcardsusa.co/service/ |
6 KB 7 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ama1.jpg
www.rewardcardsusa.co/service/ |
5 KB 6 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
11.jpg
www.rewardcardsusa.co/service/ |
5 KB 6 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
smiley.png
www.rewardcardsusa.co/service/ |
26 KB 27 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
7.jpg
www.rewardcardsusa.co/service/ |
7 KB 7 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
13.jpg
www.rewardcardsusa.co/service/ |
6 KB 6 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
aud6.mp3
www.rewardcardsusa.co/service/ |
3 KB 3 KB |
Media
audio/mp3 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Scam (Online)18 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery function| getURLParameter function| date object| CountDown object| dayNames object| monthNames object| now function| countdown number| slidewhere number| holvanszlider function| drawszlider object| mydate function| exit_a1 function| exit_b1 function| exit_b2 number| nmins number| nsecs0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
www.rewardcardsusa.co
2.20.142.236
2.20.143.15
216.58.205.234
0de31f1ef17b1c526ceb2b8544584dc64a298092a055021784db31b79994260a
0dfb93b79f85acce12fdf0fb6a88db1715cbe6bfdaef3ecfc12956fbca48f0ac
11a89c1be8a5bb3c81d106979d76def0c1ee069e1bd82ce6805479ee7d484b8a
1ca3464b102ff158d88d2f7afeb95a12f1ca3d4391dcc54b255904a8a27bdd99
2226a47b7b6d41ff833406134fd926db8812a3a5554681722a615463d44af9de
3073a87b681e26c082aeebf338d04990847ea18f1ddfe35e0ccd569949c621f9
3746ff918957daaed89cbf9e7877feeba5a58e0c9c0f26d128c3af73a6c12787
42c53df84cc44dc869c989c76b9c6704a072111ee82b037418b83194b70833fd
435cc3ce131f0163b1ae4fed8ffa0537997f13ef9b98a496f0eb484c76a548f9
61a5b75bd3a5d8370fd543e656a9223bf98035cb0e9931849b2a78c94b7134db
6ff5751c24714bcbfbaf19c93755de00f0f46ec2f48c6a9e4c6674787631423b
72599d2d9cd4ff1d3e0464bb18adaeecfd65695067fe2f19e5f24076176a2da5
7a4ebadd047b548857ae1a7457fc7948c5c253f844c6b8d23d7f07ce817468e7
854afdd6b8a44eaeb7c65ac4a3333f72d7b487154a76b39ea1088c70a0f8ac0a
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b72d44fdce9d8293c82a5bc1f75a1f5801bec7bfc7a3a44750a39b58f973e477
b890c68fd5d4781962edd0cc6d8bf28bc21a261a6b251edd63c6cb16597b68e7
c38b02174f957812f5ef4e231f81f8ae5b12687f78d379066f5e877b01e2cd08
cff8e69f20a7951cfe62a95b5b3bdd6893cf218d3c9b3a5c910cffaca3ba509b
d3171ddb9c6f7f130753d08d08d18e89fdbda3433ae38da6261e6d1f14094528
d44b5fe2a942827e8f72ed857a5f31da3ae30bc11fa13e60c920058b9b566573
e9165a55583fae6b6328930bf33f307690b3d505b8d80608ba362fc09496847f