email-qnbfinansbank.com Open in urlscan Pro
2606:4700:3034::ac43:a585  Malicious Activity! Public Scan

37 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. http://email-qnbfinansbank.com/ Page URL
2. https://email-qnbfinansbank.com/promosyon/Calisan-Promosyon/promosyon.php Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ Show response email-qnbfinansbank.com/	118 B 816 B	709ms 516ms	Document text/html	2606:4700:3032::6815:31b4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://email-qnbfinansbank.com/ Protocol HTTP/1.1 Server 2606:4700:3032::6815:31b4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 99958a1d9e2e1d2e06732f355b811d8a1ee458192b8ff62c2457f8eb4779d2b7 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers CF-Cache-Status DYNAMIC CF-RAY 8245df564b5491c9-SIN Connection keep-alive Content-Encoding gzip Content-Type text/html Date Sat, 11 Nov 2023 10:32:38 GMT Last-Modified Sat, 11 Nov 2023 01:42:20 GMT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oPSiyHiyS12ThSBvmi%2FegcUhO94Cn8Yoe9nJ9lKOL8iu4TFkpm821pI339eRu15mSRHJrHMc9mCE7PxOOk2aQ9rHm%2BqXOayBQbXBVD3ttZorKj6b8BM1RQ32g5W9ofEw3TK1msdljgQGUYncktLGwi4%2BFOCV6w%3D%3D"}],"group":"cf-nel","max_age":604800} Server cloudflare Transfer-Encoding chunked Vary Accept-Encoding alt-svc h3=":443"; ma=86400
GET H2	200	Primary Request promosyon.php Show response email-qnbfinansbank.com/promosyon/Calisan-Promosyon/	81 KB 15 KB	128ms 79ms	Document text/html	2606:4700:3034::ac43:a585 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://email-qnbfinansbank.com/promosyon/Calisan-Promosyon/promosyon.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::ac43:a585 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 74bdb29a6fb64589d561596016955d2cd273ba79ab5543aafa1550b8a499157b Request headers Referer http://email-qnbfinansbank.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 8245df597b532c65-FRA content-encoding br content-type text/html; charset=UTF-8 date Sat, 11 Nov 2023 10:32:38 GMT expires Thu, 19 Nov 1981 08:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jodlqevbjaY7Sycyx4BAkEYHILndOipiv4AEVjhNYsFTATG6huyEKQ7vRBM7E82tv1o6GioB%2FiWAcCBv1qQBWekYEfnhSOPiVDgJBrVoSa9NBdpMxzbhoC4syTU3s7QhSd5jlQ9IYaAbfWBAXrSytyeO2xYkaw%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	QNB-23220-Emekli-Kampanya-1650x774_03-a8f3c451-a5db-4c1f-ac53-6b0e4fae1fe6.jpg_%3bname%3dss email-qnbfinansbank.com/promosyon/Calisan-Promosyon/medium/	124 KB 125 KB	55ms 46ms	Image image/jpeg	2606:4700:3034::ac43:a585 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://email-qnbfinansbank.com/promosyon/Calisan-Promosyon/medium/QNB-23220-Emekli-Kampanya-1650x774_03-a8f3c451-a5db-4c1f-ac53-6b0e4fae1fe6.jpg_%3bname%3dss Requested by Host: email-qnbfinansbank.com URL: https://email-qnbfinansbank.com/promosyon/Calisan-Promosyon/promosyon.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::ac43:a585 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a5207c12cfe9039c247aab5e7e5f5b8299fa2be0dc0211edb49fed55c18a0c11 Request headers accept-language de-DE,de;q=0.9 Referer https://email-qnbfinansbank.com/promosyon/Calisan-Promosyon/promosyon.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:32:38 GMT cf-cache-status DYNAMIC last-modified Thu, 09 Nov 2023 21:00:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "1f16c-609be7ca6b400" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DB0mlGcDPZo7tVKbrLL1FiAdZiGcBChqdkzBzzhSuMIVcyrR%2Bl2yBeDcbSfWogGUwXfpivabEYnGHreDjzFAoiyvhzs3ZTMMJzZeIb38LQcCzzsQqtQrp4MoQpoWDENVry1clmSA7s8TtMl68gQzVBU7wLIzAQ%3D%3D"}],"group":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 8245df5a1c192c65-FRA alt-svc h3=":443"; ma=86400 content-length 127340
GET H2	200	355865_1_0.woff2 email-qnbfinansbank.com/promosyon/Calisan-Promosyon/_assets/fonts/	55 KB 56 KB	114ms 107ms	Font application/octet-stream	2606:4700:3034::ac43:a585 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://email-qnbfinansbank.com/promosyon/Calisan-Promosyon/_assets/fonts/355865_1_0.woff2 Requested by Host: email-qnbfinansbank.com URL: https://email-qnbfinansbank.com/promosyon/Calisan-Promosyon/promosyon.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::ac43:a585 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1f79b77c59f93188451b759871002e414f6cf062e388b99ce2d2394a064a6a52 Request headers Referer https://email-qnbfinansbank.com/promosyon/Calisan-Promosyon/promosyon.php Origin https://email-qnbfinansbank.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:32:38 GMT cf-cache-status MISS last-modified Wed, 08 Aug 2018 15:52:08 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "dde2-572ee7e29ba00" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=az38KXHvIwkTQUynLK%2BwL01ExLcQY%2BlCJK6ixVhFs%2FNBNiPcBKOUyRKKx5Om10XcBB8BwNtevfiDjnUU1hKA5qwMWVOPYBS7ZeAulRz5U4I094AlVekBvPmZ6xwtulutsISA%2B4cmJix61pXoeXok%2BX6pdu35dA%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=14400 accept-ranges bytes cf-ray 8245df5a1c152c65-FRA alt-svc h3=":443"; ma=86400 content-length 56802
