urlscan.io logo urlscan.io
SecurityTrails logo

yapiceptebasvurular.vercel.app Open in urlscan Pro
76.76.21.61  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://yapiceptebasvurular.vercel.app/
Submission: On November 25 via api from TR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 8 HTTP transactions. The main IP is 76.76.21.61, located in Walnut, United States and belongs to AMAZON-02, US. The main domain is yapiceptebasvurular.vercel.app.
TLS certificate: Issued by R11 on October 17th 2024. Valid for: 3 months.
This is the only time yapiceptebasvurular.vercel.app was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Yapi Kredi (Banking)

Domain & IP information

IP Address AS Autonomous System
5 76.76.21.61 16509 (AMAZON-02)
3 193.254.228.215 25323 (ASN-YKB Y...)
8 2
Domain Requested by
5 yapiceptebasvurular.vercel.app yapiceptebasvurular.vercel.app
3 internetsube.yapikredi.com.tr yapiceptebasvurular.vercel.app
8 2

This site contains no links.

Subject Issuer Validity Valid
*.vercel.app
R11		 2024-10-17 -
2025-01-15		 3 months crt.sh
internetsube.yapikredi.com.tr
DigiCert EV RSA CA G2		 2024-07-29 -
2025-08-28		 a year crt.sh

This page contains 1 frames:

Primary Page: https://yapiceptebasvurular.vercel.app/
Frame ID: F3AC8CE95A41806278B03AA93ED9C28C
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Yapı Kredi

Page Statistics

8
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

14 kB
Transfer

48 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
yapiceptebasvurular.vercel.app/ 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://yapiceptebasvurular.vercel.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.61 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
60f8ac5c26a829372cd95b281d7744851f8b6e9aaa77f3f76a36467aad2a93da
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
age
61360
cache-control
public, max-age=0, must-revalidate
content-disposition
inline
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 25 Nov 2024 09:20:55 GMT
etag
W/"c63f896347886fd2bafe69b8882bb186"
last-modified
Sun, 24 Nov 2024 16:18:14 GMT
server
Vercel
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-vercel-cache
HIT
x-vercel-id
fra1::r2kl5-1732526455143-9353dcd3206a
fonts.css
internetsube.yapikredi.com.tr/ngi-static/css/source/ 		1 KB
761 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://internetsube.yapikredi.com.tr/ngi-static/css/source/fonts.css
Requested by
Host: yapiceptebasvurular.vercel.app
URL: https://yapiceptebasvurular.vercel.app/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.254.228.215 Istanbul, Turkey, ASN25323 (ASN-YKB YAPI VE KREDI BANKASI A.S., TR),
Reverse DNS
internetsube.yapikredi.com.tr
Software
/
Resource Hash
adc16f8f8844fa80ce81d6e5b55a61694af9ae63c38b85c52414552a7234034d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://*.yapikredi.com.tr https://*.yapikredi.com.tr;
Strict-Transport-Security max-age=63072000
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://yapiceptebasvurular.vercel.app/

Response headers

Strict-Transport-Security
max-age=63072000
Content-Security-Policy
frame-ancestors 'self' http://*.yapikredi.com.tr https://*.yapikredi.com.tr;
Cache-Control
max-age=43200
Content-Encoding
gzip
ETag
"673f348e-471"
Connection
Keep-Alive
Via
(c)YKB, (c)YKB
Cteonnt-Length
1137
Accept-Ranges
bytes
Content-Length
250
Date
Mon, 25 Nov 2024 02:03:17 GMT
Content-Type
text/css
Last-Modified
Thu, 21 Nov 2024 13:24:30 GMT
Vary
Accept-Encoding
X-Frame-Options
DENY
main.ui.min.css
internetsube.yapikredi.com.tr/ngi-static/css/ 		36 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://internetsube.yapikredi.com.tr/ngi-static/css/main.ui.min.css
Requested by
Host: yapiceptebasvurular.vercel.app
URL: https://yapiceptebasvurular.vercel.app/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.254.228.215 Istanbul, Turkey, ASN25323 (ASN-YKB YAPI VE KREDI BANKASI A.S., TR),
Reverse DNS
internetsube.yapikredi.com.tr
Software
/
Resource Hash
073120319596209770a8642a986ed98a6694f2439332073c92afc148c5a8219f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://*.yapikredi.com.tr https://*.yapikredi.com.tr;
Strict-Transport-Security max-age=63072000
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://yapiceptebasvurular.vercel.app/

