qnbfins.com Open in urlscan Pro
2606:4700:3030::6815:3d54 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://qnbfins.com/en/index
Effective URL:
https://qnbfins.com/en/index
Submission: On January 25 via api (January 25th 2023, 2:21:02 pm UTC) from QA — Scanned from DE

Summary HTTP 26 Redirects Links 35 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 26 HTTP transactions. The main IP is 2606:4700:3030::6815:3d54, located in United States and belongs to CLOUDFLARENET, US. The main domain is qnbfins.com.
TLS certificate: Issued by E1 on January 8th 2023. Valid for: 3 months.

This is the only time qnbfins.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Finansbank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3032::ac43:cfb3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
26	2606:4700:303... 2606:4700:3030::6815:3d54	13335 (CLOUDFLAR...) (CLOUDFLARENET)
26	1

1 2606:4700:3032::ac43:cfb3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

qnbfins.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2606:4700:3030::6815:3d54 (United States)

ASN13335 (CLOUDFLARENET, US)

qnbfins.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	qnbfins.com 1 redirects qnbfins.com	1 MB
26	1

	Domain	Requested by
27	qnbfins.com	1 redirects qnbfins.com
26	1

This site contains links to these domains. Also see Links.

Domain
internetsubesi.qnbfins.com
www.qnbalahli.com
www.bcd.ly
www.qnb.com
ecobank.com
www.qnb.com.tn
qnb.co.id
www.cbiuae.com
www.mansourbank.com
www.hbtf.com
app.adjust.com
www.facebook.com
twitter.com
www.youtube.com
www.instagram.com
www.linkedin.com

Subject Issuer	Validity	Valid
*.qnbfins.com E1	`2023-01-08` - `2023-04-08`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://qnbfins.com/en/index
Frame ID: 75D2CEAE43606C9CF84C3080485A945A
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

QNB Finansbank Bankacılık ve Finans Hizmetleri

Page URL History Show full URLs

http://qnbfins.com/en/index HTTP 301
https://qnbfins.com/en/index Page URL

Detected technologies

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<input[^>]+name="__VIEWSTATE

Page Statistics

26
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

1153 kB
Transfer

2191 kB
Size

0
Cookies

35 Outgoing links

These are links going to different origins than the main page.

URL: https://internetsubesi.qnbfins.com/Login/LoginPage?lang=EN
Title: Internet Banking

Search URL Search Domain Scan URL

URL: https://internetsubesi.qnbfins.com/Login/LoginPage?FromDK=true
Title: Digital Bridge

Search URL Search Domain Scan URL

URL: https://www.qnbalahli.com/sites/qnb/qnbegypt/page/en/en-home
Title: Egypt**

Search URL Search Domain Scan URL

URL: http://www.bcd.ly/
Title: Libya*

Search URL Search Domain Scan URL

URL: https://www.qnb.com/sites/qnb/qnbmauritania/page/en/en-home
Title: Mauritania

Search URL Search Domain Scan URL

URL: https://www.qnb.com/sites/qnb/qnbsouthsudan/page/en/en-home
Title: South Sudan (Juba)

Search URL Search Domain Scan URL

URL: https://www.qnb.com/sites/qnb/qnbsudan/page/en/en-home
Title: Sudan

Search URL Search Domain Scan URL

URL: http://ecobank.com/group/
Title: Togo(Ecobank)**

Search URL Search Domain Scan URL

URL: https://www.qnb.com.tn/en/
Title: Tunisia**

Search URL Search Domain Scan URL

URL: https://www.qnb.com/sites/qnb/qnbchina/page/en/en-home
Title: China**

Search URL Search Domain Scan URL

URL: http://qnb.co.id/
Title: Indonesia**

Search URL Search Domain Scan URL

URL: https://www.qnb.com/sites/qnb/qnbindia/page/en/en-home
Title: India

Search URL Search Domain Scan URL

URL: https://www.qnb.com/sites/qnb/qnbmyanmar/page/en/en-home
Title: Myanmar*

Search URL Search Domain Scan URL

URL: https://www.qnb.com/sites/qnb/qnbsingapore/page/en/en-home
Title: Singapore

Search URL Search Domain Scan URL

URL: https://www.qnb.com/sites/qnb/qnbvietnam/page/en/en-home
Title: Vietnam*

Search URL Search Domain Scan URL

URL: https://www.qnb.com/sites/qnb/qnbfrance/page/en/en-home
Title: France

Search URL Search Domain Scan URL

URL: https://www.qnb.com/sites/qnb/qnbswitzerland/page/en/en-home
Title: Switzerland

Search URL Search Domain Scan URL

URL: https://www.qnb.com/sites/qnb/qnbunitedkingdom/page/en/en-home
Title: United Kingdom

