qnbfonline.com
Open in
urlscan Pro
51.68.185.252
Malicious Activity!
Public Scan
Submission: On April 17 via manual from QA — Scanned from FR
Summary
This is the only time qnbfonline.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Finansbank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 25 | 51.68.185.252 51.68.185.252 | 16276 (OVH) (OVH) | |
2 | 62.108.64.36 62.108.64.36 | 8831 (FINANSBAN...) (FINANSBANK Inkilap Mahallesi Dr. Fazil Kucuk Cad.) | |
29 | 3 |
ASN8831 (FINANSBANK Inkilap Mahallesi Dr. Fazil Kucuk Cad., TR)
PTR: dijitalkopru.org
www.qnbfinansbank.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
25 |
qnbfonline.com
1 redirects
qnbfonline.com |
2 MB |
2 |
qnbfinansbank.com
www.qnbfinansbank.com — Cisco Umbrella Rank: 430491 Failed |
151 KB |
29 | 2 |
Domain | Requested by | |
---|---|---|
25 | qnbfonline.com |
1 redirects
qnbfonline.com
|
2 | www.qnbfinansbank.com |
qnbfonline.com
|
29 | 2 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.qnbfinansbank.com GlobalSign RSA OV SSL CA 2018 |
2021-07-30 - 2022-08-31 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
http://qnbfonline.com/en/
Frame ID: 5CBA13AF05E04C80980E06EA1B94725C
Requests: 29 HTTP requests in this frame
Screenshot
Page Title
QNB Finansbank | Personal & Corporate BankingPage URL History Show full URLs
-
http://qnbfonline.com/en
HTTP 301
http://qnbfonline.com/en/ Page URL
Detected technologies
Microsoft ASP.NET (Web Frameworks) ExpandDetected patterns
- <input[^>]+name="__VIEWSTATE
Google Tag Manager (Tag Managers) Expand
Detected patterns
- <!-- (?:End )?Google Tag Manager -->
Page Statistics
36 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: Internet Banking
Search URL Search Domain Scan URL
Title: Digital Bridge
Search URL Search Domain Scan URL
Title: Egypt**
Search URL Search Domain Scan URL
Title: Libya*
Search URL Search Domain Scan URL
Title: Mauritania
Search URL Search Domain Scan URL
Title: South Sudan (Juba)
Search URL Search Domain Scan URL
Title: Sudan
Search URL Search Domain Scan URL
Title: Togo(Ecobank)**
Search URL Search Domain Scan URL
Title: Tunisia**
Search URL Search Domain Scan URL
Title: China**
Search URL Search Domain Scan URL
Title: Indonesia**
Search URL Search Domain Scan URL
Title: India
Search URL Search Domain Scan URL
Title: Myanmar*
Search URL Search Domain Scan URL
Title: Singapore
Search URL Search Domain Scan URL
Title: Vietnam*
Search URL Search Domain Scan URL
Title: France
Search URL Search Domain Scan URL
Title: Switzerland
Search URL Search Domain Scan URL
Title: United Kingdom
Search URL Search Domain Scan URL
Title: Qatar
Search URL Search Domain Scan URL
Title: KSA
Search URL Search Domain Scan URL
Title: Kuwait
Search URL Search Domain Scan URL
Title: Oman
Search URL Search Domain Scan URL
Title: UAE (CBI)**
Search URL Search Domain Scan URL
Title: Iran*
Search URL Search Domain Scan URL
Title: Iraq (Mansour Bank)**
Search URL Search Domain Scan URL
Title: Jordan (HBTF Bank)**
Search URL Search Domain Scan URL
Title: Lebanon
Search URL Search Domain Scan URL
Title: Syria
Search URL Search Domain Scan URL
Title: Yemen
Search URL Search Domain Scan URL
Title: Facebook
Search URL Search Domain Scan URL
Title: Twitter
Search URL Search Domain Scan URL
Title: Youtube
Search URL Search Domain Scan URL
Title: Instagram
Search URL Search Domain Scan URL
Title: Linkedin
Search URL Search Domain Scan URL
Title: Türkçe
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://qnbfonline.com/en
HTTP 301
http://qnbfonline.com/en/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
29 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
qnbfonline.com/en/ Redirect Chain
|
57 KB 57 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
355865_1_0.woff2
www.qnbfinansbank.com/_assets/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
355865_2_0.woff2
www.qnbfinansbank.com/_assets/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
icomoon.woff2
www.qnbfinansbank.com/_assets/css/plugins/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
magiclick.core.min893e.css
qnbfonline.com/ |
203 KB 204 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
magiclick.min7bf4.css
qnbfonline.com/ |
331 KB 331 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
notify-icon.png
qnbfonline.com/_assets/img/ |
662 B 976 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.png
qnbfonline.com/_assets/img/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gtm5445.html
qnbfonline.com/www.googletagmanager.com/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
print.css
qnbfonline.com/_assets/css/ |
6 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
qnb-first-en.png
qnbfonline.com/_assets/img/ |
66 KB 66 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
qnb-ar-en.png
qnbfonline.com/_assets/img/ |
57 KB 58 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
qnb-724-en.png
qnbfonline.com/_assets/img/ |
187 KB 187 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
qnb-cashloans-en.png
qnbfonline.com/_assets/img/ |
172 KB 172 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
GalleryImage-Image-300-2x.vsf
www.qnbfinansbank.com//medium/ |
123 KB 124 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
transparent.png
qnbfonline.com/_assets/img/ |
95 B 408 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
magiclick.core.minfc3f.js
qnbfonline.com/ |
678 KB 678 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
