{"report_id":"010dc89c-6da2-45f5-962b-5f1a5ea0f67f","version":6,"status":"done","tags":[],"date":"2026-04-23T13:17:56Z","url":{"schema":"http","addr":"m.gallabet1075.com","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"172.67.148.253","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"m.gallabet1075.com/tr/","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"title":"Galabet Güvenilir Casino\u0026Bahis Sitesi","dom":{"size":1479,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (443)","md5":"11d35a1d8e21c28794897672a11578ae","sha1":"f641994bf3275432c5a0d92d54d46cdb0f58a576","sha256":"6565d566e083c41ab4daf6f8c5a9092f45174d014f79ff9dcb7e83cd05a6be7d","sha512":"0e6be599bffc577a05ac0bce18436782edc40a8cd3e4a6c53845f18eb243b6ab7f0f8e67e503e1d28fc7e6e108bb4809bb815286116014b8a8b3310616625ff4","ssdeep":"","tlshash":"3431aba3e38f644d7201c12c54f1f2bc5e3ea15cb7029e35bc31b7736b8da8654a2955","dom_hash":"domhash003fb3f0de8126b803198d4c3d676989","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"m.gallabet1075.com","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"172.67.148.253","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-28T13:17:56Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":24}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"go-cms.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"go-cms.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"go-cms.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"go-cms.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"icons.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"icons.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"icons.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"icons.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"eu-swarm-newm.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"eu-swarm-newm.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"eu-swarm-newm.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"eu-swarm-newm.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"dataspot-bucket.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"dataspot-bucket.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"dataspot-bucket.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"dataspot-bucket.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"dataspot-int-bucket.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"dataspot-int-bucket.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"dataspot-int-bucket.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"dataspot-int-bucket.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null},"summary":[{"fqdn":"dataspot-bucket.gallabet1075.com","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":8,"request_count":2,"received_data":906,"sent_data":932,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"geoapi.30btcoservice.com","ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"domain_registered":"2026-01-26","domain_rank":0,"first_seen":"2026-04-21T12:24:34.195611Z","last_seen":"2026-04-21T12:24:34.195611Z","alert_count":0,"request_count":2,"received_data":2350,"sent_data":946,"comment":"","tags":null,"fingerprints":[{"name":"PHP:7.3.