qnbfins.com
Open in
urlscan Pro
2606:4700:3030::6815:3d54
Malicious Activity!
Public Scan
Effective URL: https://qnbfins.com/en/index
Submission: On January 25 via api from QA — Scanned from DE
Summary
TLS certificate: Issued by E1 on January 8th 2023. Valid for: 3 months.
This is the only time qnbfins.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Finansbank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 2606:4700:303... 2606:4700:3032::ac43:cfb3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
26 | 2606:4700:303... 2606:4700:3030::6815:3d54 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
26 | 1 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
27 |
qnbfins.com
1 redirects
qnbfins.com |
1 MB |
26 | 1 |
Domain | Requested by | |
---|---|---|
27 | qnbfins.com |
1 redirects
qnbfins.com
|
26 | 1 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.qnbfins.com E1 |
2023-01-08 - 2023-04-08 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://qnbfins.com/en/index
Frame ID: 75D2CEAE43606C9CF84C3080485A945A
Requests: 26 HTTP requests in this frame
Screenshot
Page Title
QNB Finansbank Bankacılık ve Finans HizmetleriPage URL History Show full URLs
-
http://qnbfins.com/en/index
HTTP 301
https://qnbfins.com/en/index Page URL
Detected technologies
Microsoft ASP.NET (Web Frameworks) ExpandDetected patterns
- <input[^>]+name="__VIEWSTATE
Page Statistics
35 Outgoing links
These are links going to different origins than the main page.
Title: Internet Banking
Search URL Search Domain Scan URL
Title: Digital Bridge
Search URL Search Domain Scan URL
Title: Egypt**
Search URL Search Domain Scan URL
Title: Libya*
Search URL Search Domain Scan URL
Title: Mauritania
Search URL Search Domain Scan URL
Title: South Sudan (Juba)
Search URL Search Domain Scan URL
Title: Sudan
Search URL Search Domain Scan URL
Title: Togo(Ecobank)**
Search URL Search Domain Scan URL
Title: Tunisia**
Search URL Search Domain Scan URL
Title: China**
Search URL Search Domain Scan URL
Title: Indonesia**
Search URL Search Domain Scan URL
Title: India
Search URL Search Domain Scan URL
Title: Myanmar*
Search URL Search Domain Scan URL
Title: Singapore
Search URL Search Domain Scan URL
Title: Vietnam*
Search URL Search Domain Scan URL
Title: France
Search URL Search Domain Scan URL
Title: Switzerland
Search URL Search Domain Scan URL
Title: United Kingdom
Search URL Search Domain Scan URL
Title: Qatar
Search URL Search Domain Scan URL
Title: KSA
Search URL Search Domain Scan URL
Title: Kuwait
Search URL Search Domain Scan URL
Title: Oman
Search URL Search Domain Scan URL
Title: UAE (CBI)**
Search URL Search Domain Scan URL
Title: Iran*
Search URL Search Domain Scan URL
Title: Iraq (Mansour Bank)**
Search URL Search Domain Scan URL
Title: Jordan (HBTF Bank)**
Search URL Search Domain Scan URL
Title: Lebanon
Search URL Search Domain Scan URL
Title: Syria
Search URL Search Domain Scan URL
Title: Yemen
Search URL Search Domain Scan URL
Title: Download Mobile App
Search URL Search Domain Scan URL
Title: Facebook
Search URL Search Domain Scan URL
Title: Twitter
Search URL Search Domain Scan URL
Title: Youtube
Search URL Search Domain Scan URL
Title: Instagram
Search URL Search Domain Scan URL
Title: Linkedin
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://qnbfins.com/en/index
HTTP 301
https://qnbfins.com/en/index Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
26 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
index
qnbfins.com/en/ Redirect Chain
|
53 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
355865_1_0.woff2
qnbfins.com/_assets/fonts/ |
55 KB 56 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
355865_2_0.woff2
qnbfins.com/_assets/fonts/ |
55 KB 56 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
magiclick.core.min7d9d.css
qnbfins.com/ |
204 KB 34 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
magiclick.min2aad.css
qnbfins.com/ |
324 KB 41 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
notify-icon.png
qnbfins.com/_assets/img/ |
662 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo.png
qnbfins.com/_assets/img/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
qnb-first-en.png
qnbfins.com/_assets/img/ |
66 KB 66 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
qnb-ar-en.png
qnbfins.com/_assets/img/ |
57 KB 58 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
qnb-724-en.png
qnbfins.com/_assets/img/ |
187 KB 188 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
qnb-cashloans-en.png
qnbfins.com/_assets/img/ |
172 KB 173 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
gorsel2-d7cf3cb7-0d01-45de-8265-d5b9127c4e6f.png_%3bname%3ding%20kurumsal
qnbfins.com/medium/ |
123 KB 124 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
transparent.png
qnbfins.com/_assets/img/ |
95 B 621 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