GET H2	200	355865_2_0.woff2 email-qnbfinansbank.com/promosyon/Calisan-Promosyon/_assets/fonts/	55 KB 56 KB	128ms 122ms	Font application/octet-stream	2606:4700:3034::ac43:a585 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://email-qnbfinansbank.com/promosyon/Calisan-Promosyon/_assets/fonts/355865_2_0.woff2 Requested by Host: email-qnbfinansbank.com URL: https://email-qnbfinansbank.com/promosyon/Calisan-Promosyon/promosyon.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::ac43:a585 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f9acde326cc0a3c8ee7b2a05a31b4635eb1507b4919c6d9ebc506f38c6f20f37 Request headers Referer https://email-qnbfinansbank.com/promosyon/Calisan-Promosyon/promosyon.php Origin https://email-qnbfinansbank.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:32:38 GMT cf-cache-status MISS last-modified Wed, 08 Aug 2018 15:52:08 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "dcc5-572ee7e29ba00" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ijCyEP4EOdhXnM33MQB7IVYT5O8n4TWmzHHQMjglLiLDWVi4mQ32XTm3ijuE2WbF7QnRQUCVYmQ%2BleS1%2FxNeKUvpUznPVYgm86aMURnEYMiUpOi8mkV6vlM7lRWoqh7uMbUU3i4UvBHPxflgBcQay7DJdpRDLQ%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=14400 accept-ranges bytes cf-ray 8245df5a1c162c65-FRA alt-svc h3=":443"; ma=86400 content-length 56517
GET H2	200	icomoonf0c4.woff2 email-qnbfinansbank.com/promosyon/Calisan-Promosyon/_assets/css/plugins/fonts/	11 KB 11 KB	82ms 77ms	Font application/octet-stream	2606:4700:3034::ac43:a585 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://email-qnbfinansbank.com/promosyon/Calisan-Promosyon/_assets/css/plugins/fonts/icomoonf0c4.woff2?wg7531 Requested by Host: email-qnbfinansbank.com URL: https://email-qnbfinansbank.com/promosyon/Calisan-Promosyon/promosyon.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::ac43:a585 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bae381bdcdae2e6df04e106d366fb6ddd65fe8ed88bbac1a4f5055a2ff174fe9 Request headers Referer https://email-qnbfinansbank.com/promosyon/Calisan-Promosyon/promosyon.php Origin https://email-qnbfinansbank.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:32:38 GMT cf-cache-status MISS last-modified Mon, 11 Sep 2023 10:07:38 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "2b10-605127ef80e80" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RFz%2FpfafCOSGfvN6fxkWq%2FENuE5XMkoCt%2B%2FDb7FxMGYaRiFOP4VQz4AMHAJV5uEsQqM1eluuZyOzdjDXMIDde4cDGIxqP5jmS5rxmfTQwgbHgl3gUHZuiT3q8ylhINRWGiKxMQHPIc9GeFsivBsyEgKnrJnDkA%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=14400 accept-ranges bytes cf-ray 8245df5a1c182c65-FRA alt-svc h3=":443"; ma=86400 content-length 11024
GET H2	200	magiclick.core.min3c0d.css email-qnbfinansbank.com/promosyon/Calisan-Promosyon/	204 KB 34 KB	160ms 154ms	Stylesheet text/css	2606:4700:3034::ac43:a585 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://email-qnbfinansbank.com/promosyon/Calisan-Promosyon/magiclick.core.min3c0d.css?v=_OTv0CI0dZ_p18f6skKAEkWhD03h0NUrFsttK1q2IMM1 Requested by Host: email-qnbfinansbank.com URL: https://email-qnbfinansbank.com/promosyon/Calisan-Promosyon/promosyon.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::ac43:a585 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2df4c82b7804a0ec5bc90b1243e37e6b0d6b78609cc75f06e6290c66dd84413a Request headers accept-language de-DE,de;q=0.9 Referer https://email-qnbfinansbank.com/promosyon/Calisan-Promosyon/promosyon.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:32:38 GMT content-encoding br cf-cache-status MISS last-modified Fri, 10 Nov 2023 10:58:42 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"32fb1-609ca34137c80-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=seC3V2LClTFefqShaCcCrrTsVmqOce2sUvFiYgwiWBfoxmvn%2FWoWTFXIGm%2BQgRPZHv13L5IMF5KIj7Ihi1Zh%2F67k2DVB9Zgp8f3O6yOp%2FhAYnEMBUWJzesjqEmhZvEVQMp7jmFTBUn%2F7RcGW0XL331wUmPoJhg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 8245df5a1c112c65-FRA alt-svc h3=":443"; ma=86400
