Submitted URL: http://qtk.nir.mybluehost.me/en/bnb/access/account/login.php
Effective URL: https://qtk.nir.mybluehost.me/en/bnb/access/account/login.php
Submission: On October 14 via automatic, source openphish — Scanned from DE

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 17 HTTP transactions. The main IP is 50.6.153.125, located in United States and belongs to NETWORK-SOLUTIONS-HOSTING, US. The main domain is qtk.nir.mybluehost.me.
TLS certificate: Issued by R11 on September 27th 2024. Valid for: 3 months.
This is the only time qtk.nir.mybluehost.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
10 50.6.153.125 19871 (NETWORK-S...)
1 18.173.205.38 16509 (AMAZON-02)
17 3
Apex Domain
Subdomains
Transfer
10 mybluehost.me
qtk.nir.mybluehost.me
117 KB
1 bnbstatic.com
bin.bnbstatic.com — Cisco Umbrella Rank: 40416 Failed
5 KB
17 2
Domain Requested by
10 qtk.nir.mybluehost.me qtk.nir.mybluehost.me
1 bin.bnbstatic.com qtk.nir.mybluehost.me
17 2

This site contains no links.

Subject Issuer Validity Valid
cpcontacts.qtk.nir.mybluehost.me
R11
2024-09-27 -
2024-12-26
3 months crt.sh
*.bnbstatic.com
Amazon RSA 2048 M02
2024-09-25 -
2025-10-23
a year crt.sh

This page contains 1 frames:

Primary Page: https://qtk.nir.mybluehost.me/en/bnb/access/account/login.php
Frame ID: 598AABD0B900483691DF4501E9D4A49C
Requests: 18 HTTP requests in this frame

Screenshot

Page Title

Log In | Binance

Page URL History Show full URLs

  1. http://qtk.nir.mybluehost.me/en/bnb/access/account/login.php HTTP 307
    https://qtk.nir.mybluehost.me/en/bnb/access/account/login.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Page Statistics

17
Requests

65 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

121 kB
Transfer

498 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://qtk.nir.mybluehost.me/en/bnb/access/account/login.php HTTP 307
    https://qtk.nir.mybluehost.me/en/bnb/access/account/login.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request login.php
qtk.nir.mybluehost.me/en/bnb/access/account/
Redirect Chain
  • http://qtk.nir.mybluehost.me/en/bnb/access/account/login.php
  • https://qtk.nir.mybluehost.me/en/bnb/access/account/login.php
213 KB
51 KB
Document
General
Full URL
https://qtk.nir.mybluehost.me/en/bnb/access/account/login.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.6.153.125 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
50-6-153-125.unifiedlayer.com
Software
nginx/1.23.4 /
Resource Hash
f479daf97dd5839f4127440fec05b14907f4be0dfbf5e0f0990b91cc98ba0135

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 14 Oct 2024 02:07:20 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
pragma
no-cache
server
nginx/1.23.4
vary
Accept-Encoding
x-proxy-cache
MISS
x-server-cache
true

Redirect headers

Location
https://qtk.nir.mybluehost.me/en/bnb/access/account/login.php
Non-Authoritative-Reason
HttpsUpgrades
ecb6a3c5.css
qtk.nir.mybluehost.me/en/bnb/access/account/inc/
144 KB
33 KB
Stylesheet
General
Full URL
https://qtk.nir.mybluehost.me/en/bnb/access/account/inc/ecb6a3c5.css
Requested by
Host: qtk.nir.mybluehost.me
URL: https://qtk.nir.mybluehost.me/en/bnb/access/account/login.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.6.153.125 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
50-6-153-125.unifiedlayer.com
Software
Apache /
Resource Hash
4922dd36b9f4317c17fbf327ba5563251625102411968efcf89ac5f74cce9e81

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://qtk.nir.mybluehost.me/en/bnb/access/account/login.php