Search URL Search Domain Scan URL

URL: https://www.qnb.com/cs/Satellite/QNBQatar/en_QA/enHome
Title: Qatar

Search URL Search Domain Scan URL

URL: https://www.qnb.com/sites/qnb/qnbksa/page/en/en-home
Title: KSA

Search URL Search Domain Scan URL

URL: https://www.qnb.com/sites/qnb/qnbkuwait/page/en/en-home
Title: Kuwait

Search URL Search Domain Scan URL

URL: https://www.qnb.com/sites/qnb/qnboman/page/en/en-home
Title: Oman

Search URL Search Domain Scan URL

URL: http://www.cbiuae.com/
Title: UAE (CBI)**

Search URL Search Domain Scan URL

URL: https://www.qnb.com/sites/qnb/qnbiran/page/en/en-home
Title: Iran*

Search URL Search Domain Scan URL

URL: http://www.mansourbank.com/
Title: Iraq (Mansour Bank)**

Search URL Search Domain Scan URL

URL: https://www.hbtf.com/en/pages/default
Title: Jordan (HBTF Bank)**

Search URL Search Domain Scan URL

URL: https://www.qnb.com/sites/qnb/qnblebanon/page/en/en-home
Title: Lebanon

Search URL Search Domain Scan URL

URL: https://www.qnb.com/sites/qnb/qnbsyria/page/ar/ar-home
Title: Syria

Search URL Search Domain Scan URL

URL: https://www.qnb.com/sites/qnb/qnbyemen/page/ar/ar-home
Title: Yemen

Search URL Search Domain Scan URL

URL: https://app.adjust.com/28nr4k3_83adz83?fallback=http://www.qnbfins.com.tr/cp&ref=adjust
Title: Download Mobile App

Search URL Search Domain Scan URL

URL: https://www.facebook.com/qnbfinansbank
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/qnbfinansbank
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/qnbfinansbank
Title: Youtube

Search URL Search Domain Scan URL

URL: https://www.instagram.com/qnbfinansbank/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/qnb-finansbank/
Title: Linkedin

