covid19statsph.foxpush.net
Open in
urlscan Pro
192.124.249.118
Public Scan
Submission Tags: phishing malicious Search All
Submission: On May 01 via api from US
Summary
This is the only time covid19statsph.foxpush.net was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 192.124.249.118 192.124.249.118 | 30148 (SUCURI-SEC) (SUCURI-SEC) | |
2 | 2606:4700:303... 2606:4700:3037::681b:919b | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
3 | 2 |
ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10118.sucuri.net
covid19statsph.foxpush.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
3 |
foxpush.net
covid19statsph.foxpush.net cdn.foxpush.net |
27 KB |
3 | 1 |
Domain | Requested by | |
---|---|---|
2 | cdn.foxpush.net |
covid19statsph.foxpush.net
|
1 | covid19statsph.foxpush.net | |
3 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
foxpush.net CloudFlare Inc ECC CA-2 |
2019-12-04 - 2020-10-09 |
10 months | crt.sh |
This page contains 1 frames:
Primary Page:
http://covid19statsph.foxpush.net/
Frame ID: F745BBF9742576B747FAF788ADA140DB
Requests: 3 HTTP requests in this frame
Screenshot
Detected technologies
Handlebars (JavaScript Frameworks) ExpandDetected patterns
- html /<[^>]*type=[^>]text\/x-handlebars-template/i
- script /handlebars(?:\.runtime)?(?:-v([\d.]+?))?(?:\.min)?\.js/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
3 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
covid19statsph.foxpush.net/ |
9 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
handlebars.min.js
cdn.foxpush.net/publishers/assets/ |
69 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
foxpush.js
cdn.foxpush.net/publishers/assets/ |
20 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
27 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate object| Handlebars object| bowser object| foxpush_localstorage_config object| foxpush_config object| welcome_object object| Cookie function| foxpush_guid string| foxpush_uuid string| browser_id function| urlBase64ToUint8Array undefined| permission undefined| user_location undefined| worker_url undefined| foxtemplate undefined| template undefined| html function| removeElementsByClass function| remove_renderd_html function| getTimezoneName function| getSubscriptionId function| getParameterByName function| user_subscribe function| user_updatesubscribe function| update_opener boolean| foxpush_popup_allowed2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.foxpush.net/ | Name: foxpush_browserid Value: 8ad143b7-4853-ab1d-a45c-04e6a2110523 |
|
.foxpush.net/ | Name: __cfduid Value: d54c1cb04c6a0f5fe92a7b84787b1ac091588348734 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.foxpush.net
covid19statsph.foxpush.net
192.124.249.118
2606:4700:3037::681b:919b
17bed451a4636cdc610fe4a174c82d4be52a2c4af8149594211d05da4b89f650
b4d53c37653257c3811b65b0d9f37f39bd4e9f8069a24d83527599ca67953ea7
bb7a0b5dac3f912b95946c21bafff4df5c7655ce8c8c8e8f831e0e02efd6347d