GET H2	200	magiclick.min774b.css email-qnbfinansbank.com/promosyon/Calisan-Promosyon/	442 KB 54 KB	205ms 201ms	Stylesheet text/css	2606:4700:3034::ac43:a585 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://email-qnbfinansbank.com/promosyon/Calisan-Promosyon/magiclick.min774b.css?v=lp7gAaLo_6YF4VUNfKO6yBenV9nwLQ4_pUa-eYMHSc41 Requested by Host: email-qnbfinansbank.com URL: https://email-qnbfinansbank.com/promosyon/Calisan-Promosyon/promosyon.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::ac43:a585 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a34f7b2940d3ae39d3fd68c9de88397b68f1dffbca52bb451701ce64a34303f6 Request headers accept-language de-DE,de;q=0.9 Referer https://email-qnbfinansbank.com/promosyon/Calisan-Promosyon/promosyon.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:32:38 GMT content-encoding br cf-cache-status MISS last-modified Fri, 10 Nov 2023 10:58:42 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6e6a3-609ca34137c80-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bOBklRfs27bFqoPbViXPsJp4r08he4nUxJsRAxY7UMcE97EXGudNwH7B0vpgUeWuicJcbMPNkUZJ9GMHjKI4Lv5cj%2BOUYdQjkUsJFGcQchTXLcRwIgym7C65oUTC5%2BAkCEuxM4fNKMQ3TPWtMClK8pGiufhzZw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 8245df5a1c1a2c65-FRA alt-svc h3=":443"; ma=86400
GET H2	200	qnbfinansbank.com.prod.js Show response email-qnbfinansbank.com/promosyon/bundles.efilli.com/	172 KB 49 KB	180ms 176ms	Script application/javascript	2606:4700:3034::ac43:a585 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://email-qnbfinansbank.com/promosyon/bundles.efilli.com/qnbfinansbank.com.prod.js Requested by Host: email-qnbfinansbank.com URL: https://email-qnbfinansbank.com/promosyon/Calisan-Promosyon/promosyon.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::ac43:a585 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 835eef9674b09c5045002fd5c191afa8226d026f9f8b3cd6206e51c85f8cbc47 Request headers accept-language de-DE,de;q=0.9 Referer https://email-qnbfinansbank.com/promosyon/Calisan-Promosyon/promosyon.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:32:38 GMT content-encoding br cf-cache-status MISS last-modified Wed, 08 Nov 2023 09:16:40 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"2b1df-609a08b7e6e00-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FSMzNu4kvfSpJkA4e81LGkjeHmFbDTMz45KikVWu5viiFI2Ok9yOf8SN0it8WL8tipssrGdmoYWTMlSM0st5fQ4V1njcKI9QOOxJYozGFp1Re6oFfzuHDg43vAxy3hSQteiYKzQH3hvcxV8tGqaTsHrwexmVjg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 8245df5a1c1b2c65-FRA alt-svc h3=":443"; ma=86400
GET H2	200	notify-icon.png email-qnbfinansbank.com/promosyon/Calisan-Promosyon/_assets/img/	662 B 1004 B	95ms 92ms	Image image/png	2606:4700:3034::ac43:a585 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://email-qnbfinansbank.com/promosyon/Calisan-Promosyon/_assets/img/notify-icon.png Requested by Host: email-qnbfinansbank.com URL: https://email-qnbfinansbank.com/promosyon/Calisan-Promosyon/promosyon.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::ac43:a585 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 12b24628c516a6d519a99141c00623455c4cb1df4a1f20cae8a28371143bd772 Request headers accept-language de-DE,de;q=0.9 Referer https://email-qnbfinansbank.com/promosyon/Calisan-Promosyon/promosyon.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:32:38 GMT cf-cache-status MISS last-modified Thu, 03 Nov 2022 09:07:28 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "296-5ec8d494ed400" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wAhkQe9ZGVo1nkDCvVxPdXvNHgwOZaOYOmGvcLQsa1qKTRueGt10gdw%2BegX%2FixnNfraDFCrhrAKvG4VauA2LM6Xj1B5ul9zG99IVWSxhDsoHjhn6Uo3n64PZYjanJEbA0nMGANuU4T9Niuhr9roNu1Xe4pQLHA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 8245df5a1c1d2c65-FRA alt-svc h3=":443"; ma=86400 content-length 662
GET H2	200	logo.png email-qnbfinansbank.com/promosyon/Calisan-Promosyon/_assets/img/	8 KB 8 KB	98ms 95ms	Image image/png	2606:4700:3034::ac43:a585 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://email-qnbfinansbank.com/promosyon/Calisan-Promosyon/_assets/img/logo.png Requested by Host: email-qnbfinansbank.com URL: https://email-qnbfinansbank.com/promosyon/Calisan-Promosyon/promosyon.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::ac43:a585 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2c01fcf4c587cd936cbb0d4349b9fc88dd585023f7059ccc8264a4f10622cf7d Request headers accept-language de-DE,de;q=0.9 Referer https://email-qnbfinansbank.com/promosyon/Calisan-Promosyon/promosyon.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:32:38 GMT cf-cache-status MISS last-modified Thu, 03 Nov 2022 09:07:28 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "1f12-5ec8d494ed400" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IN8X3VxRmfmUP%2BvqxgAsusa3gv3n1q%2FV0dPp3%2BXfAWRTRhUTToVUsdeuSpPMD%2FZeb6dFZsvoXt3H7qDyOQVwR5nSY%2F0Vu0e%2Fq5GdByxXjGmo1d%2B54ZsHDxYw3pPw2axF%2BC0rk7eCNVqUYiVBHDcsx0IbRbKTQQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 8245df5a1c1e2c65-FRA alt-svc h3=":443"; ma=86400 content-length 7954