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://qnbfins.com/en/index HTTP 301
https://qnbfins.com/en/index Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request index Show response qnbfins.com/en/ Redirect Chain http://qnbfins.com/en/index https://qnbfins.com/en/index	53 KB 9 KB	105ms 81ms	Document text/html	2606:4700:3030::6815:3d54 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://qnbfins.com/en/index Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:3d54 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.33 Resource Hash `b8072d9a39ae48be03959d8b97374e12ce25be1496880ffa1bbf9c0ab9f04f0b` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 78f1a70b9bc69220-FRA content-encoding br content-type text/html; charset=UTF-8 date Wed, 25 Jan 2023 14:20:57 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P70R3NrnlVvsfKGt31TwzQJgwPh8Be6n1vlwJ2uaQszz8v%2BVj5tmXYsxLjoDJNBbLJbHay8NE31Biw49LaO921kFZyG15IJLwRMOTLKkJRPSXgT4Jj5WSPJuvmTsQAZKWJnfmRrrrwVP9Q%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-powered-by PHP/7.4.33 x-turbo-charged-by LiteSpeed Redirect headers CF-Cache-Status DYNAMIC CF-RAY 78f1a70acf995b92-FRA Connection keep-alive Content-Type text/html Date Wed, 25 Jan 2023 14:20:57 GMT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a%2FKSVP5HFwjw2N7Ed6q%2BAA0ihwJGuhppFY3HoH7VOO0OPgpfdns1QcR1f8qyH2XRQpvjHp6B5kOUgQ0s7CY71C9TF53P%2F6NIVTYaXOqHTbgSPWJmDdBZU6sKNz73G%2FF7jbvFHhju3uCsUg%3D%3D"}],"group":"cf-nel","max_age":604800} Server cloudflare Transfer-Encoding chunked alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 location https://qnbfins.com/en/index x-turbo-charged-by LiteSpeed
GET H2	200	355865_1_0.woff2 qnbfins.com/_assets/fonts/	55 KB 56 KB	18ms 16ms	Font font/woff2	2606:4700:3030::6815:3d54 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://qnbfins.com/_assets/fonts/355865_1_0.woff2 Requested by Host: qnbfins.com URL: https://qnbfins.com/en/index Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:3d54 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `1f79b77c59f93188451b759871002e414f6cf062e388b99ce2d2394a064a6a52` Request headers Referer https://qnbfins.com/en/index Origin https://qnbfins.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Wed, 25 Jan 2023 14:20:57 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 7207 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 56802 last-modified Wed, 08 Aug 2018 16:52:08 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B2fFAQqBfSgsyRL49Ct4zL8NT%2FzJPrHelMGy%2F2Spo4u5inhNyedK8ho3BDt32Ohgv4PyyyQeBFhdZLJtyAnGYrdcdfE6SM%2FiRIlldMCupAvJktJ4iYOSYN%2Fn79RU8o2xUG9J8dcvTU%2F1NA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 78f1a70c4cd69220-FRA expires Wed, 01 Feb 2023 12:20:50 GMT
GET H2	200	355865_2_0.woff2 qnbfins.com/_assets/fonts/	55 KB 56 KB	26ms 25ms	Font font/woff2	2606:4700:3030::6815:3d54 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://qnbfins.com/_assets/fonts/355865_2_0.woff2 Requested by Host: qnbfins.com URL: https://qnbfins.com/en/index Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:3d54 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f9acde326cc0a3c8ee7b2a05a31b4635eb1507b4919c6d9ebc506f38c6f20f37` Request headers Referer https://qnbfins.com/en/index Origin https://qnbfins.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Wed, 25 Jan 2023 14:20:57 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 7207 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 56517 last-modified Wed, 08 Aug 2018 16:52:08 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qEQc63bS1tD7sDumAxMPJYwBXFaZTELaLfGpQP0Z6F4EHNvNqpwjNjrES71%2FAmLK181pLE%2FwgAfmoBEMallKStMLJLlzZ2dWieD4FRzwx%2FYjCWy5N6FjX1%2FNrt%2Ff64MbVnBmqZfMj8kMcQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 78f1a70c4cd99220-FRA expires Wed, 01 Feb 2023 12:20:50 GMT
GET H2	200	magiclick.core.min7d9d.css qnbfins.com/	204 KB 34 KB	26ms 25ms	Stylesheet text/css	2606:4700:3030::6815:3d54 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://qnbfins.com/magiclick.core.min7d9d.css?v=CGVbMfPF8OvrF6AjVTGmwHyBjxyTBpk68fiIBz5TZ1Y1 Requested by Host: qnbfins.com URL: https://qnbfins.com/en/index Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:3d54 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `49047429760049f71d97555d6a046d3316131060ca490ad3d7ef51c82efe439d` Request headers accept-language de-DE,de;q=0.9 Referer https://qnbfins.com/en/index User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Wed, 25 Jan 2023 14:20:57 GMT content-encoding br cf-cache-status HIT last-modified Sun, 15 Nov 2020 10:42:46 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 7207 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QGJMb5EWvtL5C0%2FztpZ30DAx301sjQz2Ou%2B8RhSgBL1%2FiUTWE99W2uaCzQXn7UHdiFqDy0iqVKdCcaLd0jw9c04qhs%2BlkwTilBN2m1YsOY14Gys7qobjuUd7a75V8zG0nnOEIVikVRmhtw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed cf-ray 78f1a70c4cda9220-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Wed, 01 Feb 2023 12:20:50 GMT
GET H2	200	magiclick.min2aad.css qnbfins.com/	324 KB 41 KB	32ms 32ms	Stylesheet text/css	2606:4700:3030::6815:3d54 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://qnbfins.com/magiclick.min2aad.css?v=wHb5NBG5-10W6awibgPNlwchV9JF0sfd1_1NLPnHu3E1 Requested by Host: qnbfins.com URL: https://qnbfins.com/en/index Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:3d54 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `6679292714add382a6713839b07a6d5362401b5a2c4fc54df1f3d8b424a5d227` Request headers accept-language de-DE,de;q=0.9 Referer https://qnbfins.com/en/index User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Wed, 25 Jan 2023 14:20:57 GMT content-encoding br cf-cache-status HIT last-modified Sun, 15 Nov 2020 10:58:44 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 7207 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7ZPp9HgCcf6qERcFhwhgP7mYKFfpOM2o3dJSiHqNwz0ZxjL8X2LEDU0ywAVqGS%2Bf13mKdOYdna5gVXhyz%2BpJn51Cvnt%2Fdy1FOd27fSS2lfQuNqRucdaPTOO8W9Sx1u3KJF2rAiZw59Xcvw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed cf-ray 78f1a70c4cdd9220-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Wed, 01 Feb 2023 12:20:50 GMT
GET H3	200	notify-icon.png qnbfins.com/_assets/img/	662 B 1 KB	92ms 89ms	Image image/png	2606:4700:3030::6815:3d54 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://qnbfins.com/_assets/img/notify-icon.png Requested by Host: qnbfins.com URL: https://qnbfins.com/en/index Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:3d54 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `12b24628c516a6d519a99141c00623455c4cb1df4a1f20cae8a28371143bd772` Request headers accept-language de-DE,de;q=0.9 Referer https://qnbfins.com/en/index User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Wed, 25 Jan 2023 14:20:57 GMT cf-cache-status MISS last-modified Wed, 08 Aug 2018 16:52:08 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hcy1BSTJjpp7n5i7qtCQqyhkofahmxAdPdMTi%2FwWXClm0MhhCIUuQYkbaxXdolRV3B54fayiAecbHQYW65rKXmB9UqzwjxDBeB5UfBkVIBjrud8YmwFfHvyvga1OOi7PFWj2u%2BKpl5E4iQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 78f1a70cdb969188-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 662 expires Wed, 01 Feb 2023 14:20:57 GMT
GET H3	200	logo.png qnbfins.com/_assets/img/	8 KB 8 KB	93ms 89ms	Image image/png	2606:4700:3030::6815:3d54 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://qnbfins.com/_assets/img/logo.png Requested by Host: qnbfins.com URL: https://qnbfins.com/en/index Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:3d54 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `2c01fcf4c587cd936cbb0d4349b9fc88dd585023f7059ccc8264a4f10622cf7d` Request headers accept-language de-DE,de;q=0.9 Referer https://qnbfins.com/en/index User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Wed, 25 Jan 2023 14:20:57 GMT cf-cache-status MISS last-modified Wed, 08 Aug 2018 16:52:08 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cDvZRQAMjW6A0DUuPy9lYNdOjIsrctft54V%2BiP8J4VgDw7TIvSPp6wZ5hWqCOlABUrF5j9%2BRtAPtmoUpor5k%2FQwpP2Pk5cVAQa2SRB2%2FHwboMQWVhrnw8SvIhkemQTVZ7Q3Xu5mdWVC0LQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 78f1a70cdb999188-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 7954 expires Wed, 01 Feb 2023 14:20:57 GMT
GET H3	200	qnb-first-en.png qnbfins.com/_assets/img/	66 KB 66 KB	130ms 126ms	Image image/png	2606:4700:3030::6815:3d54 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://qnbfins.com/_assets/img/qnb-first-en.png Requested by Host: qnbfins.com URL: https://qnbfins.com/en/index Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:3d54 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `764260de1f63e63e1ca6a1c4cc0849985fc75dfb1393776fda9fecf514ad7916` Request headers accept-language de-DE,de;q=0.9 Referer https://qnbfins.com/en/index User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Wed, 25 Jan 2023 14:20:57 GMT cf-cache-status MISS last-modified Wed, 15 Jan 2020 14:42:58 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w8jEkG2OQbKje3%2FM%2BVOmZaS%2FnDlFZLTLqMmFRu5GrtXIMfAzeMgveZ%2FLQpY6LeHG9mwLL2WPpOi%2BUHv4YAazdLuAia495jjy2yPgDzF7%2FyvlRR3umWp0ayr7Y79Cnwx8Mm1if5%2FuMx%2BCQw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 78f1a70cdb9a9188-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 67479 expires Wed, 01 Feb 2023 14:20:57 GMT
GET H3	200	qnb-ar-en.png qnbfins.com/_assets/img/	57 KB 58 KB	156ms 153ms	Image image/png	2606:4700:3030::6815:3d54 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://qnbfins.com/_assets/img/qnb-ar-en.png Requested by Host: qnbfins.com URL: https://qnbfins.com/en/index Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:3d54 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `bd7373bf622701e84594c5d816c15d27473ac2f9e01421a7c74921870536d3d6` Request headers accept-language de-DE,de;q=0.9 Referer https://qnbfins.com/en/index User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Wed, 25 Jan 2023 14:20:57 GMT cf-cache-status MISS last-modified Mon, 03 Feb 2020 17:28:04 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZPQRBkE8pB8Yifcmw0CDd6m6ydjlqFQCzLA6elfNp6scDIASdYAl2dFGXMbhu0DU6zUtaTCQkPprdcRx%2BbJ5%2FB1WWTHzg1HPa3au58fP9nyo6cGZ1COShAomB8eIXiizSJUYGvjggZsFmg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 78f1a70cdb9e9188-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 58849 expires Wed, 01 Feb 2023 14:20:57 GMT
GET H3	200	qnb-724-en.png qnbfins.com/_assets/img/	187 KB 188 KB	158ms 155ms	Image image/png	2606:4700:3030::6815:3d54 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://qnbfins.com/_assets/img/qnb-724-en.png Requested by Host: qnbfins.com URL: https://qnbfins.com/en/index Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:3d54 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `5ef0f4edaca62af880b59afd709162491cad859b9b39d707624808d25a182849` Request headers accept-language de-DE,de;q=0.9 Referer https://qnbfins.com/en/index User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Wed, 25 Jan 2023 14:20:57 GMT cf-cache-status MISS last-modified Wed, 15 Jan 2020 14:42:58 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Om1IAHAZ9xRalTofnJO536Sa70VoK7DH4Du2nO2iloaP7YPcDBdlZOvWRxqGbwr79yUeZQw8LEre8jpARWxlJKPlg2zlYKJn7NdeC3Tq0oDe6K11%2F6ieaNDKeo47suZT160xlSYWfLSG5w%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 78f1a70cdb9f9188-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 191509 expires Wed, 01 Feb 2023 14:20:57 GMT