Response headers

content-encoding
gzip
accept-ranges
bytes
date
Mon, 14 Oct 2024 02:07:21 GMT
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified
Sat, 13 Jul 2024 11:40:42 GMT
vary
Accept-Encoding
server
Apache
content-type
text/css
026216ac.css
qtk.nir.mybluehost.me/en/bnb/access/account/inc/
70 KB
14 KB
Stylesheet
General
Full URL
https://qtk.nir.mybluehost.me/en/bnb/access/account/inc/026216ac.css
Requested by
Host: qtk.nir.mybluehost.me
URL: https://qtk.nir.mybluehost.me/en/bnb/access/account/login.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.6.153.125 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
50-6-153-125.unifiedlayer.com
Software
Apache /
Resource Hash
424a43f82e89cb5e79aa55624dd6346d7587939199fbcddca5feef4d120ce1d3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://qtk.nir.mybluehost.me/en/bnb/access/account/login.php

Response headers

content-encoding
gzip
accept-ranges
bytes
content-length
14650
date
Mon, 14 Oct 2024 02:07:21 GMT
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified
Sat, 13 Jul 2024 11:40:42 GMT
vary
Accept-Encoding
server
Apache
content-type
text/css
3e115bad.chunk.css
qtk.nir.mybluehost.me/en/bnb/access/account/inc/
55 KB
11 KB
Stylesheet
General
Full URL
https://qtk.nir.mybluehost.me/en/bnb/access/account/inc/3e115bad.chunk.css
Requested by
Host: qtk.nir.mybluehost.me
URL: https://qtk.nir.mybluehost.me/en/bnb/access/account/login.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.6.153.125 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
50-6-153-125.unifiedlayer.com
Software
Apache /
Resource Hash
ff16558e62e2eb205f8d4bbc33895bdca6758f472c8e6a040bd18ca29932bff6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://qtk.nir.mybluehost.me/en/bnb/access/account/login.php

Response headers

content-encoding
gzip
accept-ranges
bytes
content-length
11588
date
Mon, 14 Oct 2024 02:07:21 GMT
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified
Sat, 13 Jul 2024 11:40:42 GMT
vary
Accept-Encoding
server
Apache
content-type
text/css
12b962ba.chunk.css
qtk.nir.mybluehost.me/en/bnb/access/account/inc/
2 KB
609 B
Stylesheet
General
Full URL
https://qtk.nir.mybluehost.me/en/bnb/access/account/inc/12b962ba.chunk.css
Requested by
Host: qtk.nir.mybluehost.me
URL: https://qtk.nir.mybluehost.me/en/bnb/access/account/login.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.6.153.125 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
50-6-153-125.unifiedlayer.com
Software
Apache /
Resource Hash
74edf93b895f911350733b2ae373d3af525a1a6b870b7e4bd1dca8ccde183ec1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://qtk.nir.mybluehost.me/en/bnb/access/account/login.php

Response headers

content-encoding
gzip
accept-ranges
bytes
content-length
569
date
Mon, 14 Oct 2024 02:07:21 GMT
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified
Sat, 13 Jul 2024 11:40:42 GMT
vary
Accept-Encoding
server
Apache
content-type
text/css
style
qtk.nir.mybluehost.me/en/bnb/access/account/inc/
533 B
570 B
Stylesheet
General
Full URL
https://qtk.nir.mybluehost.me/en/bnb/access/account/inc/style
Requested by
Host: qtk.nir.mybluehost.me
URL: https://qtk.nir.mybluehost.me/en/bnb/access/account/login.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.6.153.125 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
50-6-153-125.unifiedlayer.com
Software
nginx/1.23.4 /
Resource Hash
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://qtk.nir.mybluehost.me/en/bnb/access/account/login.php

Response headers

accept-ranges
bytes
x-server-cache
false
content-length
533
date
Mon, 14 Oct 2024 02:07:21 GMT
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified
Sat, 13 Jul 2024 11:40:42 GMT
server
nginx/1.23.4
qrcode-binance-logo.svg
qtk.nir.mybluehost.me/en/bnb/access/account/inc/
663 B
763 B
Image
General
Full URL
https://qtk.nir.mybluehost.me/en/bnb/access/account/inc/qrcode-binance-logo.svg
Requested by
Host: qtk.nir.mybluehost.me
URL: https://qtk.nir.mybluehost.me/en/bnb/access/account/login.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.6.153.125 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
50-6-153-125.unifiedlayer.com
Software
Apache /
Resource Hash
bf5ed4c07e97858be58c3bf3536d3023ec48caae732fb82cb8c6a18061b0911f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://qtk.nir.mybluehost.me/en/bnb/access/account/login.php