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}]},{"fqdn":"dataspot-int-bucket.gallabet1075.com","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":4,"request_count":1,"received_data":453,"sent_data":470,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"vsb18.tawk.to","ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":981621,"first_seen":"2020-04-04T09:57:28Z","last_seen":"2026-04-18T02:32:25.899344Z","alert_count":0,"request_count":1,"received_data":417,"sent_data":1082,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"va.tawk.to","ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":51316,"first_seen":"2017-01-30T04:20:46Z","last_seen":"2026-04-20T10:33:37.574412Z","alert_count":0,"request_count":3,"received_data":5953,"sent_data":1571,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"m.gallabet1075.com","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":804,"request_count":201,"received_data":7306092,"sent_data":109117,"comment":"","tags":null,"fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"embed.tawk.to","ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":52083,"first_seen":"2014-03-19T21:03:49Z","last_seen":"2026-04-20T04:17:10.076946Z","alert_count":0,"request_count":22,"received_data":1150220,"sent_data":10109,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"go-cms.gallabet1075.com","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":36,"request_count":9,"received_data":54350,"sent_data":4994,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}]},{"fqdn":"02503637-3458-4264-a556-a663e82c28cb.snippet.anjcdn.org","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2025-08-28","domain_rank":0,"first_seen":"2026-02-04T12:39:13.107167Z","last_seen":"2026-04-21T12:24:36.081245Z","alert_count":0,"request_count":2,"received_data":0,"sent_data":1182,"comment":"","tags":null,"fingerprints":null},{"fqdn":"galabet.winwingames.io","ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-08-15","domain_rank":0,"first_seen":"2026-01-16T16:03:38.346691Z","last_seen":"2026-04-21T12:24:35.934459Z","alert_count":0,"request_count":5,"received_data":58123,"sent_data":2351,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"explorer-api.walletconnect.com","ip":{"addr":"104.20.35.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-12-19","domain_rank":466611,"first_seen":"2022-10-10T18:16:28Z","last_seen":"2026-04-18T13:35:36.383876Z","alert_count":0,"request_count":8,"received_data":463714,"sent_data":5106,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"cdn.","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2015-12-18T18:55:23Z","last_seen":"2026-04-09T02:07:13.118836Z","alert_count":0,"request_count":1,"received_data":0,"sent_data":407,"comment":"","tags":null,"fingerprints":null},{"fqdn":"crm-lib.fasttrack-solutions.com","ip":{"addr":"104.26.4.72","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2016-01-28","domain_rank":1905587,"first_seen":"2019-02-04T20:13:24Z","last_seen":"2026-04-17T00:46:59.456821Z","alert_count":0,"request_count":5,"received_data":2968073,"sent_data":2439,"comment":"","tags":null,"fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"icons.gallabet1075.com","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":12,"request_count":3,"received_data":213961,"sent_data":1510,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"static.blocked-domain.invalid","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-04-23T13:18:05.8073Z","last_seen":"2026-04-23T13:18:05.8073Z","alert_count":0,"request_count":2,"received_data":0,"sent_data":1028,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.googleapis.com","ip":{"addr":"172.217.19.234","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-04-19T22:20:23.925162Z","alert_count":0,"request_count":2,"received_data":5296,"sent_data":931,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"eu-swarm-newm.gallabet1075.com","ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":4,"request_count":1,"received_data":1445,"sent_data":571,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}]},{"fqdn":"www.blocked-domain.invalid","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-04-23T13:18:05.821244Z","last_seen":"2026-04-23T13:18:05.821244Z","alert_count":0,"request_count":2,"received_data":0,"sent_data":922,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/index.769yoiwx2cdm.