GET H3	200	qnb-cashloans-en.png qnbfins.com/_assets/img/	172 KB 173 KB	132ms 130ms	Image image/png	2606:4700:3030::6815:3d54 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://qnbfins.com/_assets/img/qnb-cashloans-en.png Requested by Host: qnbfins.com URL: https://qnbfins.com/en/index Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:3d54 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `be195649067631c77b0afcc223840ab3959f54e6a634ae4a39dfdfcc2d355cd1` Request headers accept-language de-DE,de;q=0.9 Referer https://qnbfins.com/en/index User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Wed, 25 Jan 2023 14:20:57 GMT cf-cache-status MISS last-modified Wed, 15 Jan 2020 14:42:58 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MSP1Yt7V0pS9XQGoNlPSCejTt%2BzWrpRC59bHoDUHVzDrAyNSNqVxOJk7E4UJCIkHy7KdsrczgKDIV%2F4hKeE8HKw1EvSm%2FYh0%2FhMMgfVPDcT5AxUIFI7gCMDmL4QWpH%2B14GOZTltqRevLeA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 78f1a70cdba39188-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 176222 expires Wed, 01 Feb 2023 14:20:57 GMT
GET H3	200	gorsel2-d7cf3cb7-0d01-45de-8265-d5b9127c4e6f.png_%3bname%3ding%20kurumsal qnbfins.com/medium/	123 KB 124 KB	84ms 82ms	Image image/png	2606:4700:3030::6815:3d54 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://qnbfins.com/medium/gorsel2-d7cf3cb7-0d01-45de-8265-d5b9127c4e6f.png_%3bname%3ding%20kurumsal Requested by Host: qnbfins.com URL: https://qnbfins.com/en/index Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:3d54 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `4c303aaae539b4e146fa9bedaa63ed30b06b74c53df3ced2edff4ef666753c65` Request headers accept-language de-DE,de;q=0.9 Referer https://qnbfins.com/en/index User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Wed, 25 Jan 2023 14:20:57 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} last-modified Thu, 12 Nov 2020 22:00:00 GMT server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ke3GysO3eAw%2BkNe2Utp5H1lRC%2BXEoiOfOjVsmLyYSH%2FlhRLrREsGg2JEWmYx0%2FqFMJ%2F8j%2FTRm1we8z5GwciKccQeEOJJVl9ZrrttmyEahcu0VWspZtzC0nQdVD6ZPI02QkeFUZs7HIeuZQ%3D%3D"}],"group":"cf-nel","max_age":604800} x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 78f1a70cdba49188-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 126131
GET H3	200	transparent.png qnbfins.com/_assets/img/	95 B 621 B	78ms 77ms	Image image/png	2606:4700:3030::6815:3d54 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://qnbfins.com/_assets/img/transparent.png Requested by Host: qnbfins.com URL: https://qnbfins.com/en/index Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:3d54 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517` Request headers accept-language de-DE,de;q=0.9 Referer https://qnbfins.com/en/index User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Wed, 25 Jan 2023 14:20:57 GMT cf-cache-status MISS last-modified Mon, 10 Dec 2018 16:31:46 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8aZT3pGl1TWyQOgcCXN4xKcVh%2F9dPAnoVo778uN6UfaQV0w5dubB1lAUtoFm9HhM%2Bnko%2F6nTcGBwTNwNLy%2FDKojvZAyUEkJhuyfGEXh47Xgpv5h%2F8H68iLmbKKjqFMnSabIOcwdCBlSK%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 78f1a70cdba69188-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 95 expires Wed, 01 Feb 2023 14:20:57 GMT
GET H3	200	magiclick.core.minbdbd.js Show response qnbfins.com/	677 KB 206 KB	169ms 169ms	Script application/javascript	2606:4700:3030::6815:3d54 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://qnbfins.com/magiclick.core.minbdbd.js?v=1o07vJq2xSXdy3pOGb78H_Xprt8AC82V5pdXORlDbmk1 Requested by Host: qnbfins.com URL: https://qnbfins.com/en/index Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:3d54 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0a88dfccd371b667dba8ad94444cd4c5768d580b105735ce3fe6d2477b9fcf6f` Request headers accept-language de-DE,de;q=0.9 Referer https://qnbfins.com/en/index User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Wed, 25 Jan 2023 14:20:57 GMT content-encoding br cf-cache-status MISS last-modified Sun, 15 Nov 2020 10:58:20 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6HbAPmMXu%2BooqjZMvAshkuMXYlbv%2B3jWbz%2F0AyHC57VI1Klp6LcG277xQRHpAV3psGPZH%2FZbnhNPYzNxcbFtngx2OQccxv8jwutKTxIpyCmGYeQ%2FTTUPChbL0V2t7OPgyoBlTiz22dYRpg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed cf-ray 78f1a70c9b109188-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Wed, 01 Feb 2023 14:20:57 GMT
GET H3	200	magiclick.en.minb4f1.js Show response qnbfins.com/	95 KB 26 KB	93ms 92ms	Script application/javascript	2606:4700:3030::6815:3d54 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://qnbfins.com/magiclick.en.minb4f1.js?v=lRy5pUsBRxRyFn95-GR9XKZ2pvhpVnsS1gPMMVeFC5s1 Requested by Host: qnbfins.com URL: https://qnbfins.com/en/index Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:3d54 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `3a7a8b35280b6af64a53aefa5e5f0fcc3736c56172d1d28b43ccee531e81623a` Request headers accept-language de-DE,de;q=0.9 Referer https://qnbfins.com/en/index User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Wed, 25 Jan 2023 14:20:57 GMT content-encoding br cf-cache-status MISS last-modified Wed, 25 Jan 2023 10:39:24 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pe%2FW6kfHSt0jIU7dXgIOs6Mx%2Fib9zkzKiE0zchP5nRsN92Z8ypd9ZSB4zPncrmYp3HORbAwT3yPdMgrYMcWSVjWp7r7jgmS5BekMcIzGaIwWEBlQOG7mLEinVJNu0XiXqKUffdbdNJTDmg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed cf-ray 78f1a70cab139188-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Wed, 01 Feb 2023 14:20:57 GMT