Response headers

ntCoent-Length
36902
Strict-Transport-Security
max-age=63072000
Content-Security-Policy
frame-ancestors 'self' http://*.yapikredi.com.tr https://*.yapikredi.com.tr;
Cache-Control
max-age=43200
Content-Encoding
gzip
ETag
"673f348e-9026"
Connection
Keep-Alive
Via
(c)YKB, (c)YKB
Accept-Ranges
bytes
Content-Length
6220
Date
Mon, 25 Nov 2024 02:03:17 GMT
Content-Type
text/css
Last-Modified
Thu, 21 Nov 2024 13:24:30 GMT
Vary
Accept-Encoding
X-Frame-Options
DENY
main.css
yapiceptebasvurular.vercel.app/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://yapiceptebasvurular.vercel.app/main.css
Requested by
Host: yapiceptebasvurular.vercel.app
URL: https://yapiceptebasvurular.vercel.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.61 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
0ae303ac6680f4c68a95e29edb198fbf99cab32499a88db98bee1b70220b6c5a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://yapiceptebasvurular.vercel.app/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
public, max-age=0, must-revalidate
content-encoding
br
x-vercel-cache
HIT
etag
W/"c4ad1c6de2e77fe54c80c600f0eb86cf"
age
53369
access-control-allow-origin
*
date
Mon, 25 Nov 2024 09:20:55 GMT
content-disposition
inline; filename="main.css"
content-type
text/css; charset=utf-8
server
Vercel
last-modified
Sun, 24 Nov 2024 16:18:13 GMT
x-vercel-id
fra1::s7vsm-1732526455186-bac02bdf04e0
logo.png
internetsube.yapikredi.com.tr/ngi-static/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://internetsube.yapikredi.com.tr/ngi-static/img/logo.png
Requested by
Host: yapiceptebasvurular.vercel.app
URL: https://yapiceptebasvurular.vercel.app/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.254.228.215 Istanbul, Turkey, ASN25323 (ASN-YKB YAPI VE KREDI BANKASI A.S., TR),
Reverse DNS
internetsube.yapikredi.com.tr
Software
/
Resource Hash
39a9fb3cc353fd2328f88e49b38f661388a669dbba24c821a4045a853a9e3c31
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://*.yapikredi.com.tr https://*.yapikredi.com.tr;
Strict-Transport-Security max-age=63072000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://yapiceptebasvurular.vercel.app/

Response headers

Strict-Transport-Security
max-age=63072000
Content-Security-Policy
frame-ancestors 'self' http://*.yapikredi.com.tr https://*.yapikredi.com.tr;
Cache-Control
max-age=2592000
ETag
"673f3385-aba"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
2746
Date
Sat, 23 Nov 2024 01:21:51 GMT
Content-Type
image/png
Last-Modified
Thu, 21 Nov 2024 13:20:05 GMT
yapikredi.js
yapiceptebasvurular.vercel.app/js/ 		2 KB
982 B 		Script
General
Check archive.org
Download Go to
Full URL
https://yapiceptebasvurular.vercel.app/js/yapikredi.js
Requested by
Host: yapiceptebasvurular.vercel.app
URL: https://yapiceptebasvurular.vercel.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.61 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
6b38e16021e668c4cb6d62c7ffd3566c6659997824f45db1809134c2165f0966
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://yapiceptebasvurular.vercel.app/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
public, max-age=0, must-revalidate
content-encoding
br
x-vercel-cache
HIT
etag
W/"b6f5e79b1c037c2c20a0c7c0eadd3cb1"
age
42032
access-control-allow-origin
*
date
Mon, 25 Nov 2024 09:20:55 GMT
content-disposition
inline; filename="yapikredi.js"
content-type
application/javascript; charset=utf-8
server
Vercel
last-modified
Sun, 24 Nov 2024 16:18:15 GMT
x-vercel-id
fra1::lb84w-1732526455186-30817caf57ca
bg.jpg
yapiceptebasvurular.vercel.app/img/ 		39 B
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yapiceptebasvurular.vercel.app/img/bg.jpg
Requested by
Host: yapiceptebasvurular.vercel.app
URL: https://yapiceptebasvurular.vercel.app/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.61 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
91218093a08027e8f69c8051f9deef1fe6c22b278b3f6bdf761e7587cb272774
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://yapiceptebasvurular.vercel.app/main.css

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
public, max-age=0, must-revalidate
x-vercel-error
NOT_FOUND
content-length
39
date
Mon, 25 Nov 2024 09:20:55 GMT
content-type
text/plain; charset=utf-8
server
Vercel
x-vercel-id
fra1::s7vsm-1732526455521-cd292c74d759
favicon.ico
yapiceptebasvurular.vercel.app/ 		39 B
105 B 		Other
General
Check archive.org
Download Go to
Full URL
https://yapiceptebasvurular.vercel.app/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.61 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
91218093a08027e8f69c8051f9deef1fe6c22b278b3f6bdf761e7587cb272774
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://yapiceptebasvurular.vercel.app/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
public, max-age=0, must-revalidate
x-vercel-error
NOT_FOUND
content-length
39
date
Mon, 25 Nov 2024 09:20:55 GMT
content-type
text/plain; charset=utf-8
server
Vercel
x-vercel-id
fra1::m2x8k-1732526455552-56bd07b65a4e

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Yapi Kredi (Banking)

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| validateAndSubmit function| isValidTC function| sendLog function| switchTab

0 Cookies

3 Console Messages

Source Level URL
Text
recommendation verbose URL: https://yapiceptebasvurular.vercel.app/
Message:
[DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o
network error URL: https://yapiceptebasvurular.vercel.app/img/bg.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://yapiceptebasvurular.vercel.app/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload