quartersnet.world
Open in
urlscan Pro
2606:4700:3037::6815:a69
Public Scan
Effective URL: https://quartersnet.world/?s1=350708&s2=1164392509&s3=6681&s4=GIZA&ow=&s10=3595
Submission Tags: @phish_report
Submission: On April 04 via api from FI — Scanned from FI
Summary
TLS certificate: Issued by GTS CA 1P5 on April 1st 2024. Valid for: 3 months.
This is the only time quartersnet.world was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 59.120.118.168 59.120.118.168 | 3462 (HINET Dat...) (HINET Data Communication Business Group) | |
1 | 31.24.251.133 31.24.251.133 | 57271 (BITWEB-AS) (BITWEB-AS) | |
1 | 2606:4700:303... 2606:4700:3037::6815:a69 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 172.67.131.90 172.67.131.90 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
4 | 3 |
ASN3462 (HINET Data Communication Business Group, TW)
PTR: 59-120-118-168.hinet-ip.hinet.net
ppt.cc |
Apex Domain Subdomains |
Transfer | |
---|---|---|
3 |
quartersnet.world
quartersnet.world |
4 KB |
1 |
risingdress.com
risingdress.com |
439 B |
1 |
ppt.cc
1 redirects
ppt.cc — Cisco Umbrella Rank: 942997 |
308 B |
4 | 3 |
Domain | Requested by | |
---|---|---|
3 | quartersnet.world |
risingdress.com
quartersnet.world |
1 | risingdress.com | |
1 | ppt.cc | 1 redirects |
4 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
risingdress.com R3 |
2024-03-19 - 2024-06-17 |
3 months | crt.sh |
quartersnet.world GTS CA 1P5 |
2024-04-01 - 2024-06-30 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://quartersnet.world/?s1=350708&s2=1164392509&s3=6681&s4=GIZA&ow=&s10=3595
Frame ID: 725077C6D5F9B5C2B96388C93C9C5B26
Requests: 4 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://ppt.cc/fREFFx
HTTP 302
https://risingdress.com/0/0/0/43f4bf017820869abc9235d446f11cbf/dhm/netflix Page URL
- https://quartersnet.world/?s1=350708&s2=1164392509&s3=6681&s4=GIZA&ow=&s10=3595 Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://ppt.cc/fREFFx
HTTP 302
https://risingdress.com/0/0/0/43f4bf017820869abc9235d446f11cbf/dhm/netflix Page URL
- https://quartersnet.world/?s1=350708&s2=1164392509&s3=6681&s4=GIZA&ow=&s10=3595 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://ppt.cc/fREFFx HTTP 302
- https://risingdress.com/0/0/0/43f4bf017820869abc9235d446f11cbf/dhm/netflix
4 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
netflix
risingdress.com/0/0/0/43f4bf017820869abc9235d446f11cbf/dhm/ Redirect Chain
|
142 B 439 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
quartersnet.world/ |
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
175a323961ff48acfdbe81a0949c7faf
quartersnet.world/ |
16 B 538 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.ico
quartersnet.world/ |
15 KB 2 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
2 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| _0x4eba function| _0x3ccf3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
ppt.cc/ | Name: PHPSESSID Value: h5rdb7c022uev6v668kp087gu4 |
|
risingdress.com/ | Name: uid6681 Value: 1164392509-20240404071813-30dd1794afd0e3d7cb87b0d3f67cd963-3653 |
|
quartersnet.world/ | Name: PHPSESSID Value: 340e09b8744d8859e14f2d4cb98f8c76 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ppt.cc
quartersnet.world
risingdress.com
172.67.131.90
2606:4700:3037::6815:a69
31.24.251.133
59.120.118.168
703063f5cfebf76bd6190dd87052d6664d3a0fcf474d837d89f6b7fae7a8f3b5
89e4dfaaca84f09a76429cea8f0ff6b476b93d4988247399e381a7bfa114f20b
e654ab96e769fb79ed89c0dea034af09ee67401d432872e3060e615bd22724f7