GET H3	200	loanpayment.min.js Show response qnbfins.com/	12 KB 4 KB	83ms 82ms	Script application/javascript	2606:4700:3030::6815:3d54 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://qnbfins.com/loanpayment.min.js Requested by Host: qnbfins.com URL: https://qnbfins.com/en/index Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:3d54 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e33add073b4f58f3fed31b745d6c4d23857c0bd80ee04046d7adb68949cdb871` Request headers accept-language de-DE,de;q=0.9 Referer https://qnbfins.com/en/index User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Wed, 25 Jan 2023 14:20:57 GMT content-encoding br cf-cache-status MISS last-modified Wed, 25 Jan 2023 10:31:42 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9wH%2F%2FPmgEBCZb2jhkiPN07uYntWc4%2FfSYDoWv4pvVhWOcUETFIzKaNoBDhuJW8HZAcPBTHJWF3CcCTsDH47DrelHfP%2B2Oza5FoeKYY0pDdOCbF4jd9W3YsRJGMR7%2BB7zcHPwQGF0SDrJ%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed cf-ray 78f1a70ccb859188-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Wed, 01 Feb 2023 14:20:57 GMT
GET H3	200	print.css qnbfins.com/_assets/css/	6 KB 3 KB	93ms 92ms	Stylesheet text/css	2606:4700:3030::6815:3d54 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://qnbfins.com/_assets/css/print.css Requested by Host: qnbfins.com URL: https://qnbfins.com/en/index Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:3d54 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `3c3955916e9fbe2929186cc939b9231ede8500be0a5cf45c5efda89e6e0f428c` Request headers accept-language de-DE,de;q=0.9 Referer https://qnbfins.com/en/index User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Wed, 25 Jan 2023 14:20:57 GMT content-encoding br cf-cache-status MISS last-modified Wed, 08 Aug 2018 16:52:06 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S0kDpw6JBWmSApEsK9SeSWUiL%2Bg890mlEbexrTePWA2vOd%2BJNTtVuVW2NVnsBWThRJGTpWeaUHAxy4vcrvY%2F7Yk8kb5Fx2AbWQCIA9FwhBindI679bvGmSqaUHhg%2F4aRCe4ocEz5JWYDCA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed cf-ray 78f1a70cdba89188-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Wed, 01 Feb 2023 14:20:57 GMT
GET H3	200	header_belt.png qnbfins.com/_assets/img/	27 KB 27 KB	97ms 96ms	Image image/png	2606:4700:3030::6815:3d54 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://qnbfins.com/_assets/img/header_belt.png Requested by Host: qnbfins.com URL: https://qnbfins.com/magiclick.min2aad.css?v=wHb5NBG5-10W6awibgPNlwchV9JF0sfd1_1NLPnHu3E1 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:3d54 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `39657d8581b3a98c67209ca13a94571529589ffbe9988d11d2357406f3ff801f` Request headers accept-language de-DE,de;q=0.9 Referer https://qnbfins.com/magiclick.min2aad.css?v=wHb5NBG5-10W6awibgPNlwchV9JF0sfd1_1NLPnHu3E1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Wed, 25 Jan 2023 14:20:57 GMT cf-cache-status MISS last-modified Wed, 08 Aug 2018 16:52:08 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uuP4o5ClU8VFgF6BZtevXmab8bybRcGyfpNekKRGTV7X7G2tTM%2FKKg9T%2B3ghd39j5BHUpA%2F44sp9bJBDuYlB94pN5%2Bl0rZJ8pPQ4o2y2P%2Fse3bUnCI8fn76v5l%2FamEvZ2OPnPxcT9IqLrg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 78f1a70cebdf9188-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 27617 expires Wed, 01 Feb 2023 14:20:57 GMT
GET H3	200	dotted-border.png qnbfins.com/_assets/img/	103 B 627 B	81ms 80ms	Image image/png	2606:4700:3030::6815:3d54 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://qnbfins.com/_assets/img/dotted-border.png Requested by Host: qnbfins.com URL: https://qnbfins.com/magiclick.min2aad.css?v=wHb5NBG5-10W6awibgPNlwchV9JF0sfd1_1NLPnHu3E1 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:3d54 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `52154d8dd73368f63acf94c71e9604c9acef54ee297dcfa28eb927aa8dc96705` Request headers accept-language de-DE,de;q=0.9 Referer https://qnbfins.com/magiclick.min2aad.css?v=wHb5NBG5-10W6awibgPNlwchV9JF0sfd1_1NLPnHu3E1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Wed, 25 Jan 2023 14:20:57 GMT cf-cache-status MISS last-modified Wed, 08 Aug 2018 16:52:08 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4iGdcZ08I%2B5QzzWw%2B75GE%2Fif2bvt%2FQVnGuYp2ZSqFvNhBtbyl767bpQ6Lvxybq24fwp4QoAfove%2FeDYb2WAGckoIATMt8X7yTX2vs2gXvl9aAv9Vh4m6sn%2FoVk7gwef2qqfXGkghgquYoQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 78f1a70cebe29188-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 103 expires Wed, 01 Feb 2023 14:20:57 GMT
GET H3	200	5-1-en.png qnbfins.com/_assets/img/	41 KB 42 KB	151ms 151ms	Image image/png	2606:4700:3030::6815:3d54 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://qnbfins.com/_assets/img/5-1-en.png Requested by Host: qnbfins.com URL: https://qnbfins.com/magiclick.min2aad.css?v=wHb5NBG5-10W6awibgPNlwchV9JF0sfd1_1NLPnHu3E1 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:3d54 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e1d94035b1e4852ae3a0889323e643a114127b5c9829d69cff86b2d95eb5b22b` Request headers accept-language de-DE,de;q=0.9 Referer https://qnbfins.com/magiclick.min2aad.css?v=wHb5NBG5-10W6awibgPNlwchV9JF0sfd1_1NLPnHu3E1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Wed, 25 Jan 2023 14:20:57 GMT cf-cache-status MISS last-modified Thu, 08 Nov 2018 19:06:28 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JC5t%2B%2FSTyk5ImqcAM8o97qoJfyxhzCw1Rah6D1L6TA9YvMEVNK6FoFlf%2Fxh9tEqMdSM0YaqPb%2Fw4FEhuRYx9vO3dkmYdoP4PEWhJbIAA4u5DJp9kwKkQ9IJ9LcVd%2FUEbFDI4p3UOw%2FA87w%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 78f1a70cfbe89188-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 42186 expires Wed, 01 Feb 2023 14:20:57 GMT
GET H3	200	5-2-en.png qnbfins.com/_assets/img/	18 KB 18 KB	100ms 100ms	Image image/png	2606:4700:3030::6815:3d54 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://qnbfins.com/_assets/img/5-2-en.png Requested by Host: qnbfins.com URL: https://qnbfins.com/magiclick.min2aad.css?v=wHb5NBG5-10W6awibgPNlwchV9JF0sfd1_1NLPnHu3E1 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:3d54 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `26ad2d01d0fb0fde0fb637fe930da758e75a83515adc009af8684b3c5edab0c5` Request headers accept-language de-DE,de;q=0.9 Referer https://qnbfins.com/magiclick.min2aad.css?v=wHb5NBG5-10W6awibgPNlwchV9JF0sfd1_1NLPnHu3E1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Wed, 25 Jan 2023 14:20:57 GMT cf-cache-status MISS last-modified Thu, 08 Nov 2018 19:06:28 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FNZz1V7VNIvkyKcgMH0RBG0rYCji73QlXj9fRkMhXQRjb8OemR2s7o14KJFZN666FH74I3lQ8STAv894jgRt2GqfI6lIGu7grAR1ZjpHjwEBHK6TX5t7MMI0%2B5eSM59zBNdg62WH7VH91w%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 78f1a70cfbeb9188-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 18380 expires Wed, 01 Feb 2023 14:20:57 GMT