magiclick.en.min577f.js
qnbfonline.com/ |
97 KB 97 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
loanpayment.min.js
qnbfonline.com/ |
13 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
header_belt.png
qnbfonline.com/_assets/img/ |
27 KB 27 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
355865_2_0.woff2
qnbfonline.com/_assets/fonts/ |
55 KB 56 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
355865_1_0.woff2
qnbfonline.com/_assets/fonts/ |
55 KB 56 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icomoonf0c4.woff2
qnbfonline.com/_assets/css/plugins/fonts/ |
10 KB 10 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dotted-border.png
qnbfonline.com/_assets/img/ |
103 B 417 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
5-1-en.png
qnbfonline.com/_assets/img/ |
41 KB 42 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
5-2-en.png
qnbfonline.com/_assets/img/ |
18 KB 18 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Banner-SecondImage-381-webp.vsf
www.qnbfinansbank.com//medium/ |
27 KB 27 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
notifications
qnbfonline.com/api/ |
315 B 516 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
GetBistEndexDataResponse
qnbfonline.com/api/LoanCalculators/ |
315 B 516 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.qnbfinansbank.com
- URL
- https://www.qnbfinansbank.com/_assets/fonts/355865_1_0.woff2
- Domain
- www.qnbfinansbank.com
- URL
- https://www.qnbfinansbank.com/_assets/fonts/355865_2_0.woff2
- Domain
- www.qnbfinansbank.com
- URL
- https://www.qnbfinansbank.com/_assets/css/plugins/fonts/icomoon.woff2?wg7531
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Finansbank (Banking)98 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| structuredClone object| oncontextlost object| oncontextrestored object| dataLayer string| languegeRedirectionUrl object| Browser object| ieBrowser object| touchBrowser undefined| Form object| ajaxForm undefined| dataForm boolean| validForm object| fakewaffle boolean| isMobile boolean| isMobileRecourse object| McUtils function| $ function| jQuery function| _ function| moment function| Waypoint function| Inputmask object| lazySizesConfig object| lazySizes function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Isotope function| Masonry object| FooTable function| RateYo function| mustLetters function| convertToBool object| langChart object| jsResources object| QNB object| McDataLayer object| site object| Modules object| Calculator object| CalculatorLoanPayment object| $button object| $list object| $item object| $header object| $navigation object| $searchIcon object| $searchContainer object| $searchText object| $searchButton object| $searchcloseButton object| $overlay object| $Network object| $langItem object| $headerNavMain object| $headerNavMainItem object| $headerNavMenuItem object| $headerNavMenuItemLink object| $headerNavMainItemLink object| $headerNavMainSubmenu object| languegeRedirectionLink object| $menuButton object| $mobileMenu object| $mobileMenuItem object| $mobileMenuItemLink object| $cepSubeButton object| $finansSifreButton object| mobileSearchContainer object| mobilQnbNetwork object| $mobileOnlineTransactions object| $accordion object| $content object| $banner object| $cost_button object| $costClose_button object| opt string| currentTabIndex string| storedTabIndex object| el object| $reference_center object| $reference_center2 object| $big_dreams object| $campaigns object| $market_data_notice object| $market_data object| $owlCarousel object| $playpauseButton object| realtyBanner object| $pagenote object| $pagenotecontent object| $landing object| $landingItem object| $title object| _parent object| _self0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
12 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
qnbfonline.com
www.qnbfinansbank.com
www.qnbfinansbank.com
51.68.185.252
62.108.64.36
003fb623ca4d1cf9939b86ea95df6f07d20126c396be9050417feea2d326dac6
0d49b9eb8d9a1377d1ffdd1bdf5cc53856fdc3ed2928e467e997a3daea84208e
12b24628c516a6d519a99141c00623455c4cb1df4a1f20cae8a28371143bd772
1f79b77c59f93188451b759871002e414f6cf062e388b99ce2d2394a064a6a52
26ad2d01d0fb0fde0fb637fe930da758e75a83515adc009af8684b3c5edab0c5
2c01fcf4c587cd936cbb0d4349b9fc88dd585023f7059ccc8264a4f10622cf7d
3154a6e4a0cdbb6f0a195afe5ee68c918b823d190615de57e2b74d185bed9b61
39657d8581b3a98c67209ca13a94571529589ffbe9988d11d2357406f3ff801f
3c3955916e9fbe2929186cc939b9231ede8500be0a5cf45c5efda89e6e0f428c
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
4c303aaae539b4e146fa9bedaa63ed30b06b74c53df3ced2edff4ef666753c65
52154d8dd73368f63acf94c71e9604c9acef54ee297dcfa28eb927aa8dc96705
5ef0f4edaca62af880b59afd709162491cad859b9b39d707624808d25a182849
72c5a9864648e7fc757de445ac8e4c67682fa8748dec2ca849666153168e7c9f
764260de1f63e63e1ca6a1c4cc0849985fc75dfb1393776fda9fecf514ad7916
ac99aefc1b2dc2576a9ba195b0d41b091d1d08c10273f2336e6bdc137c0ddcbb
ad2d1cf300bf3a0a8ec1cee9f9ba098825a1f423c1006f208d46b403266f04d2
b729d88efc9b3e8d5f8cce01f0894da32a7abfff51eef6cacc0812dbfd5b0ae6
bd7373bf622701e84594c5d816c15d27473ac2f9e01421a7c74921870536d3d6
be195649067631c77b0afcc223840ab3959f54e6a634ae4a39dfdfcc2d355cd1
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
e1d94035b1e4852ae3a0889323e643a114127b5c9829d69cff86b2d95eb5b22b
e9c0ab3f9fbc4e00692193ed590463b6ee191247b901e445dcbd396f2d2f5b95
f9acde326cc0a3c8ee7b2a05a31b4635eb1507b4919c6d9ebc506f38c6f20f37