magiclick.core.minbdbd.js
qnbfins.com/ |
677 KB 206 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
magiclick.en.minb4f1.js
qnbfins.com/ |
95 KB 26 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
loanpayment.min.js
qnbfins.com/ |
12 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
print.css
qnbfins.com/_assets/css/ |
6 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
header_belt.png
qnbfins.com/_assets/img/ |
27 KB 27 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
dotted-border.png
qnbfins.com/_assets/img/ |
103 B 627 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
5-1-en.png
qnbfins.com/_assets/img/ |
41 KB 42 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
5-2-en.png
qnbfins.com/_assets/img/ |
18 KB 18 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
icomoonf0c4.woff2
qnbfins.com/_assets/css/plugins/fonts/ |
10 KB 10 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
transparent.png
qnbfins.com/_assets/img/ |
95 B 617 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Banner-SecondImage-333-webp.vsf
qnbfins.com/medium/ |
0 473 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
notifications
qnbfins.com/api/ |
0 476 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
GetBistEndexDataResponse
qnbfins.com/api/LoanCalculators/ |
0 473 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Finansbank (Banking)93 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontentvisibilityautostatechange string| languegeRedirectionUrl object| Browser object| ieBrowser object| touchBrowser undefined| Form object| ajaxForm undefined| dataForm boolean| validForm object| fakewaffle boolean| isMobile boolean| isMobileRecourse object| McUtils function| $ function| jQuery function| _ function| moment function| Waypoint function| Inputmask object| lazySizesConfig object| lazySizes function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Isotope function| Masonry object| FooTable function| RateYo function| mustLetters object| langChart object| jsResources object| QNB object| McDataLayer object| site object| Modules object| Calculator object| CalculatorLoanPayment object| $button object| $list object| $item object| $header object| $navigation object| $searchIcon object| $searchContainer object| $searchText object| $searchButton object| $searchcloseButton object| $overlay object| $Network object| $langItem object| $headerNavMain object| $headerNavMainItem object| $headerNavMenuItem object| $headerNavMenuItemLink object| $headerNavMainItemLink object| $headerNavMainSubmenu object| languegeRedirectionLink object| $menuButton object| $mobileMenu object| $mobileMenuItem object| $mobileMenuItemLink object| $cepSubeButton object| $finansSifreButton object| mobileSearchContainer object| mobilQnbNetwork object| $accordion object| $content object| $banner object| $cost_button object| $costClose_button object| opt string| currentTabIndex string| storedTabIndex object| el object| $reference_center object| $reference_center2 object| $big_dreams object| $campaigns object| $market_data_notice object| $market_data object| $owlCarousel object| $playpauseButton object| realtyBanner object| $pagenote object| $pagenotecontent object| $landing object| $landingItem object| $title object| _parent object| _self0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
qnbfins.com
2606:4700:3030::6815:3d54
2606:4700:3032::ac43:cfb3
0a88dfccd371b667dba8ad94444cd4c5768d580b105735ce3fe6d2477b9fcf6f
12b24628c516a6d519a99141c00623455c4cb1df4a1f20cae8a28371143bd772
1f79b77c59f93188451b759871002e414f6cf062e388b99ce2d2394a064a6a52
26ad2d01d0fb0fde0fb637fe930da758e75a83515adc009af8684b3c5edab0c5
2c01fcf4c587cd936cbb0d4349b9fc88dd585023f7059ccc8264a4f10622cf7d
39657d8581b3a98c67209ca13a94571529589ffbe9988d11d2357406f3ff801f
3a7a8b35280b6af64a53aefa5e5f0fcc3736c56172d1d28b43ccee531e81623a
3c3955916e9fbe2929186cc939b9231ede8500be0a5cf45c5efda89e6e0f428c
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
49047429760049f71d97555d6a046d3316131060ca490ad3d7ef51c82efe439d
4c303aaae539b4e146fa9bedaa63ed30b06b74c53df3ced2edff4ef666753c65
52154d8dd73368f63acf94c71e9604c9acef54ee297dcfa28eb927aa8dc96705
5ef0f4edaca62af880b59afd709162491cad859b9b39d707624808d25a182849
6679292714add382a6713839b07a6d5362401b5a2c4fc54df1f3d8b424a5d227
764260de1f63e63e1ca6a1c4cc0849985fc75dfb1393776fda9fecf514ad7916
b8072d9a39ae48be03959d8b97374e12ce25be1496880ffa1bbf9c0ab9f04f0b
bd7373bf622701e84594c5d816c15d27473ac2f9e01421a7c74921870536d3d6
be195649067631c77b0afcc223840ab3959f54e6a634ae4a39dfdfcc2d355cd1
e1d94035b1e4852ae3a0889323e643a114127b5c9829d69cff86b2d95eb5b22b
e33add073b4f58f3fed31b745d6c4d23857c0bd80ee04046d7adb68949cdb871
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9c0ab3f9fbc4e00692193ed590463b6ee191247b901e445dcbd396f2d2f5b95
f9acde326cc0a3c8ee7b2a05a31b4635eb1507b4919c6d9ebc506f38c6f20f37