GET H3	200	icomoonf0c4.woff2 qnbfins.com/_assets/css/plugins/fonts/	10 KB 10 KB	82ms 82ms	Font font/woff2	2606:4700:3030::6815:3d54 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://qnbfins.com/_assets/css/plugins/fonts/icomoonf0c4.woff2?wg7531 Requested by Host: qnbfins.com URL: https://qnbfins.com/magiclick.core.min7d9d.css?v=CGVbMfPF8OvrF6AjVTGmwHyBjxyTBpk68fiIBz5TZ1Y1 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:3d54 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e9c0ab3f9fbc4e00692193ed590463b6ee191247b901e445dcbd396f2d2f5b95` Request headers Referer https://qnbfins.com/magiclick.core.min7d9d.css?v=CGVbMfPF8OvrF6AjVTGmwHyBjxyTBpk68fiIBz5TZ1Y1 Origin https://qnbfins.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Wed, 25 Jan 2023 14:20:57 GMT cf-cache-status MISS last-modified Thu, 26 Mar 2020 11:10:42 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AZwIdva%2Brn20cMHO5gMJEUtviWTr%2FmYSI2o2W1bP0m06E%2B8Nbq3NJ4JYAwIYWTOjRt7YeMptZ0d7PMf0DYR2vva%2FLtS4XJakLJCbZBnVmJZ9KiCDNr4fPw%2B%2BGpYJmdc6Bh6wCYH%2FYecAWg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 78f1a70cfbef9188-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 9948 expires Wed, 01 Feb 2023 14:20:57 GMT
GET H3	200	transparent.png qnbfins.com/_assets/img/	95 B 617 B	23ms 23ms	Image image/png	2606:4700:3030::6815:3d54 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://qnbfins.com/_assets/img/transparent.png Requested by Host: qnbfins.com URL: https://qnbfins.com/magiclick.core.minbdbd.js?v=1o07vJq2xSXdy3pOGb78H_Xprt8AC82V5pdXORlDbmk1 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:3d54 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517` Request headers accept-language de-DE,de;q=0.9 Referer https://qnbfins.com/en/index User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Wed, 25 Jan 2023 14:20:58 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 95 last-modified Mon, 10 Dec 2018 16:31:46 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DKXQKoNv%2FckK2Dc9vx7d5rW1a7i0wIuJ1AG3Urw%2Ft9GVX9nvos2mFEblbfCsy8lX0QYhclJ2CPQYXidMeTIF5rZq0VCYDy4n0%2Bb81LU2r8cJcpBuu364YelOpeosw01qRlzqWA0jjPNYjQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 78f1a70eb8429188-FRA expires Wed, 01 Feb 2023 14:20:57 GMT
GET H3	200	Banner-SecondImage-333-webp.vsf qnbfins.com/medium/	0 473 B	73ms 73ms	Image text/html	2606:4700:3030::6815:3d54 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://qnbfins.com/medium/Banner-SecondImage-333-webp.vsf Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:3d54 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.33 Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language de-DE,de;q=0.9 Referer https://qnbfins.com/en/index User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Wed, 25 Jan 2023 14:20:58 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.4.33 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p%2FTfOuQYm32Wfup5p8PmTgPpKoD8sPG%2FT9JsNFrMxBGZ6u3jAnuww6jIpAZciDMDkXi%2FJs6eY0tC61ztNGglTFU3Rh9yx6EvMW3KJI2ebUUYQfafjzHOv5HmroW4qVtS687JI10ILAd4qA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 x-turbo-charged-by LiteSpeed cf-ray 78f1a70ec8699188-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	notifications Show response qnbfins.com/api/	0 476 B	67ms 67ms	XHR text/html	2606:4700:3030::6815:3d54 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://qnbfins.com/api/notifications Requested by Host: qnbfins.com URL: https://qnbfins.com/magiclick.core.minbdbd.js?v=1o07vJq2xSXdy3pOGb78H_Xprt8AC82V5pdXORlDbmk1 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:3d54 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.33 Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept / X-Bone-Language EN Referer https://qnbfins.com/en/index X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Wed, 25 Jan 2023 14:20:58 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.4.33 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VvV5GwEPQmktV2RU1BODNgpJte%2B%2BZWx%2BZbPguQiNqJ3LT4Pb73JLkbAZdaG%2BhDK4YPMfQwJH3eF166A5C5mlgTVOo2igKlEL0vRR0wrTS2rppnYZpOoqyECnJ2B4CWEhKjFsmebUvzS2dQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 x-turbo-charged-by LiteSpeed cf-ray 78f1a70ee8a29188-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	GetBistEndexDataResponse Show response qnbfins.com/api/LoanCalculators/	0 473 B	86ms 85ms	XHR text/html	2606:4700:3030::6815:3d54 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://qnbfins.com/api/LoanCalculators/GetBistEndexDataResponse Requested by Host: qnbfins.com URL: https://qnbfins.com/magiclick.core.minbdbd.js?v=1o07vJq2xSXdy3pOGb78H_Xprt8AC82V5pdXORlDbmk1 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:3d54 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.33 Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept / X-Bone-Language EN Referer https://qnbfins.com/en/index X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Wed, 25 Jan 2023 14:20:58 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.4.33 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BRhdbWifx9dYFHmLuOVA2aqIHccFwdNwo7XaNjaY02S2iMiYccvxh1bJfVu%2F69DxBveR6L07hL0Msj%2FCgpLYgmB0YrANC9y99nK2JnF%2BEM3WjNmFahQokMahMmfeChLz7Sz5nKfNfQcVbw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 x-turbo-charged-by LiteSpeed cf-ray 78f1a70f08f59188-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Finansbank (Banking)

93 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

qnbfins.com
2606:4700:3030::6815:3d54
2606:4700:3032::ac43:cfb3
0a88dfccd371b667dba8ad94444cd4c5768d580b105735ce3fe6d2477b9fcf6f
12b24628c516a6d519a99141c00623455c4cb1df4a1f20cae8a28371143bd772
1f79b77c59f93188451b759871002e414f6cf062e388b99ce2d2394a064a6a52
26ad2d01d0fb0fde0fb637fe930da758e75a83515adc009af8684b3c5edab0c5
2c01fcf4c587cd936cbb0d4349b9fc88dd585023f7059ccc8264a4f10622cf7d
39657d8581b3a98c67209ca13a94571529589ffbe9988d11d2357406f3ff801f
3a7a8b35280b6af64a53aefa5e5f0fcc3736c56172d1d28b43ccee531e81623a
3c3955916e9fbe2929186cc939b9231ede8500be0a5cf45c5efda89e6e0f428c
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
49047429760049f71d97555d6a046d3316131060ca490ad3d7ef51c82efe439d
4c303aaae539b4e146fa9bedaa63ed30b06b74c53df3ced2edff4ef666753c65
52154d8dd73368f63acf94c71e9604c9acef54ee297dcfa28eb927aa8dc96705
5ef0f4edaca62af880b59afd709162491cad859b9b39d707624808d25a182849
6679292714add382a6713839b07a6d5362401b5a2c4fc54df1f3d8b424a5d227
764260de1f63e63e1ca6a1c4cc0849985fc75dfb1393776fda9fecf514ad7916
b8072d9a39ae48be03959d8b97374e12ce25be1496880ffa1bbf9c0ab9f04f0b
bd7373bf622701e84594c5d816c15d27473ac2f9e01421a7c74921870536d3d6
be195649067631c77b0afcc223840ab3959f54e6a634ae4a39dfdfcc2d355cd1
e1d94035b1e4852ae3a0889323e643a114127b5c9829d69cff86b2d95eb5b22b
e33add073b4f58f3fed31b745d6c4d23857c0bd80ee04046d7adb68949cdb871
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9c0ab3f9fbc4e00692193ed590463b6ee191247b901e445dcbd396f2d2f5b95
f9acde326cc0a3c8ee7b2a05a31b4635eb1507b4919c6d9ebc506f38c6f20f37

qnbfins.com Open in urlscan Pro 2606:4700:3030::6815:3d54 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

26 Requests

100 %HTTPS

100 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

1153 kBTransfer

2191 kBSize

0 Cookies

35 Outgoing links

Page URL History

Redirected requests

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

93 JavaScript Global Variables

qnbfins.com Open in urlscan Pro
2606:4700:3030::6815:3d54 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

26
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

1153 kB
Transfer

2191 kB
Size

0
Cookies

26 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!