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"b91c8b135f17b3670718a017fcdb3c90","sha1":"14bf0d508e6bc0f79a09e645be9e75a88c39e66a","sha256":"bdd852c0015c888ee1109a9d941e1678fcb4a86ccbb3972e8b667f11c6a1ba93","sha512":"4aaa6df6b29bf82325ac3ec103c4f3304ee8b1de4ca29a5ef0a64c1f73e1fd9a8f4f32b0acdf42698fd8fedb0453134496543d1c5dcc9dceb8f430f284da634a","ssdeep":"192:gtqC7TOEkpEIjIcteLw9RND+J653Qzo+FG11/gvz/g4UciIV:gtqC7bctR9RNW7grgzQciIV","tlshash":"ddf1d7a0f6b188fc13e6338531fe8f4074e9211a780e0455a93c8fb42be5ccb2552b72","size":7529,"data":"","first_seen":"2026-04-23T13:18:15.364876Z","last_seen":"2026-04-23T13:40:26.036238Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/firebase-messaging-sw.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"44b92a7d10cb0970ced5798c2eb1b8ac","sha1":"819f60615624f025d1256efc408d8e576a909c7b","sha256":"a87215bfd90d96fb55335ce2b2411f38074588149c9e896505cb10b250e17e1e","sha512":"75c55da9e8afbd96b6219292c91fb88e01c15d20bafc974028763227220aa042f4b761895d44b0394baae53c225e9b0c109d2eca333aad6b382951a60448e8fe","ssdeep":"","tlshash":"5121cb124be2f8231e4104c7679f32186e290d2507b0f1de61bf56b86b0a57b206bbc5","size":1125,"data":"","first_seen":"2025-12-24T22:39:16.149326Z","last_seen":"2026-04-23T13:40:25.963691Z","times_seen":56,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69e6f4c07ce/js/twk-vendor.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"3b341e35b39f6195793ecaf5db7c1d63","sha1":"3ef56ed9ac8bfbf5347dc4592653703f59763083","sha256":"548669d6434f5204dca25b9a6f8a02f63301b8c1b58a717b91fec8b6c2918305","sha512":"6b222121b74ffeabd4de7b69f354ad25283d0989376e8e3f6d97f829e28175291eab0a535ca77c22d3f65595250ad9ad3909525c2eb74bf9783f4955c3d7cde2","ssdeep":"768:kURUFvX9zXAfE4dm9+fuDosXRfMySUHM1ONdYO31hY6d/o6cyO4fefHvSAW64F:kURUZXGfzd1uU+8ODY6JORfHBWJF","tlshash":"b483e6dcb295b57117ab20b5417f050bf33a7815a80ac0a4f266f4da7c7848ea06bf7d","size":82913,"data":"","first_seen":"2024-03-08T05:46:53Z","last_seen":"2026-04-23T17:39:21.185574Z","times_seen":50981,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/AppSettingsButton-VpAExZZO.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2b10a9d03e1e17e641edf61e60ea544d","sha1":"21b9c8821975babf963be8d0f702debaeb5e5209","sha256":"aac5cdff48e2bb77a4163e864d943dca18c8a1d3c9415d6f94e1f97baa73f860","sha512":"9ec0a37867716d6efe94a08e7b9034157730ffda234ddfa64318b8ed73e741baca6c71aa48b0cbe524150f58cead6d70b9a60ae3b10e7fc3f88b29f4f2a78418","ssdeep":"","tlshash":"c3e0c08b9192d3fe13e22ee2c51fc6057e566c38c7459a4140bc50a137b4196818ff6f","size":385,"data":"","first_seen":"2026-04-21T12:24:48.935309Z","last_seen":"2026-04-23T13:21:42.10783Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/userJWE-CerqSAJV.