GET H3	200	Captchafa98.jpg email-qnbfinansbank.com/promosyon/Calisan-Promosyon/	3 KB 3 KB	1860ms 1858ms	Image image/jpeg	2606:4700:3034::ac43:a585 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://email-qnbfinansbank.com/promosyon/Calisan-Promosyon/Captchafa98.jpg?type=c Requested by Host: email-qnbfinansbank.com URL: https://email-qnbfinansbank.com/promosyon/Calisan-Promosyon/promosyon.php Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:a585 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 52564527f82abe8d02d34431b8747c87cba41bc0be51deafe1007b192e3fa9a6 Request headers accept-language de-DE,de;q=0.9 Referer https://email-qnbfinansbank.com/promosyon/Calisan-Promosyon/promosyon.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:32:40 GMT cf-cache-status MISS last-modified Fri, 10 Nov 2023 19:24:04 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "b12-609d143687d00" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZKBczDQshjZgiLs%2BeIc4t8eMHtGRUyTN%2BEP3mJXEL%2FMzpU4eZddO%2BdgvOOWcvBU9DKinIsPNWHvUtNlL6o%2FE7wZSirYSoXEcWFhnXGnPVNqfC4UKoL4qFihv7jr6AsbGgncodMLK6lxew%2B7279wy8I89IKZAfw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 8245df5abf3a9112-FRA alt-svc h3=":443"; ma=86400 content-length 2834
GET H3	200	climate-neutral-label.png email-qnbfinansbank.com/promosyon/Calisan-Promosyon/_assets/img/	9 KB 9 KB	850ms 848ms	Image image/png	2606:4700:3034::ac43:a585 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://email-qnbfinansbank.com/promosyon/Calisan-Promosyon/_assets/img/climate-neutral-label.png Requested by Host: email-qnbfinansbank.com URL: https://email-qnbfinansbank.com/promosyon/Calisan-Promosyon/promosyon.php Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:a585 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 47712b64365e397651a125a24ef5d817452f09ad9f67f15c42f8c3f85dd6ffb4 Request headers accept-language de-DE,de;q=0.9 Referer https://email-qnbfinansbank.com/promosyon/Calisan-Promosyon/promosyon.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:32:39 GMT cf-cache-status MISS last-modified Wed, 02 Aug 2023 12:03:08 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "23e1-601ef72607700" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o12cuPZzipy8ONEiHywnJzs6VVLzeMFNyZuew4hs5RGSRkg57z%2FFxnAYpzTGyhNlAZd4p4YhO94I33hsiolDijVySiM%2FqaD1UU%2FcDAEJB2AkJV2e4A2mXCKOEC8VRFsWbD3l%2FaZAV63eNxSBZ%2FD2x%2BadmUThKw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 8245df5abf3b9112-FRA alt-svc h3=":443"; ma=86400 content-length 9185
GET H3	200	gtm5445.html Show response email-qnbfinansbank.com/promosyon/www.googletagmanager.com/	2 KB 1 KB	2739ms 2738ms	Script text/html	2606:4700:3034::ac43:a585 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://email-qnbfinansbank.com/promosyon/www.googletagmanager.com/gtm5445.html?id=GTM-MFJ2VK Requested by Host: email-qnbfinansbank.com URL: https://email-qnbfinansbank.com/promosyon/Calisan-Promosyon/promosyon.php Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:a585 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e8f2ded5d74c0ee5f427a20b6715e65bc79ed5c4fc67fb00d89005515c8efe63 Request headers accept-language de-DE,de;q=0.9 Referer https://email-qnbfinansbank.com/promosyon/Calisan-Promosyon/promosyon.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:32:41 GMT content-encoding br cf-cache-status DYNAMIC last-modified Fri, 10 Nov 2023 19:24:23 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=25EdQzhvnW0uYdHx32xKbfuJ%2BDn039uXyv%2FsAm0tZ64ZxMWUXrntIQKet4be4SSBgosTe5t%2FdQ%2FfBlK6x1grdY6ET5mfdVIX1moAIy636C%2BqlGy5I%2B2DRwZrCfQ9QsSmVW2kUK0AjhMUptSbFKGBdKlySxeVjg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html cf-ray 8245df5b8ff89112-FRA alt-svc h3=":443"; ma=86400
GET H3	200	print.css email-qnbfinansbank.com/promosyon/Calisan-Promosyon/_assets/css/	6 KB 3 KB	3528ms 3528ms	Stylesheet text/css	2606:4700:3034::ac43:a585 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://email-qnbfinansbank.com/promosyon/Calisan-Promosyon/_assets/css/print.css Requested by Host: email-qnbfinansbank.com URL: https://email-qnbfinansbank.com/promosyon/Calisan-Promosyon/promosyon.php Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:a585 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3c3955916e9fbe2929186cc939b9231ede8500be0a5cf45c5efda89e6e0f428c Request headers accept-language de-DE,de;q=0.9 Referer https://email-qnbfinansbank.com/promosyon/Calisan-Promosyon/promosyon.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:32:42 GMT content-encoding br cf-cache-status MISS last-modified Wed, 08 Aug 2018 15:52:06 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"17ce-572ee7e0b3580-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZGi3NUqpFwGA7aoG2MRbiD5IYPTWVo5QhWJ%2BMGviFNM4s2Zjvy%2FLYYXPytz56psiCzWqxIfoNUDSBONrDm4R5ZM5nlSaTNTN2NY60XAfeSUmB1tRKKk2zyram3IiUFh8wgqIbi%2FZt7jSf8YULwe6LgQJTZbVvw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 8245df5b8ffa9112-FRA alt-svc h3=":443"; ma=86400
