Submitted URL: http://events-handling-svc.cordial.io/c2/190:657a01be1b8ada474902da1d:ot:6579f31828085be667b0b431:1/2da835ab?jwtH=eyJ0eXAiOiJKV1QiLCJh...
Effective URL: https://quipfield.com/0/0/0/c79eea241b0464ee2222fac872d2d630/14/165-1997/0-0-0
Submission: On December 13 via manual from US — Scanned from DE

Summary

This website contacted 3 IPs in 2 countries across 4 domains to perform 4 HTTP transactions. The main IP is 172.99.172.17, located in United States and belongs to BAXET-GROUP, US. The main domain is quipfield.com.
TLS certificate: Issued by R3 on November 30th 2023. Valid for: 3 months.
This is the only time quipfield.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
2 185.246.85.67 21409 (IKOULA)
1 172.99.172.17 398343 (BAXET-GROUP)
4 3
Apex Domain
Subdomains
Transfer
2 000hitv.lol
lola.000hitv.lol
1 KB
1 quipfield.com
quipfield.com
433 B
1 cordial.io
events-handling-svc.cordial.io — Cisco Umbrella Rank: 386121
2 KB
0 epoxytrim.com Failed
epoxytrim.com Failed
4 4
Domain Requested by
2 lola.000hitv.lol lola.000hitv.lol
1 quipfield.com lola.000hitv.lol
1 events-handling-svc.cordial.io 1 redirects
0 epoxytrim.com Failed quipfield.com
4 4

This site contains no links.

Subject Issuer Validity Valid
quipfield.com
R3
2023-11-30 -
2024-02-28
3 months crt.sh

This page contains 1 frames:

Frame: https://epoxytrim.com/6023f809f6f598921d25c3ada1085a4d
Frame ID: 2CA5836B522C22416269766408C7A82C
Requests: 4 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://events-handling-svc.cordial.io/c2/190:657a01be1b8ada474902da1d:ot:6579f31828085be667b0b431:1/2da835ab?jwtH=... HTTP 302
    http://lola.000hitv.lol/4TgWjB1997PyVRR165yvMP0gCf0tazU0PsxK14?utm_medium=email&utm_source=cordial&u... Page URL
  2. http://lola.000hitv.lol/t/4TgWjB1997PyVRR165yvMP0gCf0tazU0PsxK14?utm_medium=email&utm_source=cordial... Page URL
  3. https://quipfield.com/0/0/0/c79eea241b0464ee2222fac872d2d630/14/165-1997/0-0-0 Page URL

Page Statistics

4
Requests

25 %
HTTPS

33 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

2 kB
Transfer

1 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://events-handling-svc.cordial.io/c2/190:657a01be1b8ada474902da1d:ot:6579f31828085be667b0b431:1/2da835ab?jwtH=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9&jwtP=eyJpYXQiOjE3MDI0OTUzOTYsImNkIjoiLmNvcmRpYWwuaW8iLCJjZSI6MjU5MjAwMCwidGsiOiJib3NhbmRib3giLCJtdGxJRCI6IjY1N2EwMmQ1Mjk1MGFlZWFiYjA3MmI0NiIsImxpbmtVcmwiOiJodHRwOlwvXC9sb2xhLjAwMGhpdHYubG9sXC80VGdXakIxOTk3UHlWUlIxNjV5dk1QMGdDZjB0YXpVMFBzeEsxND91dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9Y29yZGlhbCZ1dG1fY2FtcGFpZ249In0&jwtS=yiJFF6mxyWVikEjA0Wdisrj1j7aK-SRjyxj9_I7_FCE HTTP 302
    http://lola.000hitv.lol/4TgWjB1997PyVRR165yvMP0gCf0tazU0PsxK14?utm_medium=email&utm_source=cordial&utm_campaign= Page URL
  2. http://lola.000hitv.lol/t/4TgWjB1997PyVRR165yvMP0gCf0tazU0PsxK14?utm_medium=email&utm_source=cordial&utm_campaign= Page URL
  3. https://quipfield.com/0/0/0/c79eea241b0464ee2222fac872d2d630/14/165-1997/0-0-0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://events-handling-svc.cordial.io/c2/190:657a01be1b8ada474902da1d:ot:6579f31828085be667b0b431:1/2da835ab?jwtH=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9&jwtP=eyJpYXQiOjE3MDI0OTUzOTYsImNkIjoiLmNvcmRpYWwuaW8iLCJjZSI6MjU5MjAwMCwidGsiOiJib3NhbmRib3giLCJtdGxJRCI6IjY1N2EwMmQ1Mjk1MGFlZWFiYjA3MmI0NiIsImxpbmtVcmwiOiJodHRwOlwvXC9sb2xhLjAwMGhpdHYubG9sXC80VGdXakIxOTk3UHlWUlIxNjV5dk1QMGdDZjB0YXpVMFBzeEsxND91dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9Y29yZGlhbCZ1dG1fY2FtcGFpZ249In0&jwtS=yiJFF6mxyWVikEjA0Wdisrj1j7aK-SRjyxj9_I7_FCE HTTP 302
  • http://lola.000hitv.lol/4TgWjB1997PyVRR165yvMP0gCf0tazU0PsxK14?utm_medium=email&utm_source=cordial&utm_campaign=
Request Chain 2
  • https://quitchsnow.ink/?s1=350109&s2=1105395546&s3=1782&s4=3038&ow=&s10=3079 HTTP 302
  • https://epoxytrim.com/6023f809f6f598921d25c3ada1085a4d

4 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
4TgWjB1997PyVRR165yvMP0gCf0tazU0PsxK14
lola.000hitv.lol/
Redirect Chain
  • http://events-handling-svc.cordial.io/c2/190:657a01be1b8ada474902da1d:ot:6579f31828085be667b0b431:1/2da835ab?jwtH=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9&jwtP=eyJpYXQiOjE3MDI0OTUzOTYsImNkIjoiLmNvcmRpY...
  • http://lola.000hitv.lol/4TgWjB1997PyVRR165yvMP0gCf0tazU0PsxK14?utm_medium=email&utm_source=cordial&utm_campaign=
458 B
710 B
Document
General
Full URL
http://lola.000hitv.lol/4TgWjB1997PyVRR165yvMP0gCf0tazU0PsxK14?utm_medium=email&utm_source=cordial&utm_campaign=
Protocol
HTTP/1.1
Server
185.246.85.67 , France, ASN21409 (IKOULA, FR),
Reverse DNS
frhb83719ds.ikexpress.com
Software
/
Resource Hash
0f3a07f36d6bddee418f7d7548bc165b09817e10764a359d2773388cdec9ff8a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
458
Content-Type
text/html; charset=utf-8
Date
Wed, 13 Dec 2023 19:48:23 GMT
X-Address
gin_throttle_mw_360000000000_45.141.152.74
X-Ratelimit-Limit
10
X-Ratelimit-Remaining
9
X-Ratelimit-Reset
1702500503

Redirect headers

CF-Cache-Status
DYNAMIC
CF-RAY
8350b96eee8130c0-FRA
Cache-Control
no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Wed, 13 Dec 2023 19:48:23 GMT
Location
http://lola.000hitv.lol/4TgWjB1997PyVRR165yvMP0gCf0tazU0PsxK14?utm_medium=email&utm_source=cordial&utm_campaign=
Server
cloudflare
Strict-Transport-Security
max-age=15768000; includeSubDomains; preload;
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-Download-Options
noopen
X-Permitted-Cross-Domain-Policies
none
X-Request-ID
b3447d979a9db8b91f4368ecddce42f6
X-Robots-Tag
none
X-XSS-Protection
1; mode=block
x-mcid
eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpYXQiOjAsIm0iOiIxOTA6NjU3YTAxYmUxYjhhZGE0NzQ5MDJkYTFkOm90OjY1NzlmMzE4MjgwODViZTY2N2IwYjQzMToxIn0.VI9D5TCR0km00huZCOCCUJ-Mo823E7mlXLU8qn0GiXk
x-message-istest
0
4TgWjB1997PyVRR165yvMP0gCf0tazU0PsxK14
lola.000hitv.lol/t/
282 B
534 B
Document
General
Full URL
http://lola.000hitv.lol/t/4TgWjB1997PyVRR165yvMP0gCf0tazU0PsxK14?utm_medium=email&utm_source=cordial&utm_campaign=
Requested by
Host: lola.000hitv.lol
URL: http://lola.000hitv.lol/4TgWjB1997PyVRR165yvMP0gCf0tazU0PsxK14?utm_medium=email&utm_source=cordial&utm_campaign=
Protocol
HTTP/1.1
Server
185.246.85.67 , France, ASN21409 (IKOULA, FR),
Reverse DNS
frhb83719ds.ikexpress.com
Software
/
Resource Hash
d2daf6051c1adecc8c54d3abaf77503218c31a5573bc3e522d7b30452e5e09d3

Request headers

Referer
http://lola.000hitv.lol/4TgWjB1997PyVRR165yvMP0gCf0tazU0PsxK14?utm_medium=email&utm_source=cordial&utm_campaign=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
282
Content-Type
text/html; charset=utf-8
Date
Wed, 13 Dec 2023 19:48:24 GMT
X-Address
gin_throttle_mw_360000000000_45.141.152.74
X-Ratelimit-Limit
10
X-Ratelimit-Remaining
8
X-Ratelimit-Reset
1702500503
Primary Request 0-0-0
quipfield.com/0/0/0/c79eea241b0464ee2222fac872d2d630/14/165-1997/
139 B
433 B
Document
General
Full URL
https://quipfield.com/0/0/0/c79eea241b0464ee2222fac872d2d630/14/165-1997/0-0-0
Requested by
Host: lola.000hitv.lol
URL: http://lola.000hitv.lol/t/4TgWjB1997PyVRR165yvMP0gCf0tazU0PsxK14?utm_medium=email&utm_source=cordial&utm_campaign=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.99.172.17 , United States, ASN398343 (BAXET-GROUP, US),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Referer
http://lola.000hitv.lol/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
139
content-type
text/html; charset=UTF-8
date
Wed, 13 Dec 2023 19:48:27 GMT
server
Apache
6023f809f6f598921d25c3ada1085a4d
epoxytrim.com/
Redirect Chain
  • https://quitchsnow.ink/?s1=350109&s2=1105395546&s3=1782&s4=3038&ow=&s10=3079
  • https://epoxytrim.com/6023f809f6f598921d25c3ada1085a4d
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
epoxytrim.com
URL
https://epoxytrim.com/6023f809f6f598921d25c3ada1085a4d

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Domain/Path Name / Value
quipfield.com/ Name: uid1782
Value: 1105395546-20231213144826-51cd74691425c8c2de45052cead6d772-0
quitchsnow.ink/ Name: PHPSESSID
Value: 6f501d83b8c133dcc8337d24d9d17a67

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

epoxytrim.com
events-handling-svc.cordial.io
lola.000hitv.lol
quipfield.com
epoxytrim.com
172.99.172.17
185.246.85.67
2606:4700::6810:d13e
0f3a07f36d6bddee418f7d7548bc165b09817e10764a359d2773388cdec9ff8a
d2daf6051c1adecc8c54d3abaf77503218c31a5573bc3e522d7b30452e5e09d3