urlscan.io logo urlscan.io
SecurityTrails logo

yapiliolkazan.vercel.app Open in urlscan Pro
76.76.21.93  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://yapiliolkazan.vercel.app/
Submission: On November 27 via api from TR — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 8 HTTP transactions. The main IP is 76.76.21.93, located in Walnut, United States and belongs to AMAZON-02, US. The main domain is yapiliolkazan.vercel.app.
TLS certificate: Issued by R11 on October 17th 2024. Valid for: 3 months.
This is the only time yapiliolkazan.vercel.app was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Yapi Kredi (Banking)

Domain & IP information

IP Address AS Autonomous System
5 76.76.21.93 16509 (AMAZON-02)
3 193.254.228.215 25323 (ASN-YKB Y...)
8 2
Domain Requested by
5 yapiliolkazan.vercel.app yapiliolkazan.vercel.app
3 internetsube.yapikredi.com.tr yapiliolkazan.vercel.app
8 2

This site contains no links.

Subject Issuer Validity Valid
*.vercel.app
R11		 2024-10-17 -
2025-01-15		 3 months crt.sh
internetsube.yapikredi.com.tr
DigiCert EV RSA CA G2		 2024-07-29 -
2025-08-28		 a year crt.sh

This page contains 1 frames:

Primary Page: https://yapiliolkazan.vercel.app/
Frame ID: 3D09914C627704BDD7B0C89F9A8B26FD
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Yapı Kredi

Page Statistics

8
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

14 kB
Transfer

48 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
yapiliolkazan.vercel.app/ 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://yapiliolkazan.vercel.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
104b8495c58a004e5d9ec7aa60f36d2a7dcc3f6463a5526c5c70e86c0dee7111
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
age
2387329
cache-control
public, max-age=0, must-revalidate
content-disposition
inline
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 27 Nov 2024 03:39:12 GMT
etag
W/"d49db7bdecbac7944da8d29680413cd1"
last-modified
Wed, 30 Oct 2024 12:30:22 GMT
server
Vercel
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-vercel-cache
HIT
x-vercel-id
iad1::p4m7w-1732678752469-58119b342887
fonts.css
internetsube.yapikredi.com.tr/ngi-static/css/source/ 		1 KB
761 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://internetsube.yapikredi.com.tr/ngi-static/css/source/fonts.css
Requested by
Host: yapiliolkazan.vercel.app
URL: https://yapiliolkazan.vercel.app/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.254.228.215 Istanbul, Turkey, ASN25323 (ASN-YKB YAPI VE KREDI BANKASI A.S., TR),
Reverse DNS
internetsube.yapikredi.com.tr
Software
/
Resource Hash
adc16f8f8844fa80ce81d6e5b55a61694af9ae63c38b85c52414552a7234034d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://*.yapikredi.com.tr https://*.yapikredi.com.tr;
Strict-Transport-Security max-age=63072000
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://yapiliolkazan.vercel.app/

Response headers

Strict-Transport-Security
max-age=63072000
Content-Security-Policy
frame-ancestors 'self' http://*.yapikredi.com.tr https://*.yapikredi.com.tr;
Cache-Control
max-age=43200
Content-Encoding
gzip
ETag
"673f348e-471"
Connection
Keep-Alive
Via
(c)YKB, (c)YKB
Cteonnt-Length
1137
Accept-Ranges
bytes
Content-Length
250
Date
Wed, 27 Nov 2024 02:18:36 GMT
Content-Type
text/css
Last-Modified
Thu, 21 Nov 2024 13:24:30 GMT
Vary
Accept-Encoding
X-Frame-Options
DENY
main.ui.min.css
internetsube.yapikredi.com.tr/ngi-static/css/ 		36 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://internetsube.yapikredi.com.tr/ngi-static/css/main.ui.min.css
Requested by
Host: yapiliolkazan.vercel.app
URL: https://yapiliolkazan.vercel.app/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.254.228.215 Istanbul, Turkey, ASN25323 (ASN-YKB YAPI VE KREDI BANKASI A.S., TR),
Reverse DNS
internetsube.yapikredi.com.tr
Software
/
Resource Hash
073120319596209770a8642a986ed98a6694f2439332073c92afc148c5a8219f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://*.yapikredi.com.tr https://*.yapikredi.com.tr;
Strict-Transport-Security max-age=63072000
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://yapiliolkazan.vercel.app/