GET H3	200	magiclick.core.min1e64.js Show response email-qnbfinansbank.com/promosyon/Calisan-Promosyon/	704 KB 216 KB	2836ms 2835ms	Script application/javascript	2606:4700:3034::ac43:a585 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://email-qnbfinansbank.com/promosyon/Calisan-Promosyon/magiclick.core.min1e64.js?v=DK3aHgvtKrVFUQ5FzX8uYUaHxuhxkWjaMXexmUPjfEQ1 Requested by Host: email-qnbfinansbank.com URL: https://email-qnbfinansbank.com/promosyon/Calisan-Promosyon/promosyon.php Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:a585 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a277ce219584e78e2c2756874ef1b239e51ee0bfc555e02c6d2bd50ea1da7880 Request headers accept-language de-DE,de;q=0.9 Referer https://email-qnbfinansbank.com/promosyon/Calisan-Promosyon/promosyon.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:32:41 GMT content-encoding br cf-cache-status MISS last-modified Fri, 10 Nov 2023 10:58:43 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"afebf-609ca3422bec0-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8bek75TUi2fS4LjH7FMUnEMDJjzsFzX5nTN56yNpHqSkDf9wgVd4kzq%2BWqXrOyEygxB7wdv%2FrDUZujqSrf9CQIq92w1dTgwJfgzpQa6PXjB0%2B2d8dvkTqFhYohhohDauhPmBZWGYj1pRcOGBrk%2FZvv3tYFFA%2BA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 8245df5b8ff39112-FRA alt-svc h3=":443"; ma=86400
GET H3	200	magiclick.tr.min35a7.js Show response email-qnbfinansbank.com/promosyon/Calisan-Promosyon/	104 KB 29 KB	1754ms 1753ms	Script application/javascript	2606:4700:3034::ac43:a585 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://email-qnbfinansbank.com/promosyon/Calisan-Promosyon/magiclick.tr.min35a7.js?v=iY1NoK45ng1onUaRf_b_yfhRyAp1Po7O1krXxCrVHtg1 Requested by Host: email-qnbfinansbank.com URL: https://email-qnbfinansbank.com/promosyon/Calisan-Promosyon/promosyon.php Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:a585 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a5b669c1fdff76f4fc2bb71d7e0700f4f62ae16d253ae591c7b6d32db0ca8fc5 Request headers accept-language de-DE,de;q=0.9 Referer https://email-qnbfinansbank.com/promosyon/Calisan-Promosyon/promosyon.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:32:40 GMT content-encoding br cf-cache-status MISS last-modified Fri, 10 Nov 2023 10:58:43 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"1a172-609ca3422bec0-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CjmX7ChO2NIiQoXLhEhRa%2BGdKCGsTD02br6t87rVxIJ1RUvwO6kGIpb8Hma2J5jUjRuR2N40%2FXVAGhDA63H34VeYFbzF6g32lI7q23OlWAwaG3KhtnSLTbEsgioI4Te3iG1p82Ve0QHFsMggfxsA7fJNxv2E0w%3D%3D"}],"group":"cf-nel","max_age":604800} content-language tr content-type application/javascript cache-control max-age=14400 cf-ray 8245df5b8ff59112-FRA alt-svc h3=":443"; ma=86400
GET H3	200	ApplicationFormWithSmsJS.min.js Show response email-qnbfinansbank.com/promosyon/Calisan-Promosyon/	39 KB 7 KB	2742ms 2742ms	Script application/javascript	2606:4700:3034::ac43:a585 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://email-qnbfinansbank.com/promosyon/Calisan-Promosyon/ApplicationFormWithSmsJS.min.js Requested by Host: email-qnbfinansbank.com URL: https://email-qnbfinansbank.com/promosyon/Calisan-Promosyon/promosyon.php Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:a585 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash adf907ddeb031bfd5134592e8fa3571ac89490bf6ba41a8c55fc64b3f5d575e7 Request headers accept-language de-DE,de;q=0.9 Referer https://email-qnbfinansbank.com/promosyon/Calisan-Promosyon/promosyon.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:32:41 GMT content-encoding br cf-cache-status MISS last-modified Fri, 10 Nov 2023 10:58:43 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"9abb-609ca3422bec0-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mjK2OaX5NwiYtUwIFeieLEjghA%2FmnbnwVkp3JrY7Z2yMStOg%2Fb%2FOMs6gA4y4Cqwg6EXubYRYZlSRRdiPvrSrJ7y9Pet3a%2FKXBmCISK%2FUotXp1TdSaGmB3Z0fm1kGguCtsLwwzLBWW4M2%2B2InbWUbdrm88baTdw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 8245df5b8ff69112-FRA alt-svc h3=":443"; ma=86400
GET H3	200	Captcha.js Show response email-qnbfinansbank.com/promosyon/Calisan-Promosyon/_assets/js/modules/	407 B 715 B	2737ms 2736ms	Script application/javascript	2606:4700:3034::ac43:a585 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://email-qnbfinansbank.com/promosyon/Calisan-Promosyon/_assets/js/modules/Captcha.js Requested by Host: email-qnbfinansbank.com URL: https://email-qnbfinansbank.com/promosyon/Calisan-Promosyon/promosyon.php Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:a585 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 30855b1efb07ba5232aa55edc728ce9ad040644045bae1ad5549bf02d3a8d068 Request headers accept-language de-DE,de;q=0.9 Referer https://email-qnbfinansbank.com/promosyon/Calisan-Promosyon/promosyon.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:32:41 GMT content-encoding br cf-cache-status MISS last-modified Wed, 26 Sep 2018 16:04:14 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"197-576c85fa8fb80-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QVhpZ0ibV%2FWSFVPQWYSOjSJIOzEE6dGWDs6rPZvcz2ZVwC1%2BfLczAfWI7DCgKo8jKZfz8Yls%2F0Kr7cVFXVGfYGhE6bwlsk%2Fkr4y5XN%2F1xMk7IqtTHIrupvsOf1JWOOXZOfJpbS2XOotx8I1jAAy%2FLCuS7L1%2BgQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 8245df5b8ff79112-FRA alt-svc h3=":443"; ma=86400
