cosco-survey.com Open in urlscan Pro
2a06:98c1:3121::7 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://email.robly.com/ls/click?upn=LiqnAEfKmcyre9ryB6mhfMRqq7J-2BLJPwUdosLZygcWFT3Yv7VOxVeCnlcSAjn4n8qckj79BcfVrFRMzFU...
Effective URL:
https://cosco-survey.com/tgt1/02-4/?cep=QU7rfguoog-arS2I789ij-70JCUmRgrbK3pOq1ZB7WG9gdPrmfq8f_riEU1md0DmSIkBSpge_pKcsdnQA...
Submission: On April 27 via manual (April 27th 2022, 5:34:03 pm UTC) from IN — Scanned from DE

Summary HTTP 39 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 8 IPs in 2 countries across 9 domains to perform 39 HTTP transactions. The main IP is 2a06:98c1:3121::7, located in United States and belongs to CLOUDFLARENET, US. The main domain is cosco-survey.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 22nd 2022. Valid for: a year.

This is the only time cosco-survey.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Customer Survey Spam (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.123.54 167.89.123.54	11377 (SENDGRID) (SENDGRID)
1 1	18.195.174.160 18.195.174.160	16509 (AMAZON-02) (AMAZON-02)
23	2a06:98c1:312... 2a06:98c1:3121::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
3	13.224.195.67 13.224.195.67	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:303... 2606:4700:3033::ac43:9cd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:226... 2600:9000:2261:d000:b:4623:cac0:21	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
4	18.235.25.51 18.235.25.51	14618 (AMAZON-AES) (AMAZON-AES)
39	8

1 167.89.123.54 (Chicago, United States) 1 redirects

ASN11377 (SENDGRID, US)
PTR: o16789123x54.outbound-mail.sendgrid.net

email.robly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.174.160 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-174-160.eu-central-1.compute.amazonaws.com

www.fight2021.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a06:98c1:3121::7 (United States)

ASN13335 (CLOUDFLARENET, US)

cosco-survey.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.195.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-195-67.fra2.r.cloudfront.net

api.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::ac43:9cd1 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.ra342.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2261:d000:b:4623:cac0:21 (United States)

ASN16509 (AMAZON-02, US)

d3e1y4kxkqljcb.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.235.25.51 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-235-25-51.compute-1.amazonaws.com

trc.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	cosco-survey.com cosco-survey.com	593 KB
7	pushnami.com api.pushnami.com — Cisco Umbrella Rank: 4439 trc.pushnami.com — Cisco Umbrella Rank: 4612	22 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 39	2 KB
2	cloudfront.net d3e1y4kxkqljcb.cloudfront.net	14 KB
1	gstatic.com fonts.gstatic.com	13 KB
1	ra342.com cdn.ra342.com
1	fight2021.com 1 redirects www.fight2021.com	3 KB
1	robly.com 1 redirects email.robly.com — Cisco Umbrella Rank: 146514	293 B
0	sigrce.one Failed js.sigrce.one Failed
39	9

	Domain	Requested by
23	cosco-survey.com	cosco-survey.com
4	trc.pushnami.com	api.pushnami.com
3	api.pushnami.com	cosco-survey.com api.pushnami.com
3	fonts.googleapis.com	cosco-survey.com
2	d3e1y4kxkqljcb.cloudfront.net	cosco-survey.com
1	fonts.gstatic.com	fonts.googleapis.com
1	cdn.ra342.com	cosco-survey.com
1	www.fight2021.com	1 redirects
1	email.robly.com	1 redirects
0	js.sigrce.one Failed	cosco-survey.com
39	10

This site contains links to these domains. Also see Links.

Domain
folkfurrow.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-04-22` - `2023-04-21`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.pushnami.com Amazon	`2022-04-03` - `2023-05-02`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://cosco-survey.com/tgt1/02-4/?cep=QU7rfguoog-arS2I789ij-70JCUmRgrbK3pOq1ZB7WG9gdPrmfq8f_riEU1md0DmSIkBSpge_pKcsdnQA6SNu_gu-sRz73oPTeEe_g0rEjmlhBqCqfHNqWnfasER-ivJXAER14lLpsHbXeI-ua6jUsqiil53l8icM99dxISdPzuvfeNmnRGrb9ccMtrfbvs5PuvVJp1n05TvGLGD6ruACFGe4oLOCm864n1UT1WmV1GzVS6xHnlReEZ70Wjo4RE1yxWs-NLyFUYMOgODY8Xeb-T8ZkKELhZmLo9j4d01VxD2mzhZeoTBZ9fvyuxMmSrd-EcHWu000H59irtBKd3T9Vds3ZdyXUAPmF--DtIFIg4Te34xjwHBHYQAIaweQgqzW3exfop6OxGJK0lq6QGaw8z66lbeXN8d8cIjDIdvKTzrlHA-sQbpfhb59nUE13Y8naarBOyLCitgZ2TL9V1yg4jTcRGIAEHRk4S0pVr-Ox-VRhThOq1HxZgLnO1HlBvGEUlwxdLeyILGr3YSCBTWCh4CWOZfG5cM9dm7mrxKZOCW5NAAyb3jCFEenJDccQyniOQaDiG6K-OpWkzDcUhn3_BQXJ2oWEWaoyvi9XTkDGsYkJyDRJT9MUo9esszuycLKeCLH7CTZx_6t0ExJc3anGwSTqGSRyCNLt-Qy6zvdrxWy8FtNrD3tbqPSKtvJzEHF_r0fber2urF-gKUofTprV2liZX6jnSE3dhsQCW_4d3nb47_g26-EyFMp3OkYLHR9z7AS08swLB7kqStUSdeYmWsTny41AqxVwHshNVIcA-XQgf9Ol26ahrxUBT5RwrEfL-5JaL894rYmr-ff3LdukSis9kbHnvF4P3mVQ_X5dt5fr8KIey7LNi3ZewrMrIv_3ga-H-yLSYV4TJhMsDdsDfCkwZleZUa4qqvqPEKsdf0Z6tY4fhvT-ZR-6hL41qGKf0gfBZbxHLf4ox-7YM0EbnMPXf9Or3FAQ2EbUsfid1fenex4h1HKWZx5UEPj24W28M31jF1NjuRLBKCNuTcm4j5DpTqpuuxQIQYoUDgoUlpGg8LNK6YH_FILjcGwCdFu1nbPvTbvVHkyQLe8nWjbuO_7d2dFMxDraBEZnfcz3vEmKrly6feCNt34QrM84CZzIVGSpH8pEVXdnYXBpmMvXqrPpsHDArtmoCz3byEHfMU2hfs7V4lkOxEGOncw3qUgQRXB36KMAjQzB6mRnehXGf5njxd4bs5LMW9tPpQ9uXnbOrizrZwj4F6FAIq-OyFqaWpneUSxm_l933iMup0ngWH4OMpaisOnGiDSBVwxUYTByKSDdxW8tcyD4WsPo31EVX4W7GqFvrujNiMjVHVw5XbQJB4ZzrWxGrHKWoAKCXUlPgiNStC2W23w0b80tWckf_IFu_6GKz7CayuGclm7LGOOdxA07xXR2pgaNKoGQbSD2MbllsJN0BTW2632-hrjF_q5bDmdRo3FQmZ8Ega4Zoi2qLpvTYF4JsDTFuytJYiA9ewEdSJ-Am3OZXOyGL0wKtfFmzkTCOBlZ0qrmYbmw&lptoken=167d5141087426ce385f&sub1=xxx1&sub2=xxx2&AD=AD1
Frame ID: BBC279DB37CE40B830FE5F7E872837E0
Requests: 33 HTTP requests in this frame

Frame: https://cosco-survey.com/tgt1/02-4/RewardPending_files/hub.html
Frame ID: D9FC62E44DB71780C5571AB978128F65
Requests: 2 HTTP requests in this frame

Frame: https://api.pushnami.com/scripts/v1/hub
Frame ID: F2EE542AA3790942B38715A9C16B8B92
Requests: 1 HTTP requests in this frame

Frame: https://api.pushnami.com/scripts/v1/hub
Frame ID: 4648C14D303DC9B37976643C5E35E313
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

🎁 [1] Reward Pending!

Page URL History Show full URLs

http://email.robly.com/ls/click?upn=LiqnAEfKmcyre9ryB6mhfMRqq7J-2BLJPwUdosLZygcWFT3Yv7VOxVeCnlcSAjn... HTTP 302
https://www.fight2021.com/02324059-ca91-4f1b-9b7e-8ef573d13db1?sub1=xxx1&sub2=xxx2&AD=AD1 HTTP 302
https://cosco-survey.com/tgt1/02-4/?cep=QU7rfguoog-arS2I789ij-70JCUmRgrbK3pOq1ZB7WG9gdPrmfq8f_riEU1md... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Pushnami (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

api\.pushnami\.com

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

39
Requests

95 %
HTTPS

56 %
IPv6

9
Domains

10
Subdomains

8
IPs

2
Countries

644 kB
Transfer

963 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://folkfurrow.com/p_v3/terms2.php
Title: Terms

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://email.robly.com/ls/click?upn=LiqnAEfKmcyre9ryB6mhfMRqq7J-2BLJPwUdosLZygcWFT3Yv7VOxVeCnlcSAjn4n8qckj79BcfVrFRMzFUwJViqb73t5l3WE1xfJBfIj8Flx-2Fijb-2FIJ550xoHf7xQ7g-2Bxq6Fm-2FJ16zXLdau8XhhjDyQ-3D-3DRNb6_pr2GQbFGkR-2FLGRz43xibWflXXI-2B9wwtJP5qjdIWH780xcmpr-2FiVp9BgUBq-2BdAIrPXgj8fL2MceKQh3CCuCfHAOX28pyV1oUPUCXy84-2FTWh4Xmw1-2FrgXhmdton1LYcWTlrL5-2F-2BOmUQw8TDpQfNEUToFz0z9TCGQ-2BN-2BjomJQS9lXYG1t2nPCwjNocqQZLGW-2B7QWYRd8NOKYyytkk2Sd8W2UY6AZM8PbMrUeqBDCqWBC556DdlzAA-2FB3c3OxG9kl67IqoTYkVmSBkZtRLbQBE-2FX1aytwF1U69r7L-2BfVTXZj8mtz-2FD9HwXPAOU05EtLsphm39KFLl8gcFTCdAkYZQaHB-2B2-2BQuxwY5UCBFoOlftn1boyaXpeFlOBkTHCIONT5OdoGKEqGqeKFUZkHTH46sAuVbWMQ1rdhZ57ORbT5oIbuGiGOS6HsZqik2MADVENt10-2BApA2eKwebKfxfmcNe2hEA-2FkYlpRv8l6-2Fppnqe8VzuIKA-3D HTTP 302
https://www.fight2021.com/02324059-ca91-4f1b-9b7e-8ef573d13db1?sub1=xxx1&sub2=xxx2&AD=AD1 HTTP 302
https://cosco-survey.com/tgt1/02-4/?cep=QU7rfguoog-arS2I789ij-70JCUmRgrbK3pOq1ZB7WG9gdPrmfq8f_riEU1md0DmSIkBSpge_pKcsdnQA6SNu_gu-sRz73oPTeEe_g0rEjmlhBqCqfHNqWnfasER-ivJXAER14lLpsHbXeI-ua6jUsqiil53l8icM99dxISdPzuvfeNmnRGrb9ccMtrfbvs5PuvVJp1n05TvGLGD6ruACFGe4oLOCm864n1UT1WmV1GzVS6xHnlReEZ70Wjo4RE1yxWs-NLyFUYMOgODY8Xeb-T8ZkKELhZmLo9j4d01VxD2mzhZeoTBZ9fvyuxMmSrd-EcHWu000H59irtBKd3T9Vds3ZdyXUAPmF--DtIFIg4Te34xjwHBHYQAIaweQgqzW3exfop6OxGJK0lq6QGaw8z66lbeXN8d8cIjDIdvKTzrlHA-sQbpfhb59nUE13Y8naarBOyLCitgZ2TL9V1yg4jTcRGIAEHRk4S0pVr-Ox-VRhThOq1HxZgLnO1HlBvGEUlwxdLeyILGr3YSCBTWCh4CWOZfG5cM9dm7mrxKZOCW5NAAyb3jCFEenJDccQyniOQaDiG6K-OpWkzDcUhn3_BQXJ2oWEWaoyvi9XTkDGsYkJyDRJT9MUo9esszuycLKeCLH7CTZx_6t0ExJc3anGwSTqGSRyCNLt-Qy6zvdrxWy8FtNrD3tbqPSKtvJzEHF_r0fber2urF-gKUofTprV2liZX6jnSE3dhsQCW_4d3nb47_g26-EyFMp3OkYLHR9z7AS08swLB7kqStUSdeYmWsTny41AqxVwHshNVIcA-XQgf9Ol26ahrxUBT5RwrEfL-5JaL894rYmr-ff3LdukSis9kbHnvF4P3mVQ_X5dt5fr8KIey7LNi3ZewrMrIv_3ga-H-yLSYV4TJhMsDdsDfCkwZleZUa4qqvqPEKsdf0Z6tY4fhvT-ZR-6hL41qGKf0gfBZbxHLf4ox-7YM0EbnMPXf9Or3FAQ2EbUsfid1fenex4h1HKWZx5UEPj24W28M31jF1NjuRLBKCNuTcm4j5DpTqpuuxQIQYoUDgoUlpGg8LNK6YH_FILjcGwCdFu1nbPvTbvVHkyQLe8nWjbuO_7d2dFMxDraBEZnfcz3vEmKrly6feCNt34QrM84CZzIVGSpH8pEVXdnYXBpmMvXqrPpsHDArtmoCz3byEHfMU2hfs7V4lkOxEGOncw3qUgQRXB36KMAjQzB6mRnehXGf5njxd4bs5LMW9tPpQ9uXnbOrizrZwj4F6FAIq-OyFqaWpneUSxm_l933iMup0ngWH4OMpaisOnGiDSBVwxUYTByKSDdxW8tcyD4WsPo31EVX4W7GqFvrujNiMjVHVw5XbQJB4ZzrWxGrHKWoAKCXUlPgiNStC2W23w0b80tWckf_IFu_6GKz7CayuGclm7LGOOdxA07xXR2pgaNKoGQbSD2MbllsJN0BTW2632-hrjF_q5bDmdRo3FQmZ8Ega4Zoi2qLpvTYF4JsDTFuytJYiA9ewEdSJ-Am3OZXOyGL0wKtfFmzkTCOBlZ0qrmYbmw&lptoken=167d5141087426ce385f&sub1=xxx1&sub2=xxx2&AD=AD1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

39 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
cosco-survey.com/tgt1/02-4/
Redirect Chain

http://email.robly.com/ls/click?upn=LiqnAEfKmcyre9ryB6mhfMRqq7J-2BLJPwUdosLZygcWFT3Yv7VOxVeCnlcSAjn4n8qckj79BcfVrFRMzFUwJViqb73t5l3WE1xfJBfIj8Flx-2Fijb-2FIJ550xoHf7xQ7g-2Bxq6Fm-2FJ16zXLdau8XhhjDyQ-...
https://www.fight2021.com/02324059-ca91-4f1b-9b7e-8ef573d13db1?sub1=xxx1&sub2=xxx2&AD=AD1
https://cosco-survey.com/tgt1/02-4/?cep=QU7rfguoog-arS2I789ij-70JCUmRgrbK3pOq1ZB7WG9gdPrmfq8f_riEU1md0DmSIkBSpge_pKcsdnQA6SNu_gu-sRz73oPTeEe_g0rEjmlhBqCqfHNqWnfasER-ivJXAER14lLpsHbXeI-ua6jUsqiil53l...

79 KB
17 KB

520ms
328ms

Document
text/html

2a06:98c1:3121::7
CLOUDFLARENET

General

			Domain/Path	Expires	Name / Value
			.www.fight2021.com/	1970-01-20 02:39:27	Name: 02324059-ca91-4f1b-9b7e-8ef573d13db1-v4 Value: i5G_e8PK0rW33EbY7dnA0Wb_9teYxlTuzUu3lnAn6n8
			.www.fight2021.com/	1970-01-20 02:39:27	Name: cep-v4 Value: QYUhga3IbmNnCg_7yssQCIvpHuk1_ZyPBNrExPlioMX3HdsXoyqhexSGJP6hgqcEKW9yQ0OIPFyWQCOgeXeLHnOi89eO0hw-HWuHxiOSYYleyl74NXFDuZOry2Wbxm64gwWrdsKmLZp4qlumPSML18Bl5A7v_9Umq2h3SyPU3a7UnevbU3YhXEGgSC56b1h8oOcKtHRNkN1eEH8zQXzPkwNFZXr_YaVC2t18AGEOAzTK0L5UjOUdGnWAhFUPoeXI_HMEa1MkviTxMrkwWuQHfqJMhNeQxrAZBA6VXtsvTxucIMrU5w2V6jU-dTR3KtI-hJL-YEobjW_dMkrwCwbpgbVBNL8XaY2yFAU5lXjGBCUz2wkkumECWcl2NYJjl3vMIRUblQCRYsQCq0SyYF_Nhaz-eh-Djlk5rccnfjH4ngdPgMjVtIEC7vAhnvNLqJOcehUadehCsbDaPuq27t7h6uRfJRlzmaTMGorQCRISbsDoc9suCsuLIY_KZ1j20aJPn2QI4hWGOsoAT81pk70UFWM7S3vB8hxL8xhssqrfjsWXWJBYXIbLbiHAx2w_4CVlgS-biYHUseDGfXZIm9-4smJxm67_CUr182U14MgUfEoees4_AIkagPHSP7lhKieIoUmnYRkVdzBJGEr7-g1pgI8Y4muG0FgdhqDO2PJbhdhQfKlunU-37NIKD6KFQYFiCwA_b71z1vBjkzhRXXKdlnicXB3YgLKg3p_Foe4dRoYWWH1SYXRGcBm0eKs5PWLt_ZcL1qncBHw9NLYBd7ElW-C4goX5CFOSBv2KxCBVFDNXkgER2ax9qQDRByPRg582PTDWSGZlm-idOFe2fWZ4Z6yCwcdCIwbhonbb7UBi3C3_PHXeiZZU4oesnnuIChEUcHs7rIM2AwKP4we8av9jEOrcHdDBqGyYALiUg6ukEGMmkYSFALhA9T1gZrFyU2Ye83pcIQh_LZis6zz7LP9RioLWES3GR5PPF_yEWPb_Yt4AcIBpVeYo6WkixihiNR8U2VkM0LK4bkmUD_NGfhvOLdndIUwoG5lKMU1cHf3gWdiC6LuAdUf2LoMlpNR9YXEKq7Z_qFjlcm4I1j9-IcIWLdsBDayQz4sNXyF1qNEOLYJyBPiPek5W16YfMmHd3nsmvqqEfntDY0NYqWX-d62ql1tpFYb1sFzmPblLoW87lCwzAFQU8bxZADjF3e4HMEk3UOrC0pFh0b2E4bkqAlVnw6hth-MEKVm3QwS_pOopmSOFwelGTwdFJrhwntcRpj7KlkYMHmFVdEs7V6zfUy59MWyW9zFPeqff4up1PW4bYUp5pMn6TBTE_EuahYY389tPq-3KebVjtrZ5-yuV7Uf1y_YN13TcoqEj4kx66EVcrf2g5ltWrr6oujZVJ0tDetm4Rv6AKWAJLNvTuKAsAgLneaT3a1QB3W_hmnUPy3U8YyJPswvi078R9HsVn577301NG5Y6cSG_Cq7N3upFUISF_4G9m7onECrHGyy6n7a5TNjMjdhaXyb1Wleoob8KzLh7RXnw2iQa9A-AhwiWgJuauQ

Source	Level	URL Text
network	error	URL: https://js.sigrce.one/M7NY Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://cdn.ra342.com/img/bg/122.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://js.sigrce.one/M7NY Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security	error	URL: https://api.pushnami.com/scripts/v1/pushnami-adv/61796d155d12fc0011fa47ac(Line 1539) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://api.pushnami.com') does not match the recipient window's origin ('https://cosco-survey.com').
security	error	URL: https://api.pushnami.com/scripts/v1/pushnami-adv/61796d155d12fc0011fa47ac(Line 1539) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://api.pushnami.com') does not match the recipient window's origin ('https://cosco-survey.com').
network	error	Message: A bad HTTP response code (404) was received when fetching the script.

cosco-survey.com Open in urlscan Pro 2a06:98c1:3121::7 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

39 Requests

95 %HTTPS

56 %IPv6

9 Domains

10 Subdomains

8 IPs

2 Countries

644 kBTransfer

963 kBSize

2 Cookies

1 Outgoing links

Page URL History

Redirected requests

39 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

cosco-survey.com Open in urlscan Pro
2a06:98c1:3121::7 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

39
Requests

95 %
HTTPS

56 %
IPv6

9
Domains

10
Subdomains

8
IPs

2
Countries

644 kB
Transfer

963 kB
Size

2
Cookies

39 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!