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"6bfddb48b2778d704fd45ab163c323d0","sha1":"c7076e4f86f6f67894ace0e0d52089ca2688bf50","sha256":"b2bcbb09422f18e8c1958ba892073a808a3a1d889f77ccca9839773ce2396d21","sha512":"dcfe4a77850260272afba1cd0d9ff1115f6f12b414f7a2c447dd8ae08541eb6fea5abee46983f8c7fe0e5fc5b0ae25682f8dbbb8ac77e8ac1fd71f438aa6f061","ssdeep":"","tlshash":"0bc022db088411f785582c501005dc52827039146298d3415a1883aa6a6100bb10ce14","size":193,"data":"","first_seen":"2026-04-21T12:24:48.900566Z","last_seen":"2026-04-23T13:21:42.181921Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69e6f4c07ce/js/twk-chunk-common.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ef55c2917fa4b612d40fa52cb9b37853","sha1":"548208300127646c9b1c4fdbd48f339529085cc8","sha256":"c98465427daa15ca6b0fd2babd8a0589f0e572a919ca414e6feed77469db117e","sha512":"085155ed16045df9fc364d150b803ee63ebf9e50a4f0c7a26ed9b8fd0588702237320fe15a0fd4ec0bac12307303872abb39f089e0da4648979517beb0a75d00","ssdeep":"3072:tiEIYgAYqhzhT9dyWFW1WfifM4AOqMxzjQi4IzxLMz9YZ15:tXyWFW1WKfM4A0xvZLMz9615","tlshash":"c634c69df186b47606a37130501f320af23a685ab45ac4d4f636d8e1bd789cea133f79","size":241661,"data":"","first_seen":"2026-04-21T04:02:24.315761Z","last_seen":"2026-04-23T17:55:40.617896Z","times_seen":772,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/___vite-browser-external_commonjs-proxy-CCjIxWCC.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"2c191b46b99e357a939a4a4b8c773c12","sha1":"3401415118bc2649e837edea0005ce70f99322bb","sha256":"b1497fa9daa91f85ecf7c57cf8615ded12e1e9667f07ab065133e14c39ded42f","sha512":"ae2b121ade5f07d63432308f0f51921ac0f6193b09dea272a3e61c220fa810ff129ba67ea1215e89b0e0ee9ba71b8f32f5662d705659a7879a90e94ae9fd0bb2","ssdeep":"","tlshash":"f9c080451654dcf462571d838619d801d54c4d6d73f4f9d0bb0c8d51021559b627df57","size":178,"data":"","first_seen":"2026-04-21T12:24:48.947675Z","last_seen":"2026-04-23T13:21:42.199489Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/index-BiQikUyv.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"deb2bc343aa9a8d846a7425f8c723fdc","sha1":"fa5405df41e25a937a2df828f36e23a4be4cec0a","sha256":"f59f3c1f99a2af0128f4abb905678beb0dc8ef050bf11842a92ab7b6c55af7d6","sha512":"9f325203abd96b66d92c6d748fcd9e1d0e89acc9c31b0486543c3fe5a4d62eb4c3e7b11e4ded953357f1c8d85f9c9c3803cf15a4c142923442293b470fb12f2c","ssdeep":"384:pMci40qXFFnJImIjE3QEuAOY2E0/JqNPR3OUFxmZ1d33PdEkBcxJW:pMci408FFnJrIjE3D/OY2E0xqpc1NKkD","tlshash":"0d820ad0e2b4f7a642e86add80392074f2258c28343dd0f1b6b6ede970664cac56dd37","size":18027,"data":"","first_seen":"2026-04-21T12:24:48.908249Z","last_seen":"2026-04-23T13:21:42.179333Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"galabet.winwingames.io/","fqdn":"galabet.winwingames.io","domain":"winwingames.io","tld":"io"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"8d894772cc8ebc08c554e305272fb743","sha1":"9630696cfb8fb02d834b6c2d590ebecc9e4c1971","sha256":"8822f04d16fcc6ebe390ead32df5d08238c7c383f466f401ebd9d235d32f434f","sha512":"20c22c322a8e6d0cee22113e4bdef0fd06e8b21ab65665bf648a3dcbe3857fad121cce2043bc46551247f2f88af76efcbc8f3ba5053a820439d0383342fa0728","ssdeep":"","tlshash":"5e511f3506b31521036b206c3babe316b23ad2433548f5457e9d93015f45f79d9b2bde","size":2492,"data":"","first_seen":"2026-02-24T14:23:51.4869Z","last_seen":"2026-04-23T13:40:26.102256Z","times_seen":37,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/withPanelButton-CZMGiM-x.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"f4d15b1bfd3e75dde9577068cfe0fd2d","sha1":"77654457476f7caf254ef7bb2b5f00f7ceb41661","sha256":"ce48c81643016988a5bd0dd25411546e92cb88e93a881fbb28be7e848fdd93f0","sha512":"e412e91e3edc4c462aebcb09787ab705a6681ee081ed314be4347d7952e6e2e26237e5a46b93a69a00da19a53ec04c4684986be9a6db16e56d8d61d66eae2a78","ssdeep":"","tlshash":"d21112f4f580a9b2f4c41088577b2cb6319f32cadce1049021b6c8e91ff9448965e9af","size":1089,"data":"","first_seen":"2026-04-21T12:24:48.867057Z","last_seen":"2026-04-23T13:21:42.140256Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/Firebase-CifH36fp.