GET H3	200	header_belt.png email-qnbfinansbank.com/promosyon/Calisan-Promosyon/_assets/img/	26 KB 26 KB	3765ms 3765ms	Image image/png	2606:4700:3034::ac43:a585 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://email-qnbfinansbank.com/promosyon/Calisan-Promosyon/_assets/img/header_belt.png Requested by Host: email-qnbfinansbank.com URL: https://email-qnbfinansbank.com/promosyon/Calisan-Promosyon/magiclick.min774b.css?v=lp7gAaLo_6YF4VUNfKO6yBenV9nwLQ4_pUa-eYMHSc41 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:a585 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c39a7ea87b66dbefaad89765435427c1082647d25ae2d123594aab4ab77ac637 Request headers accept-language de-DE,de;q=0.9 Referer https://email-qnbfinansbank.com/promosyon/Calisan-Promosyon/magiclick.min774b.css?v=lp7gAaLo_6YF4VUNfKO6yBenV9nwLQ4_pUa-eYMHSc41 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:32:42 GMT cf-cache-status MISS last-modified Tue, 20 Jun 2023 10:46:42 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "6667-5fe8d5dda8880" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e%2Fg61fMnYMaEdr3hf9Hz3E2UJap98OI98838VAKbhSsek9r9DWebmJM0bzQIStGRja0H9tMfLZ3zLsWBAxGabchy%2FFjbPU4a7UlDJEgm%2Bhv0pIsjKnknL7PIo4Bw30zFCONW5H2qGtjNHbxguNHR11Dqt1dMpA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 8245df5ba80d9112-FRA alt-svc h3=":443"; ma=86400 content-length 26215
GET H3	200	dotted-border.png email-qnbfinansbank.com/promosyon/Calisan-Promosyon/_assets/img/	103 B 583 B	3739ms 3738ms	Image image/png	2606:4700:3034::ac43:a585 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://email-qnbfinansbank.com/promosyon/Calisan-Promosyon/_assets/img/dotted-border.png Requested by Host: email-qnbfinansbank.com URL: https://email-qnbfinansbank.com/promosyon/Calisan-Promosyon/magiclick.min774b.css?v=lp7gAaLo_6YF4VUNfKO6yBenV9nwLQ4_pUa-eYMHSc41 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:a585 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 52154d8dd73368f63acf94c71e9604c9acef54ee297dcfa28eb927aa8dc96705 Request headers accept-language de-DE,de;q=0.9 Referer https://email-qnbfinansbank.com/promosyon/Calisan-Promosyon/magiclick.min774b.css?v=lp7gAaLo_6YF4VUNfKO6yBenV9nwLQ4_pUa-eYMHSc41 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:32:42 GMT cf-cache-status MISS last-modified Thu, 03 Nov 2022 09:07:28 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "67-5ec8d494ed400" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f3K80ai8kEl0aEDcE7dxnFo7L2ae%2B1ZOM6gkXD%2Blz2zjOC%2F5%2FiFuq%2B2NEFrrUT78YlfWVJjpc%2F5jQSfA0L43fOsMbQuvivIKRNJR%2F63SUZGOoi8dxiJmIRaKvQ8gSlC5eDlNJyTHKEbxQ%2BIvLqwqEAcBvonUGg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 8245df5ba80f9112-FRA alt-svc h3=":443"; ma=86400 content-length 103
GET H3	200	5-2.png email-qnbfinansbank.com/promosyon/Calisan-Promosyon/_assets/img/	5 KB 5 KB	3747ms 3746ms	Image image/png	2606:4700:3034::ac43:a585 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://email-qnbfinansbank.com/promosyon/Calisan-Promosyon/_assets/img/5-2.png Requested by Host: email-qnbfinansbank.com URL: https://email-qnbfinansbank.com/promosyon/Calisan-Promosyon/magiclick.min774b.css?v=lp7gAaLo_6YF4VUNfKO6yBenV9nwLQ4_pUa-eYMHSc41 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:a585 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0d4fede774d0faf80204986235b14a75d61d8a1a03c6ffc0e9edb90622776d18 Request headers accept-language de-DE,de;q=0.9 Referer https://email-qnbfinansbank.com/promosyon/Calisan-Promosyon/magiclick.min774b.css?v=lp7gAaLo_6YF4VUNfKO6yBenV9nwLQ4_pUa-eYMHSc41 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:32:42 GMT cf-cache-status MISS last-modified Thu, 03 Nov 2022 09:07:28 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "122a-5ec8d494ed400" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nj4EzKzUL6jJAjs1oC1Qxs6oaLn1LO31D1tmX%2FZGRHzsLtO2jeCghuwshvfQ2r24HrmYbikjJ8Te3aCHiysvSGjdx0gYD9Vdoh4UST7n0h3%2Bq5j6iLclGa1YCzj%2Ff8L8E4ztYemjO9pd5oWm5Zzaa7PE74AmgQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 8245df5ba8129112-FRA alt-svc h3=":443"; ma=86400 content-length 4650
