e.qnbefinans.com Open in urlscan Pro
91.235.64.34 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://e.qnbefinans.com/email/signal/trnrs?Data=nTr0HNMmiDILyuv10yhOeCGx9qe2QL2hVGcfI_6aXI8b7GYnN0HmbgbzVgZpS2VnQBgewIiI...
Effective URL:
https://e.qnbefinans.com/email/signal/trnrs?Data=nTr0HNMmiDILyuv10yhOeCGx9qe2QL2hVGcfI_6aXI8b7GYnN0HmbgbzVgZpS2VnQBgewIiI...
Submission: On July 03 via api (July 3rd 2024, 2:10:01 pm UTC) from TR — Scanned from DE

Summary HTTP 2 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 2 HTTP transactions. The main IP is 91.235.64.34, located in Turkey and belongs to D-TEK, TR. The main domain is e.qnbefinans.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 12th 2023. Valid for: a year.

This is the only time e.qnbefinans.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
2	91.235.64.34 91.235.64.34		201160 (D-TEK) (D-TEK)
2	1

2 91.235.64.34 (Turkey)

ASN201160 (D-TEK, TR)

e.qnbefinans.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	qnbefinans.com e.qnbefinans.com	2 KB
2	1

	Domain	Requested by
2	e.qnbefinans.com
2	1

This site contains no links.

Subject Issuer	Validity	Valid
*.euromsg.net Sectigo RSA Domain Validation Secure Server CA	`2023-10-12` - `2024-10-11`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://e.qnbefinans.com/email/signal/trnrs?Data=nTr0HNMmiDILyuv10yhOeCGx9qe2QL2hVGcfI_6aXI8b7GYnN0HmbgbzVgZpS2VnQBgewIiI8Fhzr_ArLeElHo8-Up5SBEzAQJHIsQ2-_-nR-D8OGoMwNFt3gHyOFjQFid9o4LPYWx3pMvy6kwGVzFBdOD_deNXRh-oVfPzdQfcNV3-oDKG-wIdxYAmUHuhfEzUtTLeCIpa_5_UgM9yL8Q8Pu2rVM7wdzEMZFHwmol6FHAzVMfXbH3lkGgH4z1E-v-7ZvUaJlR5Coht6boNSOQ
Frame ID: 1398698A6240AB05977F306908EDFFEA
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

trnrs (1×1)

Page URL History Show full URLs

http://e.qnbefinans.com/email/signal/trnrs?Data=nTr0HNMmiDILyuv10yhOeCGx9qe2QL2hVGcfI_6aXI8b7GYnN0Hm... HTTP 307
https://e.qnbefinans.com/email/signal/trnrs?Data=nTr0HNMmiDILyuv10yhOeCGx9qe2QL2hVGcfI_6aXI8b7GYnN0Hm... Page URL

Page Statistics

2
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

2 kB
Transfer

1 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://e.qnbefinans.com/email/signal/trnrs?Data=nTr0HNMmiDILyuv10yhOeCGx9qe2QL2hVGcfI_6aXI8b7GYnN0HmbgbzVgZpS2VnQBgewIiI8Fhzr_ArLeElHo8-Up5SBEzAQJHIsQ2-_-nR-D8OGoMwNFt3gHyOFjQFid9o4LPYWx3pMvy6kwGVzFBdOD_deNXRh-oVfPzdQfcNV3-oDKG-wIdxYAmUHuhfEzUtTLeCIpa_5_UgM9yL8Q8Pu2rVM7wdzEMZFHwmol6FHAzVMfXbH3lkGgH4z1E-v-7ZvUaJlR5Coht6boNSOQ HTTP 307
https://e.qnbefinans.com/email/signal/trnrs?Data=nTr0HNMmiDILyuv10yhOeCGx9qe2QL2hVGcfI_6aXI8b7GYnN0HmbgbzVgZpS2VnQBgewIiI8Fhzr_ArLeElHo8-Up5SBEzAQJHIsQ2-_-nR-D8OGoMwNFt3gHyOFjQFid9o4LPYWx3pMvy6kwGVzFBdOD_deNXRh-oVfPzdQfcNV3-oDKG-wIdxYAmUHuhfEzUtTLeCIpa_5_UgM9yL8Q8Pu2rVM7wdzEMZFHwmol6FHAzVMfXbH3lkGgH4z1E-v-7ZvUaJlR5Coht6boNSOQ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