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"d23df4ffc78896569b07187cf4a48d32","sha1":"e273ad423a635ff19510aaa37ac6463bb6c1a27e","sha256":"e25409253f5c5bc35aec45ef960561be1d9c89c60bfde100b52a181bc11c0e18","sha512":"f636a22cab13b3cbc6ef726f2561a4e2f15526b44fb3f07a97e1109ef0013af95d9ab3167b6328523599f7f106c36634ffd2548d1c454c4892dab846dc5c093b","ssdeep":"1536:H4B1ZtLG0w0MlRdcuwMU51uxIZOLphF4yslNmuICMmWJRvebilqVotWL8Avw+u7h:Hs1ZtLG0w0MlRdcuwMU51uxIZOLzF4yv","tlshash":"cc83957d7a922a3317d189ab792f50cbb319c64d390f8394741ec0e91e3e45a45faeb0","size":84095,"data":"","first_seen":"2026-04-21T12:24:48.879237Z","last_seen":"2026-04-23T13:21:42.200059Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/tr-BJOLX3p9.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"848dac39aeadc83e3e3db257768fc109","sha1":"70882ae65034895049706536f339a84a05a38681","sha256":"4f7f017d03e2ca9f07d08eca3090c1bdff99623e91bb0e5dbb1f63be1f4456ab","sha512":"558018a24b150f92bbfaec01d53da786ffcacc01f08edeb4e434a13c6fcb2249a6bbbe058ddfb9295247187fe024ee8fd2e00ec5f5979fc2692fd2d1840aef04","ssdeep":"","tlshash":"9a31728d2946ebf28b011887cc2f4f04f81c2a187035f6605ba0c461ba709ee807ef3d","size":1459,"data":"","first_seen":"2026-04-21T12:24:49.066623Z","last_seen":"2026-04-23T13:21:42.206211Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/index-BEZjG7h8.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"51389aaba7e6ebbdd63dffdbae5bdc90","sha1":"e796b04617f2796b15630785ea1c29a781a858c2","sha256":"70ba85f8e51bb3ad5fe0dde119467afc4d5d3a30926146a6c6003cc10b33ff13","sha512":"ad79ee119859aa7849228f8dda55d8f25d5313cbd372b9af8c921ee5158e489eee7a76e9069b82de1b90fbcfc8c085cd266a77177761d9a3e734d4920fa2e2b4","ssdeep":"6144:2feL9y0h4R78o8e4Y0IALoh6wj9Sd51jjVvFa7IRcDGRD6On:2mJy0h4R78o8e4YB/j9e5xa7IFROQ","tlshash":"43240ac4b274b0b556e59494502b1201f1347c56b00d80e8b6bd9dff7faa88d92eef3a","size":221144,"data":"","first_seen":"2026-04-21T12:24:48.855058Z","last_seen":"2026-04-23T13:21:42.152893Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/index-DNoJruNH.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"7dcd3c17ffec3af71ab56d113ac4c8ba","sha1":"8091491c5770791fa28e7aef0aeda85aec3a387a","sha256":"7acab49a2e3d824dc194d2eee3402945bddcbf42026240627ca8d9ddd108bc23","sha512":"c01ccf0217c328b24597c1092795b3bc4730b84cc7fb72d2779cf10fbf90b5510d4c0ee622ef7009a10b4dbf7b185450b9e45bf6af4399a77a07e64fda5658d2","ssdeep":"96:z1SftCFV7h7FHpokS73s91v2InwLRiTCHUgAaQKFu0FdWpA6u6PEDdxrOq+IHv2E:2+kiOHva0FdIuSEDdxP+Y2j8Eu","tlshash":"56c1b75631906530c6d344a6914f42aeef3e6638f00f50a0b23f9c6d3ba1515d6a3ebd","size":5948,"data":"","first_seen":"2026-04-21T12:24:49.074623Z","last_seen":"2026-04-23T13:21:42.22463Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"galabet.winwingames.io/anjou-js-proxy?seal=02503637-3458-4264-a556-a663e82c28cb\u0026domain=m.gallabet1075.com\u0026t=1776950255182","fqdn":"galabet.winwingames.io","domain":"winwingames.io","tld":"io"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"007c145028306eabb4a2555a0a82c1fa","sha1":"8bdfff8161632ad451ff7240a5f33570f00dc09c","sha256":"cf8aeb24cdb79c796c17f32df387a0c5bd67eb77f7cae228529b434105c2e1a2","sha512":"ab45a927a69b94ff8caa3fb8297c157cdf7c94b5929011cf682b76db8f60d3d1ad66d2eaff9ea1b4d36837a21400250f538ba8bb0f0a534ed798a0da1cdd3d22","ssdeep":"","tlshash":"5d5188ca7ee441e933bbf5ab696b20ecd23b64c737d14899773444a07b00e34ea96135","size":2929,"data":"","first_seen":"2026-04-23T13:18:15.355847Z","last_seen":"2026-04-23T13:21:42.210368Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"crm-lib.fasttrack-solutions.com/lib/js/fasttrack-crm-app.js?v=bc48296","fqdn":"crm-lib.fasttrack-solutions.com","domain":"fasttrack-solutions.com","tld":"com"},"ip":{"addr":"104.26.4.72","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"7dbbe1a7d40a4a855e0411c1a19652de","sha1":"c5af0f3dee6aacfb1b2cf8ad41c734f8039bb3a0","sha256":"7370b77a09553209c1fba44947bd713c2f8d842a282e296200398c4dd4c7afb6","sha512":"dc2ff9d25cc20706eb4719c0fdebc53267e7649d8a0d42b76d6a6eb96c4f0ff08b604fd2aff94db12a629bc08ba6507bb8a34cec6dd59bb42dbc5e002ce921ff","ssdeep":"768:HPZ1UbN3aQe+roEuPT38WwK6PhWv0Kh4y6QewkNzy2mh+slc38kCVoO4kB:vZObNKQe+UJPwHQe81h+slcCVo2B","tlshash":"1e73b78db1d2bae94df32021535b3604f23b1974542bd484f7acedd52928b0be227b6d","size":75126,"data":"","first_seen":"2026-04-17T00:47:10.101067Z","last_seen":"2026-04-23T13:40:26.026675Z","times_seen":16,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69e6f4c07ce/js/twk-chunk-2d0c8092.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"8e1fd56881e603bfea6cc93c10b24bc6","sha1":"faad055fe1c9f8973ee196f6f2516b5330da3eb4","sha256":"b633712a574025a2652d96a1661f7df6f46d1d078e91afe33bf807b67d8eea1b","sha512":"8f806f63b4b03f201b864bdd05c93bcdf03295f77c698f4f78c5bcbbafc01e56cd440eadcae08f880c9c23ef4792cade6f4bcbb4d6a1ca630f3d8f674c364fdf","ssdeep":"96:zNC9Hqt7pEma7hY/rcKAJBPDRIv6hJQ7i16p3n4vkjvxQcsD:zKHhNYKLRIvgx43nVY","tlshash":"e1b1859af247b456c156225150ef3b1df33a281ca61ccdc4a66965f218784cba077b39","size":5261,"data":"","first_seen":"2026-04-21T04:02:24.321466Z","last_seen":"2026-04-23T17:55:40.603243Z","times_seen":694,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69e6f4c07ce/js/twk-chunk-vendors.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"585323c7107bc10410961b74e1c9e4e6","sha1":"3cdb46391a560121b5e594ec3fcd8520e1c14a9e","sha256":"61fd6d8e0505ae224718e61791fb4358222c0b577e69391a0f780da30b08b9cb","sha512":"e267e688fc348acd1200f0c467613110078776e47b9aefe93ee57a22d62ca0cd3eca3caa5e5e97ea65a512f7e45281d82a07ece1225cd2b32dc6bdf52e74ff58","ssdeep":"3072:2u82gJcBg7MO79bp9t0fFA+1/hnWwet/NoZmg55+5Ar6VKkOPGWS:jzicBg7MOpWK+1ZWweBNo4++5Ar6k+WS","tlshash":"9d744cc8f193b0b946e2a2a5009f5207737b052968e88494f574dfe968e8d5c637bf3c","size":348599,"data":"","first_seen":"2026-04-21T04:02:24.325062Z","last_seen":"2026-04-23T17:55:40.631608Z","times_seen":772,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/GoogleAnalyticsTracking-KNUPbQw3.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"55bab6325a5888c90cb320027d1f1674","sha1":"f4b5521240341ca8b7868c02ca44d6e52c4bfa01","sha256":"0e621617c4fad30c06041e2a9753a330e3afb517dc0121e2885ac32d6280f48b","sha512":"568e913d1d6e906d1e67c4c9fc922f7dc21af1761e839c4e0fcfc49baa2b3c88701169d96af31c89021f9c32e8fda6c2e60081c1995c7c2128aba5c71994957d","ssdeep":"192:QWYceR0SE+m/CTb3bHXCT76hYMGE0VK7D6L7kBNrnPsh52tJz2PM7mBE:xYcoE/CzClEP3BkS2PdBE","tlshash":"e552b55c32adb0b682df6054587f720bf1755910a458f480a275edf46ef8cae02abf36","size":13706,"data":"","first_seen":"2026-04-23T13:18:15.267749Z","last_seen":"2026-04-23T13:21:42.132957Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/67f6eba3c3ea8019132be7be/1ioe8gtih","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"3653212a9a168e28e23f7a0ff982e6e9","sha1":"3c886b5155bba5096d5b7b08e368e6efd7fa6e64","sha256":"9f36dd77f4bb4fbe3b56979cae0b0357c113512c3dc73c58987d2a597cb8a163","sha512":"a123769ab073b6d06d72b4593c7becd151cb13b5aaecbfc593910b87ef284a1ce16fa1808cc0db425bb631e96427d6fa3b8c12637ca6df5e5e11672de676197f","ssdeep":"","tlshash":"9c41dfe35b4f1c56926410e90ebfbd4fb87a60da46e8ec924708081277596ad2b8dd28","size":2123,"data":"","first_seen":"2026-04-23T13:18:15.3848Z","last_seen":"2026-04-23T13:40:25.967697Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/InternalDataspotTracking-ByS_Jx8a.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"3ff30fc004e44de041a044c35fc2b56e","sha1":"57f366335ccaa3a2fe8cc7f65fd4b345f2dd52d4","sha256":"b95ded52ff9ae61ef4cfe8b4f42da2fe291b68c55a516c1d7ab64a2d6f811a3c","sha512":"627a1ca75e980988dd8ddf3a5999e08dd02348f3d236f2e95c727cfe58ef95499fbe8499bb51ced9574f0f029d52163a1442cd62f3cb835385a4cd1cc5896587","ssdeep":"96:04W8ZUCVtfzEr2Cv7CvXvqvxGr9qCtz2T7TGgZQ1bZfQ41+pnys9OtmksEZRtifD:04W8ZUCVtLErNvuvXvqvxGZpFCHVkdYt","tlshash":"1ca1740fc83c04747051d5dd587796abc2bc7c9a91c0c8f0a03b9e6a521ad09dbf6ea7","size":4865,"data":"","first_seen":"2026-04-21T12:24:48.861306Z","last_seen":"2026-04-23T13:21:42.112089Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/FavoriteGamesButton-Bt6bZ8ts.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"aeb81ac9f4671bd1d0a591aab0baaa5b","sha1":"f2056b313243905dbc9f28e6abc82a26651cb55b","sha256":"91dff9e0118d29a63161b6cf594b615ef2cae5aae3c81301d5c0a669cb1cdf48","sha512":"7beb316d344587f55f7f855735a549295f1863371fb579fd4c6eba64a34488731cef2ac850bca53dfc3bdf9c23f8c19c482f97be437c9bfa952d02f5cce415a2","ssdeep":"","tlshash":"cfe0a34ad049d2f927431ea05517c4242426a47cd758e590409e04643a71466854ee6f","size":427,"data":"","first_seen":"2026-04-21T12:24:48.868475Z","last_seen":"2026-04-23T13:21:42.082172Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/LiveChatAdviser-Bp3CTXDT.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"800b5c6e1bdead95b25d98cf6c0cf4c7","sha1":"c942a5b28990f674f7453d1ac046dd0314c7db60","sha256":"1ed6f531cd6a3bf87def4a9ae8274512bdc3fe802326da9b35a7fd4efb605ca5","sha512":"f042335bc7a0f05f9dc94e0c8dbd22136a6bb7c71797394211f5f2b99a8ee66a9bd1baf93f607b8021a509ee1f063d2629961a9f3f7f8923188cafb3dffd8327","ssdeep":"","tlshash":"b01152d5f0c2e3fd6667284dc79e2443300a4fa4c23d0db9807b15641a3ce0aa30eed4","size":862,"data":"","first_seen":"2026-04-21T12:24:48.971348Z","last_seen":"2026-04-23T13:21:42.216115Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/PromotedProductsWidget-Cld990TR.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"08cb1f32689e4b3699dbbdf78b9646a3","sha1":"63b34647cd0480f9bc68427fd6ac983eb54c7838","sha256":"fceca3553295edc93b8ee54a308364cfe42424abd7f58f9a4ce37df3870883ce","sha512":"bd56583809cf6e606ed445599c75a7dbb22df534e9588f8d479bb453f9366351d6bb37584893b2c8a03100c7a72afcb0ffb4cb0ed67bc8cfd1b84fe231ef913f","ssdeep":"","tlshash":"144173c2c538a37af63e4dec210550c43c263e24da7648b290b67d16a13d926fa57efc","size":2126,"data":"","first_seen":"2026-04-21T12:24:49.000596Z","last_seen":"2026-04-23T13:21:42.196931Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"galabet.winwingames.io/public/proxy2.js","fqdn":"galabet.winwingames.io","domain":"winwingames.io","tld":"io"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"1296781ea2c9cd24e19fe155b42373f2","sha1":"d7ce9dffbb2482bc2f3795cdeaa727d99e49644d","sha256":"de74ac92be5c23abac0e045e3380edf98b53abeb1abc7351e98ec06a71a01359","sha512":"3922435bb5f624625705a335938c57a7addd890b26905e7097bbed9882d0508fd10eacfd3fa32cf5b570deece89987d97773fc9377c68416dc03707c32e4af72","ssdeep":"192:0e/p461ScOtSD3FfjmfO6goK78IANjSLsZPiSLrBEpKYehsKs841+yUV22hhCsrq:l//Sk8fhPVEQGrUFAvRZIgUlM","tlshash":"ce92860e927b6123447334bc978ba146be1150971d0acd847f4ce394bf85b6eb6b27ac","size":19498,"data":"","first_seen":"2025-12-24T22:39:16.372563Z","last_seen":"2026-04-23T13:40:25.960884Z","times_seen":35,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69e6f4c07ce/js/twk-chunk-2d0d2b7c.