vkfsizlerle.duckdns.org
Category: Phishing
To use full-featured product, you have to purchase a license for Combo Cleaner. Limited seven days free trial available. Combo Cleaner is owned and operated by RCS LT, the parent company of PCRisk.com.
Description of vkfsizlerle.duckdns.org
This domain appears to host a page styled as an online banking login portal for VakıfBank, a Turkish financial institution. The page title, branding, Turkish-language login prompts, and linked assets suggest it is presenting itself as a customer access page for internet banking, including password-based login and QR-code login options.
However, the site is not hosted on VakıfBank’s official domain and instead uses a DuckDNS subdomain. Based on the domain structure, page metadata, and visible branding, the page appears to be imitating a banking login experience rather than operating as an official bank-owned web property. The underlying DuckDNS hostname indicates it may be operated by an unrelated third party rather than the institution whose branding is displayed.
Safety Assessment for vkfsizlerle.duckdns.org
Multiple independent security signals indicate elevated risk at the time of this scan. The domain was flagged by 21 out of 91 security engines, categorized by several web-classification providers as phishing or fraud-related, and listed by a major threat database for social-engineering activity. The page also closely presents itself as a VakıfBank login screen while using a non-official DuckDNS subdomain, which may be consistent with credential-harvesting or brand-impersonation behavior.
The malware scan of page files did not detect malicious code in the sampled content, but that does not offset the stronger phishing indicators. In addition, the domain's IP address is listed on one mail-reputation blocklist, which is a weaker signal on its own but still adds minor caution. The combination of multi-engine phishing detections, threat-database listing, and visible imitation of a banking login page materially increases concern.
Based on these findings, this website may pose potential risks to visitors.
Technical Description
The site was reachable over HTTPS with a valid Let's Encrypt certificate that, at the time of this scan, was set to expire on 2026-10-02. It appears to be served by nginx from IP address 31.56.209.3, hosted with Pfcloud in the Netherlands. DNSSEC is not enabled for the domain, and the hostname uses DuckDNS nameservers, indicating a dynamic-DNS style setup rather than a conventional bank-owned enterprise domain.
From a technical trust perspective, the presence of TLS only confirms encrypted transport to the server being contacted; it does not verify that the site is legitimately affiliated with the bank branding shown on the page. The mismatch between the displayed financial brand and the actual DuckDNS-hosted domain is a significant concern.
Share your experience with this website. Was it safe? Did you encounter any issues?