2 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request trnrs Show response e.qnbefinans.com/email/signal/ Redirect Chain http://e.qnbefinans.com/email/signal/trnrs?Data=nTr0HNMmiDILyuv10yhOeCGx9qe2QL2hVGcfI_6aXI8b7GYnN0HmbgbzVgZpS2VnQBgewIiI8Fhzr_ArLeElHo8-Up5SBEzAQJHIsQ2-_-nR-D8OGoMwNFt3gHyOFjQFid9o4LPYWx3pMvy6kwGVz... https://e.qnbefinans.com/email/signal/trnrs?Data=nTr0HNMmiDILyuv10yhOeCGx9qe2QL2hVGcfI_6aXI8b7GYnN0HmbgbzVgZpS2VnQBgewIiI8Fhzr_ArLeElHo8-Up5SBEzAQJHIsQ2-_-nR-D8OGoMwNFt3gHyOFjQFid9o4LPYWx3pMvy6kwGV...	882 B 1 KB	264ms 90ms	Document image/gif	91.235.64.34 D-TEK
General Check archive.org Show headers Download Go to Full URL https://e.qnbefinans.com/email/signal/trnrs?Data=nTr0HNMmiDILyuv10yhOeCGx9qe2QL2hVGcfI_6aXI8b7GYnN0HmbgbzVgZpS2VnQBgewIiI8Fhzr_ArLeElHo8-Up5SBEzAQJHIsQ2-_-nR-D8OGoMwNFt3gHyOFjQFid9o4LPYWx3pMvy6kwGVzFBdOD_deNXRh-oVfPzdQfcNV3-oDKG-wIdxYAmUHuhfEzUtTLeCIpa_5_UgM9yL8Q8Pu2rVM7wdzEMZFHwmol6FHAzVMfXbH3lkGgH4z1E-v-7ZvUaJlR5Coht6boNSOQ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.235.64.34 , Turkey, ASN201160 (D-TEK, TR), Reverse DNS Software / ASP.NET Resource Hash `4b1fdedea132c96f9778db74bc50726c48c29a7bd2e135f87b095ff0b3cbeea9` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Length 882 Content-Type image/gif Date Wed, 03 Jul 2024 14:10:04 GMT LB 113 Server X-Powered-By ASP.NET x-machine-name EMWEBLB6 x-trace-id 2024-07-03-14-10:38eee504-2f33-4573-8dc8-4798e44256bc Redirect headers Location https://e.qnbefinans.com/email/signal/trnrs?Data=nTr0HNMmiDILyuv10yhOeCGx9qe2QL2hVGcfI_6aXI8b7GYnN0HmbgbzVgZpS2VnQBgewIiI8Fhzr_ArLeElHo8-Up5SBEzAQJHIsQ2-_-nR-D8OGoMwNFt3gHyOFjQFid9o4LPYWx3pMvy6kwGVzFBdOD_deNXRh-oVfPzdQfcNV3-oDKG-wIdxYAmUHuhfEzUtTLeCIpa_5_UgM9yL8Q8Pu2rVM7wdzEMZFHwmol6FHAzVMfXbH3lkGgH4z1E-v-7ZvUaJlR5Coht6boNSOQ Non-Authoritative-Reason HttpsUpgrades
GET H/1.1	404 Not Found	favicon.ico e.qnbefinans.com/	0 266 B	57ms 57ms	Other text/plain	91.235.64.34 D-TEK
General Check archive.org Show headers Download Go to Full URL https://e.qnbefinans.com/favicon.ico Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.235.64.34 , Turkey, ASN201160 (D-TEK, TR), Reverse DNS Software / ASP.NET Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://e.qnbefinans.com/email/signal/trnrs?Data=nTr0HNMmiDILyuv10yhOeCGx9qe2QL2hVGcfI_6aXI8b7GYnN0HmbgbzVgZpS2VnQBgewIiI8Fhzr_ArLeElHo8-Up5SBEzAQJHIsQ2-_-nR-D8OGoMwNFt3gHyOFjQFid9o4LPYWx3pMvy6kwGVzFBdOD_deNXRh-oVfPzdQfcNV3-oDKG-wIdxYAmUHuhfEzUtTLeCIpa_5_UgM9yL8Q8Pu2rVM7wdzEMZFHwmol6FHAzVMfXbH3lkGgH4z1E-v-7ZvUaJlR5Coht6boNSOQ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-trace-id 2024-07-03-14-10:b485effe-68c9-4d86-b85b-4f0c8bf40098 Date Wed, 03 Jul 2024 14:10:04 GMT LB 113 Server X-Powered-By ASP.NET x-machine-name EMWEBLB6 Content-Length 0

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
e.qnbefinans.com/	1970-01-20 21:46:55	Name: ADRUM_BTa Value: R%3A0%7Cg%3A52d2e3b6-0994-4832-b351-54b4e8994a32%7Cn%3Arelated_67e9bac6-d820-4dda-b489-18a91d8f1cdb
e.qnbefinans.com/	1970-01-20 21:46:55	Name: SameSite Value: None
e.qnbefinans.com/	1970-01-20 21:46:55	Name: ADRUM_BT1 Value: R%3A0%7Ci%3A2273%7Ce%3A34
e.qnbefinans.com/	1969-12-31 23:59:59	Name: BlueStripe.PVN Value: 335c000a53fa

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://e.qnbefinans.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

e.qnbefinans.com
91.235.64.34
4b1fdedea132c96f9778db74bc50726c48c29a7bd2e135f87b095ff0b3cbeea9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

e.qnbefinans.com Open in urlscan Pro 91.235.64.34 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

2 Requests

0 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

2 kBTransfer

1 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

2 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

4 Cookies

1 Console Messages

Indicators

e.qnbefinans.com Open in urlscan Pro
91.235.64.34 Public Scan

Screenshot
Live screenshot

Full Image

2
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

2 kB
Transfer

1 kB
Size

4
Cookies

2 HTTP transactions
0 data transactions