urlscan.io logo urlscan.io
SecurityTrails logo

qnb-card-finans-basvuru-form.tk Open in urlscan Pro
192.154.229.2  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: http://qnb-card-finans-basvuru-form.tk/
Submission: On September 05 via manual from TR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 18 HTTP transactions. The main IP is 192.154.229.2, located in Dallas, United States and belongs to TIER-NET, US. The main domain is qnb-card-finans-basvuru-form.tk.
This is the only time qnb-card-finans-basvuru-form.tk was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: BDDK (Banking) Turkish Government (Government)

Domain & IP information

IP Address AS Autonomous System
2 192.154.229.2 397423 (TIER-NET)
16 31.3.2.130 21245 (NETSA-AS)
18 2
Domain Requested by
16 cdn.e-devlet.gov.tr qnb-card-finans-basvuru-form.tk
cdn.e-devlet.gov.tr
2 qnb-card-finans-basvuru-form.tk cdn.e-devlet.gov.tr
18 2

This site contains links to these domains. Also see Links.

Domain
www.turkiye.gov.tr
Subject Issuer Validity Valid
cdn.e-devlet.gov.tr
GlobalSign RSA OV SSL CA 2018		 2020-02-28 -
2022-02-28		 2 years crt.sh

This page contains 1 frames:

Primary Page: http://qnb-card-finans-basvuru-form.tk/
Frame ID: 19C9BB0B63880C8F5BA9234FE7A8B0D9
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^LiteSpeed$/i

Page Statistics

18
Requests

89 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

368 kB
Transfer

1098 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
qnb-card-finans-basvuru-form.tk/ 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://qnb-card-finans-basvuru-form.tk/
Protocol
HTTP/1.1
Server
192.154.229.2 Dallas, United States, ASN397423 (TIER-NET, US),
Reverse DNS
blast1.blastport.com
Software
LiteSpeed /
Resource Hash
613f4348156bc32cef9b143db3e6014a9a074e669337d0c4337cd999435d5fa8

Request headers

Host
qnb-card-finans-basvuru-form.tk
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Content-Encoding
gzip
Vary
Accept-Encoding
Date
Sat, 05 Sep 2020 08:25:25 GMT
Server
LiteSpeed
base.css
cdn.e-devlet.gov.tr/themes/izmir/css/ 		125 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.e-devlet.gov.tr/themes/izmir/css/base.css
Requested by
Host: qnb-card-finans-basvuru-form.tk
URL: http://qnb-card-finans-basvuru-form.tk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.3.2.130 , Turkey, ASN21245 (NETSA-AS, TR),
Reverse DNS
Software
MNCDN-2149 /
Resource Hash
1db6223bb646f1160c892a85bcd282199741212a14bb891454be2d7c4c3004dd

Request headers

Referer
http://qnb-card-finans-basvuru-form.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 05 Sep 2020 08:25:25 GMT
content-encoding
gzip
last-modified
Thu, 16 Jul 2020 11:18:50 GMT
server
MNCDN-2149
x-edge-location
DE-372
etag
W/"5f10379a-1f5d4"
x-cache-status
Edge : HIT,
vary
Accept-Encoding, Accept-Encoding, User-Agent
content-type
text/css
status
200
cache-control
max-age=2592000
x-mserver
2200
expires
Mon, 05 Oct 2020 08:25:25 GMT
header.js
cdn.e-devlet.gov.tr/themes/izmir/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.e-devlet.gov.tr/themes/izmir/js/header.js
Requested by
Host: qnb-card-finans-basvuru-form.tk
URL: http://qnb-card-finans-basvuru-form.tk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.3.2.130 , Turkey, ASN21245 (NETSA-AS, TR),
Reverse DNS
Software
MNCDN-2149 /
Resource Hash
557d0b88bde12cc5a38cac1a0932a827aca1d92c42d22bb7e45ef7a241792790