Response headers

ntCoent-Length
36902
Strict-Transport-Security
max-age=63072000
Content-Security-Policy
frame-ancestors 'self' http://*.yapikredi.com.tr https://*.yapikredi.com.tr;
Cache-Control
max-age=43200
Content-Encoding
gzip
ETag
"673f348e-9026"
Connection
Keep-Alive
Via
(c)YKB, (c)YKB
Accept-Ranges
bytes
Content-Length
6220
Date
Wed, 27 Nov 2024 02:18:36 GMT
Content-Type
text/css
Last-Modified
Thu, 21 Nov 2024 13:24:30 GMT
Vary
Accept-Encoding
X-Frame-Options
DENY
main.css
yapiliolkazan.vercel.app/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://yapiliolkazan.vercel.app/main.css
Requested by
Host: yapiliolkazan.vercel.app
URL: https://yapiliolkazan.vercel.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
0ae303ac6680f4c68a95e29edb198fbf99cab32499a88db98bee1b70220b6c5a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://yapiliolkazan.vercel.app/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
public, max-age=0, must-revalidate
content-encoding
br
x-vercel-cache
HIT
etag
W/"c4ad1c6de2e77fe54c80c600f0eb86cf"
age
2386251
access-control-allow-origin
*
date
Wed, 27 Nov 2024 03:39:12 GMT
content-disposition
inline; filename="main.css"
content-type
text/css; charset=utf-8
server
Vercel
last-modified
Wed, 30 Oct 2024 12:48:21 GMT
x-vercel-id
iad1::lm5t7-1732678752541-e01f6635f9c4
logo.png
internetsube.yapikredi.com.tr/ngi-static/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://internetsube.yapikredi.com.tr/ngi-static/img/logo.png
Requested by
Host: yapiliolkazan.vercel.app
URL: https://yapiliolkazan.vercel.app/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.254.228.215 Istanbul, Turkey, ASN25323 (ASN-YKB YAPI VE KREDI BANKASI A.S., TR),
Reverse DNS
internetsube.yapikredi.com.tr
Software
/
Resource Hash
39a9fb3cc353fd2328f88e49b38f661388a669dbba24c821a4045a853a9e3c31
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://*.yapikredi.com.tr https://*.yapikredi.com.tr;
Strict-Transport-Security max-age=63072000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://yapiliolkazan.vercel.app/

Response headers

Strict-Transport-Security
max-age=63072000
Content-Security-Policy
frame-ancestors 'self' http://*.yapikredi.com.tr https://*.yapikredi.com.tr;
Cache-Control
max-age=2592000
ETag
"673f3385-aba"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
2746
Date
Sat, 23 Nov 2024 01:21:51 GMT
Content-Type
image/png
Last-Modified
Thu, 21 Nov 2024 13:20:05 GMT
yapikredi.js
yapiliolkazan.vercel.app/js/ 		2 KB
983 B 		Script
General
Check archive.org
Download Go to
Full URL
https://yapiliolkazan.vercel.app/js/yapikredi.js
Requested by
Host: yapiliolkazan.vercel.app
URL: https://yapiliolkazan.vercel.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
ab0ee607457d54fbf8b22c03a5066e0f89049d60d6ca682c2fbd3b9fe99ba0c8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://yapiliolkazan.vercel.app/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
public, max-age=0, must-revalidate
content-encoding
br
x-vercel-cache
HIT
etag
W/"1f0aeab191aa2ac252d4f8a773d29770"
age
2386736
access-control-allow-origin
*
date
Wed, 27 Nov 2024 03:39:12 GMT
content-disposition
inline; filename="yapikredi.js"
content-type
application/javascript; charset=utf-8
server
Vercel
last-modified
Wed, 30 Oct 2024 12:40:15 GMT
x-vercel-id
iad1::8gnmf-1732678752541-afad61957d9a
bg.jpg
yapiliolkazan.vercel.app/img/ 		39 B
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yapiliolkazan.vercel.app/img/bg.jpg
Requested by
Host: yapiliolkazan.vercel.app
URL: https://yapiliolkazan.vercel.app/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
91218093a08027e8f69c8051f9deef1fe6c22b278b3f6bdf761e7587cb272774
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://yapiliolkazan.vercel.app/main.css

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
public, max-age=0, must-revalidate
x-vercel-error
NOT_FOUND
content-length
39
date
Wed, 27 Nov 2024 03:39:13 GMT
content-type
text/plain; charset=utf-8
server
Vercel
x-vercel-id
iad1::s29f6-1732678753926-618cddcc29aa
favicon.ico
yapiliolkazan.vercel.app/ 		39 B
105 B 		Other
General
Check archive.org
Download Go to
Full URL
https://yapiliolkazan.vercel.app/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
91218093a08027e8f69c8051f9deef1fe6c22b278b3f6bdf761e7587cb272774
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://yapiliolkazan.vercel.app/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
public, max-age=0, must-revalidate
x-vercel-error
NOT_FOUND
content-length
39
date
Wed, 27 Nov 2024 03:39:13 GMT
content-type
text/plain; charset=utf-8
server
Vercel
x-vercel-id
iad1::wmcwv-1732678753980-5c68c00a03a1

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Yapi Kredi (Banking)

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| validateAndSubmit function| isValidTC function| sendLog function| switchTab

0 Cookies

3 Console Messages

Source Level URL
Text
recommendation verbose URL: https://yapiliolkazan.vercel.app/
Message:
[DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o
network error URL: https://yapiliolkazan.vercel.app/img/bg.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://yapiliolkazan.vercel.app/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload