qnbfinanas-tr.eu
Open in
urlscan Pro
93.157.63.191
Malicious Activity!
Public Scan
Effective URL: https://qnbfinanas-tr.eu/
Submission: On January 04 via api from US
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on December 4th 2018. Valid for: 3 months.
This is the only time qnbfinanas-tr.eu was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Finansbank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 13 | 93.157.63.191 93.157.63.191 | 43350 (NFORCE) (NFORCE) | |
12 | 62.108.64.36 62.108.64.36 | 8831 (FINANSBAN...) (FINANSBANK Inkilap Mahallesi Dr. Fazil Kucuk Cad.) | |
32 | 3 |
ASN8831 (FINANSBANK Inkilap Mahallesi Dr. Fazil Kucuk Cad., TR)
PTR: www.finansbank.com.tr
www.qnbfinansbank.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
13 |
qnbfinanas-tr.eu
1 redirects
qnbfinanas-tr.eu |
1 MB |
12 |
qnbfinansbank.com
www.qnbfinansbank.com |
844 KB |
32 | 2 |
Domain | Requested by | |
---|---|---|
13 | qnbfinanas-tr.eu |
1 redirects
qnbfinanas-tr.eu
|
12 | www.qnbfinansbank.com |
qnbfinanas-tr.eu
|
32 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.qnbalahli.com |
www.bcd.ly |
www.qnb.com |
ecobank.com |
qnb.com.tn |
qnb.co.id |
www.qnbfinansbank.com |
www.cbiuae.com |
www.mansourbank.com |
www.hbtf.com |
app.adjust.com |
internetsubesi.qnbfinansbank.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
qnbfinanas-tr.eu Let's Encrypt Authority X3 |
2018-12-04 - 2019-03-04 |
3 months | crt.sh |
*.qnbfinansbank.com GlobalSign Organization Validation CA - SHA256 - G2 |
2016-09-21 - 2019-09-22 |
3 years | crt.sh |
This page contains 1 frames:
Primary Page:
https://qnbfinanas-tr.eu/
Frame ID: 8792EAD50B885291115545C61F73BE43
Requests: 32 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://qnbfinanas-tr.eu/
HTTP 301
https://qnbfinanas-tr.eu/ Page URL
Detected technologies
Windows Server (Operating Systems) ExpandDetected patterns
- html /<input[^>]+name="__VIEWSTATE/i
Microsoft ASP.NET (Web Frameworks) Expand
Detected patterns
- html /<input[^>]+name="__VIEWSTATE/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
IIS (Web Servers) Expand
Detected patterns
- html /<input[^>]+name="__VIEWSTATE/i
Moment.js (JavaScript Libraries) Expand
Detected patterns
- env /^moment$/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- env /^jQuery$/i
Page Statistics
30 Outgoing links
These are links going to different origins than the main page.
Title: Egypt**
Search URL Search Domain Scan URL
Title: Libya*
Search URL Search Domain Scan URL
Title: Mauritania
Search URL Search Domain Scan URL
Title: South Sudan (Juba)
Search URL Search Domain Scan URL
Title: Sudan
Search URL Search Domain Scan URL
Title: Togo(Ecobank)**
Search URL Search Domain Scan URL
Title: Tunisia**
Search URL Search Domain Scan URL
Title: China**
Search URL Search Domain Scan URL
Title: Indonesia**
Search URL Search Domain Scan URL
Title: India
Search URL Search Domain Scan URL
Title: Myanmar*
Search URL Search Domain Scan URL
Title: Singapore
Search URL Search Domain Scan URL
Title: Vietnam*
Search URL Search Domain Scan URL
Title: France
Search URL Search Domain Scan URL
Title: Switzerland
Search URL Search Domain Scan URL
Title: Turkey**
Search URL Search Domain Scan URL
Title: United Kingdom
Search URL Search Domain Scan URL
Title: Qatar
Search URL Search Domain Scan URL
Title: KSA
Search URL Search Domain Scan URL
Title: Kuwait
Search URL Search Domain Scan URL
Title: Oman
Search URL Search Domain Scan URL
Title: UAE (CBI)**
Search URL Search Domain Scan URL
Title: Iran*
Search URL Search Domain Scan URL
Title: Iraq (Mansour Bank)**
Search URL Search Domain Scan URL
Title: Jordan (HBTF Bank)**
Search URL Search Domain Scan URL
Title: Lebanon
Search URL Search Domain Scan URL
Title: Syria
Search URL Search Domain Scan URL
Title: Yemen
Search URL Search Domain Scan URL
Title: Download Mobile App
Search URL Search Domain Scan URL
Title: nternet Banking
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://qnbfinanas-tr.eu/
HTTP 301
https://qnbfinanas-tr.eu/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
32 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
qnbfinanas-tr.eu/ Redirect Chain
|
50 KB 50 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
magiclick.core.min.css
qnbfinanas-tr.eu/ |
503 KB 503 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
magiclick.min.css
qnbfinanas-tr.eu/ |
308 KB 308 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
notify-icon.png
qnbfinanas-tr.eu/_assets/img/ |
662 B 903 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.png
qnbfinanas-tr.eu/_assets/img/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
GalleryImage-Image-217-2x.vsf
www.qnbfinansbank.com/medium/ |
41 KB 41 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
GalleryImage-Image-215-2x.vsf
www.qnbfinansbank.com/medium/ |
144 KB 145 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
GalleryImage-Image-213-2x.vsf
www.qnbfinansbank.com/medium/ |
198 KB 199 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
GalleryImage-Image-214-2x.vsf
www.qnbfinansbank.com/medium/ |
128 KB 129 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
print.css
qnbfinanas-tr.eu/_assets/css/ |
6 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
GalleryImage-Image-218-2x.vsf
www.qnbfinansbank.com/medium/ |
145 KB 145 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
transparent.png
qnbfinanas-tr.eu/_assets/img/ |
95 B 335 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
magiclick.core.min.js
qnbfinanas-tr.eu/ |
551 KB 551 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
magiclick.en.min.js
qnbfinanas-tr.eu/ |
82 KB 82 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
LoanPayment.js
qnbfinanas-tr.eu/_assets/js/modules/Calculator/ |
24 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
header_belt.png
www.qnbfinansbank.com/_assets/img/ |
27 KB 27 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dotted-border.png
www.qnbfinansbank.com/_assets/img/ |
103 B 639 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
5-1-en.png
www.qnbfinansbank.com/_assets/img/ |
41 KB 42 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
5-2-en.png
www.qnbfinansbank.com/_assets/img/ |
18 KB 18 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
355865_2_0.woff2
www.qnbfinansbank.com/_assets/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
355865_1_0.woff2
www.qnbfinansbank.com/_assets/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
icomoon.ttf
www.qnbfinansbank.com/_assets/css/plugins/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Banner-SecondImage-86-webp.vsf
www.qnbfinansbank.com/medium/ |
58 KB 58 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
notifications
qnbfinanas-tr.eu/api/ |
334 B 534 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
GetBistEndexDataResponse
qnbfinanas-tr.eu/api/LoanCalculators/ |
361 B 561 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
icomoon.woff
www.qnbfinansbank.com/_assets/css/plugins/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
355865_1_0.woff
www.qnbfinansbank.com/_assets/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
355865_1_0.ttf
www.qnbfinansbank.com/_assets/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
355865_2_0.woff
www.qnbfinansbank.com/_assets/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
355865_2_0.ttf
www.qnbfinansbank.com/_assets/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Banner-SecondImage-93-webp.vsf
www.qnbfinansbank.com/medium/ |
1 KB 2 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Banner-FirstImage-93-webp.vsf
www.qnbfinansbank.com/medium/ |
36 KB 36 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.qnbfinansbank.com
- URL
- https://www.qnbfinansbank.com/_assets/fonts/355865_2_0.woff2
- Domain
- www.qnbfinansbank.com
- URL
- https://www.qnbfinansbank.com/_assets/fonts/355865_1_0.woff2
- Domain
- www.qnbfinansbank.com
- URL
- https://www.qnbfinansbank.com/_assets/css/plugins/fonts/icomoon.ttf?55u74g
- Domain