Request headers

Referer
http://qnb-card-finans-basvuru-form.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 05 Sep 2020 08:25:25 GMT
content-encoding
gzip
last-modified
Thu, 16 Jul 2020 11:18:39 GMT
server
MNCDN-2149
x-edge-location
DE-372
etag
W/"5f10378f-2709"
x-cache-status
Edge : HIT,
vary
Accept-Encoding, Accept-Encoding, User-Agent
content-type
application/javascript
status
200
cache-control
max-age=2592000
x-mserver
2200
expires
Mon, 05 Oct 2020 08:25:25 GMT
giris.css
cdn.e-devlet.gov.tr/themes/izmir/css/ 		40 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.e-devlet.gov.tr/themes/izmir/css/giris.css
Requested by
Host: qnb-card-finans-basvuru-form.tk
URL: http://qnb-card-finans-basvuru-form.tk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.3.2.130 , Turkey, ASN21245 (NETSA-AS, TR),
Reverse DNS
Software
MNCDN-2149 /
Resource Hash
100532b675757fa833fb986680583229c2f73ff38d7decca961f5662f7857710

Request headers

Referer
http://qnb-card-finans-basvuru-form.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 05 Sep 2020 08:25:25 GMT
content-encoding
gzip
last-modified
Thu, 16 Jul 2020 11:18:43 GMT
server
MNCDN-2149
x-edge-location
DE-372
etag
W/"5f103793-a195"
x-cache-status
Edge : HIT,
vary
Accept-Encoding, Accept-Encoding, User-Agent
content-type
text/css
status
200
cache-control
max-age=2592000
x-mserver
2200
expires
Mon, 05 Oct 2020 08:25:25 GMT
1.png
cdn.e-devlet.gov.tr/themes/istanbul/images/agencies/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.e-devlet.gov.tr/themes/istanbul/images/agencies/1.png
Requested by
Host: qnb-card-finans-basvuru-form.tk
URL: http://qnb-card-finans-basvuru-form.tk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.3.2.130 , Turkey, ASN21245 (NETSA-AS, TR),
Reverse DNS
Software
MNCDN-2149 /
Resource Hash
b2f75fb62c0bf3c51f8eebc14891cf56976638fda4b0d23f90e2ee6dbd8f3b18

Request headers

Referer
http://qnb-card-finans-basvuru-form.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 05 Sep 2020 08:25:25 GMT
content-encoding
gzip
last-modified
Sun, 10 Dec 2017 13:50:20 GMT
server
MNCDN-2149
x-edge-location
DE-372
etag
W/"5a2d3b9c-73f"
x-cache-status
Edge : HIT,
vary
Accept-Encoding, Accept-Encoding, User-Agent
content-type
image/png
status
200
cache-control
max-age=2592000
x-mserver
2200
expires
Mon, 05 Oct 2020 08:25:25 GMT
form-progress.svg
cdn.e-devlet.gov.tr/themes/izmir/images/ 		1 KB
949 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.e-devlet.gov.tr/themes/izmir/images/form-progress.svg
Requested by
Host: qnb-card-finans-basvuru-form.tk
URL: http://qnb-card-finans-basvuru-form.tk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.3.2.130 , Turkey, ASN21245 (NETSA-AS, TR),
Reverse DNS
Software
MNCDN-2149 /
Resource Hash
ff7498da718b1f50faeefae71e24ceadf4575da0692b84c9a1ad359daa1f2ff2

Request headers

Referer
http://qnb-card-finans-basvuru-form.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 05 Sep 2020 08:25:25 GMT
content-encoding
gzip
status
200
last-modified
Mon, 11 Dec 2017 14:11:06 GMT
server
MNCDN-2149
x-edge-location
DE-372
etag
W/"5a2e91fa-42c"
x-cache-status
Edge : HIT,
vary
Accept-Encoding, Accept-Encoding, User-Agent
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=7776000
x-mserver
2200
expires
Fri, 04 Dec 2020 08:25:25 GMT
common.js
cdn.e-devlet.gov.tr/themes/izmir/js/ 		700 KB
202 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.e-devlet.gov.tr/themes/izmir/js/common.js
Requested by
Host: qnb-card-finans-basvuru-form.tk
URL: http://qnb-card-finans-basvuru-form.tk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.3.2.130 , Turkey, ASN21245 (NETSA-AS, TR),
Reverse DNS
Software
MNCDN-2149 /
Resource Hash
7bfbffbf44db326910508175a68acfb070d4384a141448e472fb94c42de02ad1

Request headers

Referer
http://qnb-card-finans-basvuru-form.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 05 Sep 2020 08:25:25 GMT
content-encoding
gzip
last-modified
Thu, 16 Jul 2020 11:18:47 GMT
server
MNCDN-2149
x-edge-location
DE-372
etag
W/"5f103797-aef24"
x-cache-status
Edge : HIT,
vary
Accept-Encoding, Accept-Encoding, User-Agent
content-type
application/javascript
status
200
cache-control
max-age=2592000
x-mserver
2200
expires
Mon, 05 Oct 2020 08:25:25 GMT
giris.js
cdn.e-devlet.gov.tr/themes/izmir/js/ 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.e-devlet.gov.tr/themes/izmir/js/giris.js
Requested by
Host: qnb-card-finans-basvuru-form.tk
URL: http://qnb-card-finans-basvuru-form.tk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.3.2.130 , Turkey, ASN21245 (NETSA-AS, TR),
Reverse DNS
Software
MNCDN-2149 /
Resource Hash
5e720dc10a0e26cc6d4fd33cb0bf71a119c3bbc2edaf35797ba51b5616e8bd1f

Request headers

Referer
http://qnb-card-finans-basvuru-form.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 05 Sep 2020 08:25:25 GMT
content-encoding
gzip
last-modified
Thu, 16 Jul 2020 11:17:57 GMT
server
MNCDN-2149
x-edge-location
DE-372
etag
W/"5f103765-78e9"
x-cache-status
Edge : HIT,
vary
Accept-Encoding, Accept-Encoding, User-Agent
content-type
application/javascript
status
200
cache-control
max-age=2592000
x-mserver
2200
expires
Mon, 05 Oct 2020 08:25:25 GMT
jcryption.js
cdn.e-devlet.gov.tr/themes/istanbul/javascript/ 		72 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.e-devlet.gov.tr/themes/istanbul/javascript/jcryption.js
Requested by
Host: qnb-card-finans-basvuru-form.tk
URL: http://qnb-card-finans-basvuru-form.tk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.3.2.130 , Turkey, ASN21245 (NETSA-AS, TR),
Reverse DNS
Software
MNCDN-2149 /
Resource Hash
a35a423bb7df717794d8b791af03962cf38106dafbcbff01b5a98bf63e76e4ae

Request headers

Referer
http://qnb-card-finans-basvuru-form.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 05 Sep 2020 08:25:25 GMT
content-encoding
gzip
last-modified
Sun, 10 Dec 2017 13:50:20 GMT
server
MNCDN-2149
x-edge-location
DE-372
etag
W/"5a2d3b9c-12046"
x-cache-status
Edge : HIT,
vary
Accept-Encoding, Accept-Encoding, User-Agent
content-type
application/javascript
status
200
cache-control
max-age=2592000
x-mserver
2200
expires
Mon, 05 Oct 2020 08:25:25 GMT
edkkds.svg
cdn.e-devlet.gov.tr/themes/izmir/images/ 		9 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.e-devlet.gov.tr/themes/izmir/images/edkkds.svg
Requested by
Host: qnb-card-finans-basvuru-form.tk
URL: http://qnb-card-finans-basvuru-form.tk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.3.2.130 , Turkey, ASN21245 (NETSA-AS, TR),
Reverse DNS
Software
MNCDN-2149 /
Resource Hash
39966ec7eea8f508184cef9f98895a0e8d74e3328a43cc8a93c528cfca888691