GET H3	200	icomoonf54e.woff2 email-qnbfinansbank.com/promosyon/Calisan-Promosyon/_assets/css/plugins/fonts/	11 KB 11 KB	3746ms 3746ms	Font application/octet-stream	2606:4700:3034::ac43:a585 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://email-qnbfinansbank.com/promosyon/Calisan-Promosyon/_assets/css/plugins/fonts/icomoonf54e.woff2?4txu74 Requested by Host: email-qnbfinansbank.com URL: https://email-qnbfinansbank.com/promosyon/Calisan-Promosyon/magiclick.core.min3c0d.css?v=_OTv0CI0dZ_p18f6skKAEkWhD03h0NUrFsttK1q2IMM1 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:a585 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bae381bdcdae2e6df04e106d366fb6ddd65fe8ed88bbac1a4f5055a2ff174fe9 Request headers Referer https://email-qnbfinansbank.com/promosyon/Calisan-Promosyon/magiclick.core.min3c0d.css?v=_OTv0CI0dZ_p18f6skKAEkWhD03h0NUrFsttK1q2IMM1 Origin https://email-qnbfinansbank.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:32:42 GMT cf-cache-status MISS last-modified Mon, 11 Sep 2023 10:07:38 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "2b10-605127ef80e80" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z0xiYJvy2GYCwSDVlqyYKhLZ7%2FPnXrV4LIZMvxxsrdglBLlVpOgR3vkmFPmMcMYGxGpw7Not0%2BealAJK%2FXw%2BuAGWzPCKXl7PHN%2FI1ViPYcaoqS%2BnyuXCn22moD%2Bf6%2FhLbKu4mEvriJ9rCbB6lS4x9%2BgH3UwPLA%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=14400 accept-ranges bytes cf-ray 8245df5ba8159112-FRA alt-svc h3=":443"; ma=86400 content-length 11024
GET H3	404	notifications Show response email-qnbfinansbank.com/api/	285 B 649 B	48ms 47ms	XHR text/html	2606:4700:3034::ac43:a585 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://email-qnbfinansbank.com/api/notifications Requested by Host: email-qnbfinansbank.com URL: https://email-qnbfinansbank.com/promosyon/Calisan-Promosyon/magiclick.core.min1e64.js?v=DK3aHgvtKrVFUQ5FzX8uYUaHxuhxkWjaMXexmUPjfEQ1 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:a585 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e4ae9d725b801ee7c0087d82609ae7ea0192095ebe5bdc63f971bc05d0c434b7 Request headers Accept */* X-Bone-Language TR Referer https://email-qnbfinansbank.com/promosyon/Calisan-Promosyon/promosyon.php X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:32:41 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cu2kMkJrtSAQZ%2BFx%2FHTAvAA0Vqxy7SXQqd9g0Zy64x2sEmpuuLff0RFB6JjUk9zQrcN6Q0dpMxnsG9fRYn9hDMl9UQbeMecx7qF3Da03JigN3tnyAlh3Kjvd%2FI4duZox9rgG8rBhIHICoK9LAQ%2FDy5IXlwwBqg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cf-ray 8245df6e2f699112-FRA alt-svc h3=":443"; ma=86400
POST H3	404	GetRelatedProducts Show response email-qnbfinansbank.com/api/ETransformation/	285 B 644 B	799ms 799ms	XHR text/html	2606:4700:3034::ac43:a585 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://email-qnbfinansbank.com/api/ETransformation/GetRelatedProducts Requested by Host: email-qnbfinansbank.com URL: https://email-qnbfinansbank.com/promosyon/Calisan-Promosyon/magiclick.core.min1e64.js?v=DK3aHgvtKrVFUQ5FzX8uYUaHxuhxkWjaMXexmUPjfEQ1 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:a585 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e4ae9d725b801ee7c0087d82609ae7ea0192095ebe5bdc63f971bc05d0c434b7 Request headers Accept application/json, text/javascript, */*; q=0.01 X-Bone-Language TR Referer https://email-qnbfinansbank.com/promosyon/Calisan-Promosyon/promosyon.php X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Content-Type application/json; charset=utf-8 Response headers date Sat, 11 Nov 2023 10:32:42 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PXFiLuOMDf3ATIuyDe5W793tyqGmOo3bF2fAAQNqHl%2BvrH%2FFAH0i9rY6XYcnsdYSAGck7hh4grUtWyRZpc99Weoh8rMApDfzlAI5nKjeyusumdeJLaP77z50dY6MXeR7SwJs4Cf3C3rmvH8Wa84ezbU4uqEJEA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cf-ray 8245df6e2f6e9112-FRA alt-svc h3=":443"; ma=86400
GET H3	404	GetProfessions Show response email-qnbfinansbank.com/api/eSMM/	285 B 648 B	797ms 797ms	XHR text/html	2606:4700:3034::ac43:a585 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://email-qnbfinansbank.com/api/eSMM/GetProfessions Requested by Host: email-qnbfinansbank.com URL: https://email-qnbfinansbank.com/promosyon/Calisan-Promosyon/magiclick.core.min1e64.js?v=DK3aHgvtKrVFUQ5FzX8uYUaHxuhxkWjaMXexmUPjfEQ1 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:a585 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e4ae9d725b801ee7c0087d82609ae7ea0192095ebe5bdc63f971bc05d0c434b7 Request headers Accept application/json, text/javascript, */*; q=0.01 X-Bone-Language TR Referer https://email-qnbfinansbank.com/promosyon/Calisan-Promosyon/promosyon.php X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Content-Type application/json; charset=utf-8 Response headers date Sat, 11 Nov 2023 10:32:42 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=66GxLTJUdd7wDzowZOXWx1n7ARGjTUYIYYNg6X36DuWyIWlH56qJBUz2mtAIj9TnAULSwHXGa2sd2KBaoU3XLyXwmBdlqN0iofk7%2BKLBMgFjIykoxNvFAc7NWtkMHXV9oY%2FrgUe2qlVvaBEQjYObI9m9PRystQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cf-ray 8245df6e2f709112-FRA alt-svc h3=":443"; ma=86400

