qr-system.gps-bank.com Open in urlscan Pro
104.218.120.135 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://qr-system.gps-bank.com/
Effective URL:
https://qr-system.gps-bank.com/
Submission Tags: @ecarlesi possiblethreat phishing Search All
Submission: On December 06 via api (December 6th 2024, 6:23:00 am UTC) from IT — Scanned from NL

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 8 HTTP transactions. The main IP is 104.218.120.135, located in Amsterdam, Netherlands and belongs to 247RACK, US. The main domain is qr-system.gps-bank.com.
TLS certificate: Issued by R11 on December 5th 2024. Valid for: 3 months.

This is the only time qr-system.gps-bank.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
8	104.218.120.135 104.218.120.135		62731 (247RACK) (247RACK)
8	1

8 104.218.120.135 (Amsterdam, Netherlands)

ASN62731 (247RACK, US)

qr-system.gps-bank.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
qr.api.gps-bank.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	gps-bank.com qr-system.gps-bank.com qr.api.gps-bank.com	244 KB
8	1

	Domain	Requested by
6	qr-system.gps-bank.com	qr-system.gps-bank.com
2	qr.api.gps-bank.com	qr-system.gps-bank.com
8	2

This site contains no links.

Subject Issuer	Validity	Valid
qr-system.gps-bank.com R11	`2024-12-05` - `2025-03-05`	3 months	crt.sh
qr.api.gps-bank.com R10	`2024-12-05` - `2025-03-05`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://qr-system.gps-bank.com/
Frame ID: DBFA49BA31FC5E2478178BD8C1209DA0
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