Request headers

Referer
http://qnb-card-finans-basvuru-form.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 05 Sep 2020 08:25:25 GMT
content-encoding
gzip
status
200
last-modified
Fri, 05 Jan 2018 11:42:29 GMT
server
MNCDN-2149
x-edge-location
DE-372
etag
W/"5a4f64a5-222a"
x-cache-status
Edge : HIT,
vary
Accept-Encoding, Accept-Encoding, User-Agent
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=7776000
x-mserver
2200
expires
Fri, 04 Dec 2020 08:25:25 GMT
auth-methods.1324.svg
cdn.e-devlet.gov.tr/themes/izmir/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.e-devlet.gov.tr/themes/izmir/images/auth-methods.1324.svg
Requested by
Host: cdn.e-devlet.gov.tr
URL: https://cdn.e-devlet.gov.tr/themes/izmir/css/giris.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.3.2.130 , Turkey, ASN21245 (NETSA-AS, TR),
Reverse DNS
Software
MNCDN-2149 /
Resource Hash
27292f1f2138adbd114fa0463bec7cfcb3475c08477f79554da42d858be68d70

Request headers

Referer
https://cdn.e-devlet.gov.tr/themes/izmir/css/giris.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 05 Sep 2020 08:25:25 GMT
content-encoding
gzip
status
200
last-modified
Fri, 05 Jan 2018 11:42:29 GMT
server
MNCDN-2149
x-edge-location
DE-372
etag
W/"5a4f64a5-1125"
x-cache-status
Edge : HIT,
vary
Accept-Encoding, Accept-Encoding, User-Agent
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=7776000
x-mserver
2200
expires
Fri, 04 Dec 2020 08:25:25 GMT
opensans-regular-webfont.1324.woff
cdn.e-devlet.gov.tr/themes/izmir/fonts/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.e-devlet.gov.tr/themes/izmir/fonts/opensans-regular-webfont.1324.woff
Requested by
Host: cdn.e-devlet.gov.tr
URL: https://cdn.e-devlet.gov.tr/themes/izmir/css/base.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.3.2.130 , Turkey, ASN21245 (NETSA-AS, TR),
Reverse DNS
Software
MNCDN-2149 /
Resource Hash
cae23238919c18fd4c10019616ab3ac444bf3794502cdd1d73934ad34b199968

Request headers

Origin
http://qnb-card-finans-basvuru-form.tk
Referer
https://cdn.e-devlet.gov.tr/themes/izmir/css/base.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 05 Sep 2020 08:25:26 GMT
last-modified
Mon, 11 Dec 2017 08:25:33 GMT
server
MNCDN-2149
age
7009
x-edge-location
DE-372
etag
"5a2e40fd-48f0"
x-cache-status
Edge : HIT,
content-type
application/font-woff
status
200
cache-control
max-age=7776000
accept-ranges
bytes
access-control-allow-origin
*
content-length
18672
x-mserver
2200
expires
Fri, 04 Dec 2020 08:25:26 GMT
button-right.1324.svg
cdn.e-devlet.gov.tr/themes/izmir/images/ 		448 B
622 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.e-devlet.gov.tr/themes/izmir/images/button-right.1324.svg
Requested by
Host: cdn.e-devlet.gov.tr
URL: https://cdn.e-devlet.gov.tr/themes/izmir/css/giris.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.3.2.130 , Turkey, ASN21245 (NETSA-AS, TR),
Reverse DNS
Software
MNCDN-2149 /
Resource Hash
14e8e481e7afcaae3200f172bd49bf7146ea2a23d3fdf0ba71d5fdbbd0c8c5a4

Request headers

Referer
https://cdn.e-devlet.gov.tr/themes/izmir/css/giris.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 05 Sep 2020 08:25:26 GMT
content-encoding
gzip
status
200
last-modified
Mon, 11 Dec 2017 14:11:06 GMT
server
MNCDN-2149
x-edge-location
DE-372
etag
W/"5a2e91fa-1c0"
x-cache-status
Edge : HIT,
vary
Accept-Encoding, Accept-Encoding, User-Agent
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=7776000
x-mserver
2200
expires
Fri, 04 Dec 2020 08:25:26 GMT
arrow-left.1324.svg
cdn.e-devlet.gov.tr/themes/izmir/images/ 		393 B
538 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.e-devlet.gov.tr/themes/izmir/images/arrow-left.1324.svg
Requested by
Host: cdn.e-devlet.gov.tr
URL: https://cdn.e-devlet.gov.tr/themes/izmir/css/giris.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.3.2.130 , Turkey, ASN21245 (NETSA-AS, TR),
Reverse DNS
Software
MNCDN-2149 /
Resource Hash
945f7d25e8f885da3c77668f74ecacefa894dc535ac048f57a56e2b2fc2560df

Request headers

Referer
https://cdn.e-devlet.gov.tr/themes/izmir/css/giris.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 05 Sep 2020 08:25:26 GMT
content-encoding
br
status
200
last-modified
Mon, 11 Dec 2017 14:11:06 GMT
server
MNCDN-2149
x-edge-location
DE-372
etag
W/"5a2e91fa-189"
x-cache-status
Edge : HIT,
vary
Accept-Encoding, User-Agent
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=7776000
x-mserver
2200
expires
Fri, 04 Dec 2020 08:25:26 GMT
opensans-light-webfont.1324.woff
cdn.e-devlet.gov.tr/themes/izmir/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.e-devlet.gov.tr/themes/izmir/fonts/opensans-light-webfont.1324.woff
Requested by
Host: cdn.e-devlet.gov.tr
URL: https://cdn.e-devlet.gov.tr/themes/izmir/css/base.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.3.2.130 , Turkey, ASN21245 (NETSA-AS, TR),
Reverse DNS
Software
MNCDN-2149 /
Resource Hash
3aad39d766b468cdada18b6eb1cd786b45605a357e6f830e78e08ae73b9a05b9

Request headers

Origin
http://qnb-card-finans-basvuru-form.tk
Referer
https://cdn.e-devlet.gov.tr/themes/izmir/css/base.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 05 Sep 2020 08:25:26 GMT
last-modified
Mon, 11 Dec 2017 08:25:33 GMT
server
MNCDN-2149
age
8364
x-edge-location
DE-372
etag
"5a2e40fd-4840"
x-cache-status
Edge : HIT,
content-type
application/font-woff
status
200
cache-control
max-age=7776000
accept-ranges
bytes
access-control-allow-origin
*
content-length
18496
x-mserver
2200
expires
Fri, 04 Dec 2020 08:25:26 GMT
edk.1324.1324.woff
cdn.e-devlet.gov.tr/themes/izmir/fonts/ 		40 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.e-devlet.gov.tr/themes/izmir/fonts/edk.1324.1324.woff
Requested by
Host: cdn.e-devlet.gov.tr
URL: https://cdn.e-devlet.gov.tr/themes/izmir/css/base.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.3.2.130 , Turkey, ASN21245 (NETSA-AS, TR),
Reverse DNS
Software
MNCDN-2149 /
Resource Hash
431d0f3b8d5d45433813eaf992eac0c09e4d949c2acaaa7a6bb3f129c742c427

Request headers

Origin
http://qnb-card-finans-basvuru-form.tk
Referer
https://cdn.e-devlet.gov.tr/themes/izmir/css/base.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 05 Sep 2020 08:25:26 GMT
last-modified
Thu, 16 Jul 2020 11:18:21 GMT
server
MNCDN-2149
age
8349
x-edge-location
DE-372
etag
"5f10377d-9e54"
x-cache-status
Edge : HIT,
content-type
application/font-woff
status
200
cache-control
max-age=7776000
accept-ranges
bytes
access-control-allow-origin
*
content-length
40532
x-mserver
2200
expires
Fri, 04 Dec 2020 08:25:26 GMT
CryptoServlet
qnb-card-finans-basvuru-form.tk/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://qnb-card-finans-basvuru-form.tk/CryptoServlet?generateKeyPair=true
Requested by
Host: cdn.e-devlet.gov.tr
URL: https://cdn.e-devlet.gov.tr/themes/izmir/js/common.js
Protocol
HTTP/1.1
Server
192.154.229.2 Dallas, United States, ASN397423 (TIER-NET, US),
Reverse DNS
blast1.blastport.com
Software
LiteSpeed /
Resource Hash
79ce4e2bbf25c4a4d91458d191d6ef268b4592169ae6586ba52242f412670b5d