- www.qnbfinansbank.com
- URL
- https://www.qnbfinansbank.com/_assets/css/plugins/fonts/icomoon.woff?55u74g
- Domain
- www.qnbfinansbank.com
- URL
- https://www.qnbfinansbank.com/_assets/fonts/355865_1_0.woff
- Domain
- www.qnbfinansbank.com
- URL
- https://www.qnbfinansbank.com/_assets/fonts/355865_1_0.ttf
- Domain
- www.qnbfinansbank.com
- URL
- https://www.qnbfinansbank.com/_assets/fonts/355865_2_0.woff
- Domain
- www.qnbfinansbank.com
- URL
- https://www.qnbfinansbank.com/_assets/fonts/355865_2_0.ttf
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Finansbank (Banking)84 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask string| languegeRedirectionUrl object| Browser object| ieBrowser object| touchBrowser undefined| Form object| ajaxForm undefined| dataForm boolean| validForm object| fakewaffle boolean| isMobile boolean| isMobileRecourse object| McUtils function| $ function| jQuery function| _ function| moment function| Waypoint function| Inputmask object| lazySizesConfig object| lazySizes object| langChart object| jsResources object| QNB object| McDataLayer object| site object| Modules object| Calculator object| CalculatorLoanPayment object| $button object| $list object| $item object| $header object| $navigation object| $searchIcon object| $searchContainer object| $searchText object| $searchButton object| $searchcloseButton object| $overlay object| $Network object| $langItem object| $headerNavMain object| $headerNavMainItem object| $headerNavMenuItem object| $headerNavMenuItemLink object| $headerNavMainItemLink object| $headerNavMainSubmenu object| languegeRedirectionLink object| $menuButton object| $mobileMenu object| $mobileMenuItem object| $mobileMenuItemLink object| $cepSubeButton object| $finansSifreButton object| mobileSearchContainer object| mobilQnbNetwork object| $accordion object| $content object| $banner object| $cost_button object| $costClose_button object| opt string| currentTabIndex string| storedTabIndex object| el object| $reference_center object| $reference_center2 object| $big_dreams object| $campaigns object| $market_data_notice object| $market_data object| $owlCarousel object| $playpauseButton object| realtyBanner object| $pagenote object| $pagenotecontent object| $landing object| $landingItem object| $title object| _parent object| _self0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
qnbfinanas-tr.eu
www.qnbfinansbank.com
www.qnbfinansbank.com
62.108.64.36
93.157.63.191
05b227548d5fe6ea40aa6a901ccecec3dcb9850f61a42d8c8f26690a98bb39c5
0a98bd2b62bd98f38424eb1d787d9cd0e1e9a509fbf13b549f392b1c1e8f1011
0b677c270cb102aef3c6789432994f5536814ecae8be22dc155af962dc512583
12b24628c516a6d519a99141c00623455c4cb1df4a1f20cae8a28371143bd772
132be3305c8197cda8c56b8b0c50c950e7864800583974ea5228464a5699cb34
23c36382b1a81e7e27f9083821a2855cf15a3f872119bcb5b73290426cc61a52
26ad2d01d0fb0fde0fb637fe930da758e75a83515adc009af8684b3c5edab0c5
2c01fcf4c587cd936cbb0d4349b9fc88dd585023f7059ccc8264a4f10622cf7d
3379821919bd51f7ca25780399b66a995451c9f4177a945065b25d0537241c44
36b328bd2c26d0434f70e7b2e0b06f264afecc228a2a7d82fb1705fea3e4f307
39657d8581b3a98c67209ca13a94571529589ffbe9988d11d2357406f3ff801f
3c3955916e9fbe2929186cc939b9231ede8500be0a5cf45c5efda89e6e0f428c
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
456e67d55492a81307e70a619b1f07d7a12fb30711c069ff71f8ac61a6d190a1
52154d8dd73368f63acf94c71e9604c9acef54ee297dcfa28eb927aa8dc96705
54b856232738fa7069255d3538bf9816678e460f69ddf375d6d7e218f99aacd7
5f9d599087941763a8dfb5578bf2351f89f586d78806d8117309ac02ba0ce1a0
861705be517395af15f83b11b384e7ceaf1b50510436e80f4ff29fe641ca4bec
93a5fa9d47bf58288cafb8b60383027d3dfcdf7209be8b9ff840e96eb178090c
d5a50bbb960a6fb9af801179f8e2628f5b6ba9d575204de8845ee52d8472c80a
dbc7f4dd710b8481c65820dfc461883e61bb22966064050ebe27a2182139a1cf
e1d94035b1e4852ae3a0889323e643a114127b5c9829d69cff86b2d95eb5b22b
ee039dc656ae6eb3c5d826ff50f57181deb1f874e0daf87cf68a0f6a5e0f814b
f445f42323fd217a429fd3eaf389cf135e37d2631e2d7ca6cc48f3a70834c193