QR system

Page URL History Show full URLs

http://qr-system.gps-bank.com/ HTTP 307
https://qr-system.gps-bank.com/ Page URL

Page Statistics

8
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

1
IPs

1
Countries

244 kB
Transfer

817 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://qr-system.gps-bank.com/ HTTP 307
https://qr-system.gps-bank.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response qr-system.gps-bank.com/ Redirect Chain http://qr-system.gps-bank.com/ https://qr-system.gps-bank.com/	644 B 716 B	90ms 14ms	Document text/html	104.218.120.135 247RACK
General Check archive.org Show headers Download Go to Full URL https://qr-system.gps-bank.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.218.120.135 Amsterdam, Netherlands, ASN62731 (247RACK, US), Reverse DNS Software Apache/2.4.52 (Ubuntu) / Resource Hash `6026ff2095bb185cfc000ed1fca1063fc5c25529f004939097222556b22815ba` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers Accept-Ranges bytes Connection Keep-Alive Content-Encoding gzip Content-Length 379 Content-Type text/html Date Fri, 06 Dec 2024 06:22:55 GMT ETag "284-62612e06eb335-gzip" Keep-Alive timeout=5, max=100 Last-Modified Mon, 04 Nov 2024 09:26:16 GMT Server Apache/2.4.52 (Ubuntu) Vary Accept-Encoding Redirect headers Location https://qr-system.gps-bank.com/ Non-Authoritative-Reason HttpsUpgrades
GET H/1.1	200 OK	main.21384907.js Show response qr-system.gps-bank.com/static/js/	742 KB 186 KB	23ms 23ms	Script text/javascript	104.218.120.135 247RACK
General Check archive.org Show headers Download Go to Full URL https://qr-system.gps-bank.com/static/js/main.21384907.js Requested by Host: qr-system.gps-bank.com URL: https://qr-system.gps-bank.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.218.120.135 Amsterdam, Netherlands, ASN62731 (247RACK, US), Reverse DNS Software Apache/2.4.52 (Ubuntu) / Resource Hash `28da2fa6b6a510a45acc067ecd376a36f0169e0280d0cd08d62c86866e891a1a` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://qr-system.gps-bank.com/ Response headers Transfer-Encoding chunked Content-Encoding gzip ETag "b9700-62612e06ed275-gzip" Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Date Fri, 06 Dec 2024 06:22:55 GMT Last-Modified Mon, 04 Nov 2024 09:26:16 GMT Vary Accept-Encoding Server Apache/2.4.52 (Ubuntu) Content-Type text/javascript
GET H/1.1	200 OK	main.887950e3.css qr-system.gps-bank.com/static/css/	19 KB 5 KB	42ms 15ms	Stylesheet text/css	104.218.120.135 247RACK
General Check archive.org Show headers Download Go to Full URL https://qr-system.gps-bank.com/static/css/main.887950e3.css Requested by Host: qr-system.gps-bank.com URL: https://qr-system.gps-bank.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.218.120.135 Amsterdam, Netherlands, ASN62731 (247RACK, US), Reverse DNS Software Apache/2.4.52 (Ubuntu) / Resource Hash `545b2fa819ef52ede412d2aa1bc1a9ead5b39a27f01f686a4dc3ba7851952271` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://qr-system.gps-bank.com/ Response headers Content-Encoding gzip ETag "4dae-626126fdc4d61-gzip" Connection Keep-Alive Accept-Ranges bytes Content-Length 4709 Keep-Alive timeout=5, max=100 Date Fri, 06 Dec 2024 06:22:55 GMT Last-Modified Mon, 04 Nov 2024 08:54:48 GMT Vary Accept-Encoding Server Apache/2.4.52 (Ubuntu) Content-Type text/css
GET H/1.1	200 OK	GPS-Logo.c93c799cc53a2cce8582372b3fe274a9.svg qr-system.gps-bank.com/static/media/	47 KB 47 KB	15ms 15ms	Image image/svg+xml	104.218.120.135 247RACK
General Check archive.org Show headers Download Go to Show image Full URL https://qr-system.gps-bank.com/static/media/GPS-Logo.c93c799cc53a2cce8582372b3fe274a9.svg Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.218.120.135 Amsterdam, Netherlands, ASN62731 (247RACK, US), Reverse DNS Software Apache/2.4.52 (Ubuntu) / Resource Hash `c33a896e9f83fe904ca4aab4bb27baa7e55d01722db5cf8fda16bda0c62e0a23` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://qr-system.gps-bank.com/ Response headers ETag "bc65-622514707b761" Connection Keep-Alive Accept-Ranges bytes Content-Length 48229 Keep-Alive timeout=5, max=98 Date Fri, 06 Dec 2024 06:22:56 GMT Last-Modified Tue, 17 Sep 2024 14:12:19 GMT Content-Type image/svg+xml Server Apache/2.4.52 (Ubuntu)
OPTIONS H/1.1	200 OK	getoneuser qr.api.gps-bank.com/user/	0 0	142ms 20ms	Preflight application/json	104.218.120.135 247RACK
General Check archive.org Show headers Download Go to Full URL https://qr.api.gps-bank.com/user/getoneuser? Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.218.120.135 Amsterdam, Netherlands, ASN62731 (247RACK, US), Reverse DNS Software Apache/2.4.52 (Ubuntu) / Resource Hash Request headers Accept / Access-Control-Request-Headers authorization,x-api-key Access-Control-Request-Method GET Origin https://qr-system.gps-bank.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers Access-Control-Allow-Headers * Access-Control-Allow-Origin * Cache-Control max-age=3600, public Connection close Content-Type application/json Date Fri, 06 Dec 2024 06:22:56 GMT Server Apache/2.4.52 (Ubuntu)
GET H/1.1	200 OK	getoneuser Show response qr.api.gps-bank.com/user/	59 B 397 B	47ms 20ms	XHR application/json	104.218.120.135 247RACK
General Check archive.org Show headers Download Go to Full URL https://qr.api.gps-bank.com/user/getoneuser? Requested by Host: qr-system.gps-bank.com URL: https://qr-system.gps-bank.com/static/js/main.21384907.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.218.120.135 Amsterdam, Netherlands, ASN62731 (247RACK, US), Reverse DNS Software Apache/2.4.52 (Ubuntu) / Resource Hash `f2cac87ea6de05ccde607ec3482d649e1b4cc43cb4c63c03450856067ba13ede` Request headers Authorization null Referer https://qr-system.gps-bank.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Accept application/json, text/plain, / x-api-key PvHX0FeBnsXfvUSTa3ixrfcQdDUIx3b4rI9cHblrZpP76jmAb2AZNkAu87Xi6KmL Response headers Transfer-Encoding chunked Cache-Control max-age=3600, public Connection Keep-Alive Access-Control-Allow-Origin * Keep-Alive timeout=5, max=100 Date Fri, 06 Dec 2024 06:22:56 GMT Content-Type application/json Vary Authorization Server Apache/2.4.52 (Ubuntu) Access-Control-Allow-Headers *
GET H/1.1	200 OK	favicon.ico qr-system.gps-bank.com/	4 KB 4 KB	13ms 13ms	Other image/vnd.microsoft.icon	104.218.120.135 247RACK
General Check archive.org Show headers Download Go to Full URL https://qr-system.gps-bank.com/favicon.ico Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.218.120.135 Amsterdam, Netherlands, ASN62731 (247RACK, US), Reverse DNS Software Apache/2.4.52 (Ubuntu) / Resource Hash `e56f1f115c195b3ab3789c83ae7e0fbc31459a548f2395b19cd674c751d905f3` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://qr-system.gps-bank.com/login Response headers ETag "10be-6225146cd8caa" Connection Keep-Alive Accept-Ranges bytes Content-Length 4286 Keep-Alive timeout=5, max=99 Date Fri, 06 Dec 2024 06:22:56 GMT Last-Modified Tue, 17 Sep 2024 14:12:15 GMT Content-Type image/vnd.microsoft.icon Server Apache/2.4.52 (Ubuntu)
GET H/1.1	200 OK	favicon.ico qr-system.gps-bank.com/	4 KB 0	12ms 12ms	Other image/vnd.microsoft.icon	104.218.120.135 247RACK
General Check archive.org Show headers Download Go to Full URL https://qr-system.gps-bank.com/favicon.ico Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.218.120.135 Amsterdam, Netherlands, ASN62731 (247RACK, US), Reverse DNS Software Apache/2.4.52 (Ubuntu) / Resource Hash `e56f1f115c195b3ab3789c83ae7e0fbc31459a548f2395b19cd674c751d905f3` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://qr-system.gps-bank.com/login Response headers Accept-Ranges bytes Content-Length 4286 Date Fri, 06 Dec 2024 06:22:56 GMT ETag "10be-6225146cd8caa" Last-Modified Tue, 17 Sep 2024 14:12:15 GMT Content-Type image/vnd.microsoft.icon Server Apache/2.4.52 (Ubuntu)