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
http://qnb-card-finans-basvuru-form.tk/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 05 Sep 2020 08:25:25 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Server
LiteSpeed
Connection
Keep-Alive
Content-Length
1237
Content-Type
text/html
bb-ubak-tsat-black.png
cdn.e-devlet.gov.tr/themes/izmir/images/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.e-devlet.gov.tr/themes/izmir/images/bb-ubak-tsat-black.png
Requested by
Host: qnb-card-finans-basvuru-form.tk
URL: http://qnb-card-finans-basvuru-form.tk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.3.2.130 , Turkey, ASN21245 (NETSA-AS, TR),
Reverse DNS
Software
MNCDN-2149 /
Resource Hash
a4745f259315892f1d3a76a0d8f524729e50ac83d4a8a53deda91970a1bf3dbb

Request headers

Referer
http://qnb-card-finans-basvuru-form.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 05 Sep 2020 08:25:26 GMT
content-encoding
gzip
last-modified
Thu, 26 Mar 2020 11:15:12 GMT
server
MNCDN-2149
x-edge-location
DE-372
etag
W/"5e7c8ec0-3b10"
x-cache-status
Edge : HIT,
vary
Accept-Encoding, Accept-Encoding, User-Agent
content-type
image/png
status
200
cache-control
max-age=2592000
x-mserver
2200
expires
Mon, 05 Oct 2020 08:25:26 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: BDDK (Banking) Turkish Government (Government)

140 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| BigInt object| trustedTypes object| html5 object| Modernizr function| LanguageFetcher function| loadTextTrack function| parseSRT object| textTrack object| textTrackCounter object| currentText undefined| viewMode undefined| textMode string| staticServer string| ajaxServer function| getCdnUrl function| toggleText function| toggleSize function| add_printable_footer object| os function| fix_colour_dots_on_firefox object| locales object| datePickerController function| DeepLinker function| open_accessibility_menu function| close_accessibility_menu function| is_accessibility_menu_open function| toggle_accessibility_menu function| open_user_menu function| close_user_menu function| is_user_menu_open function| toggle_user_menu function| $ function| jQuery function| FastClick function| moment function| RateYo function| Cookies function| timecode_min function| timecode_max function| tcsecs function| tmpl function| Marquee function| analytics function| Sifter object| MicroPlugin function| Selectize object| is function| initializeHelpers number| biRadixBase number| biRadixBits number| bitsPerDigit number| biRadix number| biHalfRadix number| biRadixSquared number| maxDigitVal number| maxInteger undefined| maxDigits undefined| ZERO_ARRAY undefined| bigZero undefined| bigOne number| dpl10 object| highBitMasks object| hexatrigesimalToChar object| hexToChar object| lowBitMasks function| setMaxDigits function| biFromDecimal function| biCopy function| biFromNumber function| reverseStr function| biToString function| biToDecimal function| digitToHex function| biToHex function| charToHex function| hexToDigit function| biFromHex function| biFromString function| biDump function| biAdd function| biSubtract function| biHighIndex function| biNumBits function| biMultiply function| biMultiplyDigit function| arrayCopy function| biShiftLeft function| biShiftRight function| biMultiplyByRadixPower function| biDivideByRadixPower function| biModuloByRadixPower function| biCompare function| biDivideModulo function| biDivide function| biModulo function| biMultiplyMod function| biPow function| biPowMod function| BarrettMu function| BarrettMu_modulo function| BarrettMu_multiplyMod function| BarrettMu_powMod object| Aes object| Base64 object| Utf8 number| charSize string| b64pad number| hexCase function| Int_64 function| str2binb function| hex2binb function| binb2hex function| binb2b64 function| rotl_32 function| rotr_32 function| rotr_64 function| shr_32 function| shr_64 function| parity_32 function| ch_32 function| ch_64 function| maj_32 function| maj_64 function| sigma0_32 function| sigma0_64 function| sigma1_32 function| sigma1_64 function| gamma0_32 function| gamma0_64 function| gamma1_32 function| gamma1_64 function| safeAdd_32_2 function| safeAdd_32_4 function| safeAdd_32_5 function| safeAdd_64_2 function| safeAdd_64_4 function| safeAdd_64_5 function| coreSHA1 function| coreSHA2 function| jsSHA

1 Cookies

Domain/Path Name / Value
qnb-card-finans-basvuru-form.tk/ Name: top-menu-state
Value: closed