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Finansbank (Banking)

99 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| dataLayer boolean| efilliPreview string| efilliBundleCompileDate object| efilliSdkConfig object| __VUE_INSTANCE_SETTERS__ object| efilliSdk string| languegeRedirectionUrl object| Browser object| ieBrowser object| touchBrowser undefined| Form object| ajaxForm undefined| dataForm boolean| validForm object| fakewaffle function| QRCode boolean| isMobile boolean| isMobileRecourse object| McUtils function| $ function| jQuery function| _ function| moment function| Waypoint function| Inputmask object| lazySizesConfig object| lazySizes function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Isotope function| Masonry object| FooTable function| RateYo function| mustLetters function| convertToBool object| langChart object| jsResources object| QNB object| McDataLayer object| site object| Modules object| url string| subpage object| Calculator object| PrivateBankingForm object| $button object| $list object| $item object| $header object| $navigation object| $searchIcon object| $searchContainer object| $searchText object| $searchButton object| $searchcloseButton object| $overlay object| $Network object| $langItem object| $headerNavMain object| $headerNavMainItem object| $headerNavMenuItem object| $headerNavMenuItemLink object| $headerNavMainItemLink object| $headerNavMainSubmenu object| languegeRedirectionLink object| $menuButton object| $mobileMenu object| $mobileMenuItem object| $mobileMenuItemLink object| $cepSubeButton object| $finansSifreButton object| mobileSearchContainer object| mobilQnbNetwork object| $mobileOnlineTransactions object| $accordion object| $content object| $reference_center object| $reference_center2 object| $big_dreams object| $campaigns object| $market_data_notice object| $market_data object| $owlCarousel object| $playpauseButton object| realtyBanner object| opt object| $pagenote object| $pagenotecontent object| $landing object| $landingItem object| $title object| _parent object| _self object| _ths

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			email-qnbfinansbank.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 0am8bbj57lgh6pql4j6ei62rb0

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://email-qnbfinansbank.com/api/notifications Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://email-qnbfinansbank.com/api/eSMM/GetProfessions Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://email-qnbfinansbank.com/api/ETransformation/GetRelatedProducts Message: Failed to load resource: the server responded with a status of 404 ()
javascript	warning	URL: https://email-qnbfinansbank.com/promosyon/Calisan-Promosyon/promosyon.php Message: The resource https://email-qnbfinansbank.com/promosyon/Calisan-Promosyon/_assets/css/plugins/fonts/icomoonf0c4.woff2?wg7531 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

email-qnbfinansbank.com
2606:4700:3032::6815:31b4
2606:4700:3034::ac43:a585
0d4fede774d0faf80204986235b14a75d61d8a1a03c6ffc0e9edb90622776d18
12b24628c516a6d519a99141c00623455c4cb1df4a1f20cae8a28371143bd772
1f79b77c59f93188451b759871002e414f6cf062e388b99ce2d2394a064a6a52
2c01fcf4c587cd936cbb0d4349b9fc88dd585023f7059ccc8264a4f10622cf7d
2df4c82b7804a0ec5bc90b1243e37e6b0d6b78609cc75f06e6290c66dd84413a
30855b1efb07ba5232aa55edc728ce9ad040644045bae1ad5549bf02d3a8d068
3c3955916e9fbe2929186cc939b9231ede8500be0a5cf45c5efda89e6e0f428c
47712b64365e397651a125a24ef5d817452f09ad9f67f15c42f8c3f85dd6ffb4
52154d8dd73368f63acf94c71e9604c9acef54ee297dcfa28eb927aa8dc96705
52564527f82abe8d02d34431b8747c87cba41bc0be51deafe1007b192e3fa9a6
74bdb29a6fb64589d561596016955d2cd273ba79ab5543aafa1550b8a499157b
835eef9674b09c5045002fd5c191afa8226d026f9f8b3cd6206e51c85f8cbc47
99958a1d9e2e1d2e06732f355b811d8a1ee458192b8ff62c2457f8eb4779d2b7
a277ce219584e78e2c2756874ef1b239e51ee0bfc555e02c6d2bd50ea1da7880
a34f7b2940d3ae39d3fd68c9de88397b68f1dffbca52bb451701ce64a34303f6
a5207c12cfe9039c247aab5e7e5f5b8299fa2be0dc0211edb49fed55c18a0c11
a5b669c1fdff76f4fc2bb71d7e0700f4f62ae16d253ae591c7b6d32db0ca8fc5
adf907ddeb031bfd5134592e8fa3571ac89490bf6ba41a8c55fc64b3f5d575e7
bae381bdcdae2e6df04e106d366fb6ddd65fe8ed88bbac1a4f5055a2ff174fe9
c39a7ea87b66dbefaad89765435427c1082647d25ae2d123594aab4ab77ac637
e4ae9d725b801ee7c0087d82609ae7ea0192095ebe5bdc63f971bc05d0c434b7
e8f2ded5d74c0ee5f427a20b6715e65bc79ed5c4fc67fb00d89005515c8efe63
f9acde326cc0a3c8ee7b2a05a31b4635eb1507b4919c6d9ebc506f38c6f20f37