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| webpackChunkstudent string| __reactRouterVersion

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://qr-system.gps-bank.com/login Message: [DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

qr-system.gps-bank.com
qr.api.gps-bank.com
104.218.120.135
28da2fa6b6a510a45acc067ecd376a36f0169e0280d0cd08d62c86866e891a1a
545b2fa819ef52ede412d2aa1bc1a9ead5b39a27f01f686a4dc3ba7851952271
6026ff2095bb185cfc000ed1fca1063fc5c25529f004939097222556b22815ba
c33a896e9f83fe904ca4aab4bb27baa7e55d01722db5cf8fda16bda0c62e0a23
e56f1f115c195b3ab3789c83ae7e0fbc31459a548f2395b19cd674c751d905f3
f2cac87ea6de05ccde607ec3482d649e1b4cc43cb4c63c03450856067ba13ede

qr-system.gps-bank.com Open in urlscan Pro 104.218.120.135 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

8 Requests

100 %HTTPS

0 %IPv6

1 Domains

2 Subdomains

1 IPs

1 Countries

244 kBTransfer

817 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

qr-system.gps-bank.com Open in urlscan Pro
104.218.120.135 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

1
IPs

1
Countries

244 kB
Transfer

817 kB
Size

0
Cookies

8 HTTP transactions
0 data transactions