Response headers

accept-ranges
bytes
content-length
663
date
Mon, 14 Oct 2024 02:07:21 GMT
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified
Sat, 13 Jul 2024 11:40:42 GMT
content-type
image/svg+xml
server
Apache
qrcode-login-dark.svg
qtk.nir.mybluehost.me/en/bnb/access/account/inc/
5 KB
5 KB
Image
General
Full URL
https://qtk.nir.mybluehost.me/en/bnb/access/account/inc/qrcode-login-dark.svg
Requested by
Host: qtk.nir.mybluehost.me
URL: https://qtk.nir.mybluehost.me/en/bnb/access/account/login.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.6.153.125 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
50-6-153-125.unifiedlayer.com
Software
Apache /
Resource Hash
091814aad8b67dcf0d882bbbca0b655c1906b7bba2844e06f5985060e9b57940

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://qtk.nir.mybluehost.me/en/bnb/access/account/login.php

Response headers

accept-ranges
bytes
content-length
4702
date
Mon, 14 Oct 2024 02:07:21 GMT
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified
Sat, 13 Jul 2024 11:40:42 GMT
content-type
image/svg+xml
server
Apache
logogoogle.png
qtk.nir.mybluehost.me/en/bnb/access/account/inc/
315 B
315 B
Image
General
Full URL
https://qtk.nir.mybluehost.me/en/bnb/access/account/inc/logogoogle.png
Requested by
Host: qtk.nir.mybluehost.me
URL: https://qtk.nir.mybluehost.me/en/bnb/access/account/login.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.6.153.125 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
50-6-153-125.unifiedlayer.com
Software
Apache /
Resource Hash
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://qtk.nir.mybluehost.me/en/bnb/access/account/login.php

Response headers

content-length
315
date
Mon, 14 Oct 2024 02:07:21 GMT
content-type
text/html; charset=iso-8859-1
server
Apache
ios.png
qtk.nir.mybluehost.me/en/bnb/access/account/inc/
486 B
525 B
Image
General
Full URL
https://qtk.nir.mybluehost.me/en/bnb/access/account/inc/ios.png
Requested by
Host: qtk.nir.mybluehost.me
URL: https://qtk.nir.mybluehost.me/en/bnb/access/account/login.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.6.153.125 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
50-6-153-125.unifiedlayer.com
Software
Apache /
Resource Hash
cb80eabd76e930ffe41e0431a86372fe3d1a412f1e16da14e0761011f66d0f92

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://qtk.nir.mybluehost.me/en/bnb/access/account/login.php

Response headers

accept-ranges
bytes
content-length
486
date
Mon, 14 Oct 2024 02:07:21 GMT
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified
Sat, 13 Jul 2024 11:40:42 GMT
content-type
image/png
server
Apache
truncated
/
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2001deeb7d475b4174b0bf4b74f1fcd6a16b6aaf6b0d2ff3fe069d018f272273

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
BinancePlex-Regular.woff2
bin.bnbstatic.com/static/fonts/bp/
0
0

BinancePlex-Regular.otf
bin.bnbstatic.com/static/fonts/bp/
0
0

BinancePlex-Medium.woff2
bin.bnbstatic.com/static/fonts/bp/
0
0

BinancePlex-SemiBold.woff2
bin.bnbstatic.com/static/fonts/bp/
0
0

BinancePlex-Medium.otf
bin.bnbstatic.com/static/fonts/bp/
0
0

BinancePlex-SemiBold.otf
bin.bnbstatic.com/static/fonts/bp/
0
0

favicon.ico
bin.bnbstatic.com/static/images/common/
4 KB
5 KB
Other
General
Full URL
https://bin.bnbstatic.com/static/images/common/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.173.205.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-38.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8318ebbcb1cb4729eb0f78bb058dc618c3b63f9f9f0070a1a7a3265fdc79b833

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://qtk.nir.mybluehost.me/

Response headers

etag
"43365839589fc348172246e108c1297c"
age
315695
x-amz-version-id
0jTR0giJhKifG_nIx6XWfkUhi4nHVPlS
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
Gxg46e0IRg2BNJegC5bad7Rhkx0xlaOQohuGPeA02fp66wvbJZLVqQ==
date
Thu, 10 Oct 2024 10:25:46 GMT
content-type
image/vnd.microsoft.icon
last-modified
Wed, 08 Feb 2023 06:47:23 GMT
x-amz-replication-status
COMPLETED
cache-control
public, max-age=31536000
via
1.1 741fa80e957b47e88235a1fa44ab4ea4.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
4286
x-amz-cf-pop
FRA56-P12
server
AmazonS3
x-amz-server-side-encryption
AES256

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
bin.bnbstatic.com
URL
https://bin.bnbstatic.com/static/fonts/bp/BinancePlex-Regular.woff2
Domain
bin.bnbstatic.com
URL
https://bin.bnbstatic.com/static/fonts/bp/BinancePlex-Regular.otf
Domain
bin.bnbstatic.com
URL
https://bin.bnbstatic.com/static/fonts/bp/BinancePlex-Medium.woff2
Domain
bin.bnbstatic.com
URL
https://bin.bnbstatic.com/static/fonts/bp/BinancePlex-SemiBold.woff2
Domain
bin.bnbstatic.com
URL
https://bin.bnbstatic.com/static/fonts/bp/BinancePlex-Medium.otf
Domain
bin.bnbstatic.com
URL
https://bin.bnbstatic.com/static/fonts/bp/BinancePlex-SemiBold.otf

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Domain/Path Name / Value
qtk.nir.mybluehost.me/ Name: PHPSESSID
Value: 68352fdd3083dae022afcfd5f3843a03

13 Console Messages

Source Level URL
Text
javascript error URL: https://qtk.nir.mybluehost.me/en/bnb/access/account/login.php
Message:
Access to font at 'https://bin.bnbstatic.com/static/fonts/bp/BinancePlex-Regular.woff2' from origin 'https://qtk.nir.mybluehost.me' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://bin.bnbstatic.com/static/fonts/bp/BinancePlex-Regular.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://qtk.nir.mybluehost.me/en/bnb/access/account/login.php
Message:
Access to font at 'https://bin.bnbstatic.com/static/fonts/bp/BinancePlex-Regular.otf' from origin 'https://qtk.nir.mybluehost.me' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://bin.bnbstatic.com/static/fonts/bp/BinancePlex-Regular.otf
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://qtk.nir.mybluehost.me/en/bnb/access/account/inc/logogoogle.png
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript error URL: https://qtk.nir.mybluehost.me/en/bnb/access/account/login.php
Message:
Access to font at 'https://bin.bnbstatic.com/static/fonts/bp/BinancePlex-Medium.woff2' from origin 'https://qtk.nir.mybluehost.me' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://bin.bnbstatic.com/static/fonts/bp/BinancePlex-Medium.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://qtk.nir.mybluehost.me/en/bnb/access/account/login.php
Message:
Access to font at 'https://bin.bnbstatic.com/static/fonts/bp/BinancePlex-SemiBold.woff2' from origin 'https://qtk.nir.mybluehost.me' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://bin.bnbstatic.com/static/fonts/bp/BinancePlex-SemiBold.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://qtk.nir.mybluehost.me/en/bnb/access/account/login.php
Message:
Access to font at 'https://bin.bnbstatic.com/static/fonts/bp/BinancePlex-Medium.otf' from origin 'https://qtk.nir.mybluehost.me' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://bin.bnbstatic.com/static/fonts/bp/BinancePlex-Medium.otf
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://qtk.nir.mybluehost.me/en/bnb/access/account/login.php
Message:
Access to font at 'https://bin.bnbstatic.com/static/fonts/bp/BinancePlex-SemiBold.otf' from origin 'https://qtk.nir.mybluehost.me' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://bin.bnbstatic.com/static/fonts/bp/BinancePlex-SemiBold.otf
Message:
Failed to load resource: net::ERR_FAILED