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"8c2091a992e4303600967e53388cb5c8","sha1":"70cb06404a117829d3c53f5890077f5ff82957c9","sha256":"52edf640b5358d2e388d34d85bae2bf9973c26383165c4187da4e98b7703233a","sha512":"4d379fa96658dead5908f119d36ff91db8ec34d145fad5888370bd681ec575615351eaa0336fba48e4ad102b84e07881286bb1a958ec15ac36f86677de149d15","ssdeep":"192:0CFny7CpmYbZTxcwr40v0zSrj5D6/L6LvGokD36b4hwseQ:08mCTZTJr40v0GF/LvV4hwsR","tlshash":"9332a6b7e0a1107ea316871c106fa610f61f6c8ab2561da5ba7ab46f900ddcfc065f7c","size":10918,"data":"","first_seen":"2026-04-21T04:02:24.334927Z","last_seen":"2026-04-23T17:55:40.636265Z","times_seen":694,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69e6f4c07ce/js/twk-main.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"da5bb1dc647470204df0e49f5afac2de","sha1":"f5cbf596ca5e4fe208e4c55af6e45b71f9febbe8","sha256":"705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c","sha512":"d9c0eda8c93df421f8147960ff4b00f8eacd8791b8386b020f04d0478c6b7a4328767a82b52b8cfbb7c3a44cb55cec488c2d1008670bee709d67d8bdbd887c39","ssdeep":"","tlshash":"d4b09b6c1057f86955e8064ed3b7f65d1d961050811104301658a1753321143c61c55b","size":121,"data":"","first_seen":"2023-03-07T01:02:45Z","last_seen":"2026-04-23T17:21:01.281914Z","times_seen":77452,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/walletConnect-CiycSUBb.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"da47465662d5f1b88313ef72ebb29b9b","sha1":"e0d2fd5d0504d57d4b24f518b22952d2c988a7fe","sha256":"3bab1d05ac548fa6a9da34691fb10a9952e78e39de56d9db8e707490f5693803","sha512":"0caccce9e0a63d128acb707352cf961d8f203ab6088a491971a415a6902229d366a19c5983aa951831611446a97d432ac6eb2fa0aaba7cafee0d82e68688bcb2","ssdeep":"","tlshash":"cc4153ed9a14e4fccd74d1801ac9a709a0268ec6b40d40cb71cd912f0ffd4aad546b27","size":1998,"data":"","first_seen":"2025-03-03T02:49:15.275081Z","last_seen":"2026-04-23T13:40:26.073528Z","times_seen":1607,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/events-1g1c6Kmi.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"36da527a5cac4a34d0db7d9918e99fc5","sha1":"988fbe6bd49724f3c91089eb7d83d308c4c17230","sha256":"4550eb4e481ccfdee74d71d76d9e2331e2130a517aaebc1390016833a135d95f","sha512":"82f8ef57a5a79e627ee3585fa432fdbbfc8a8519c454b30a2b3602e9eb4eb0a8bec36663b1bf75327e7af4cdb3d3f6b93d7c6b16bef2329b7769cafc00a76499","ssdeep":"96:rd9bkM29yWHs9qYfoJCOoRLRlqSpbDq6v3WZHbK3hMSNPaVqsVqH:r3IM2sWMtBq6n3PzH","tlshash":"b3c143ccb38574b013e7e3abb07f520bf134a598740c5108b61aecf9696bd9a4126f78","size":6141,"data":"","first_seen":"2026-04-21T12:24:49.042921Z","last_seen":"2026-04-23T13:21:42.135149Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/if-defined-CWaLTnLW.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"a3b110c47aadc250e8c08286a3927c90","sha1":"dc2412f014870a6cdd5d3fe64734a12372b2e66c","sha256":"ff1673476716b35b4481265e15bbbf19e034f23574e163b4f79ab7e39ee93d55","sha512":"a4b3491b2b16d7c8346d302b6c57643dfd39947c2bd5292310d2f86940fd9980430abd20062b49151f9417afc5d133f9056f0da838e0afe5e1c0b3b561b5580e","ssdeep":"1536:vMetjKG9nc1EM27QiZmqog9o/LxGRbVkT68QEC07G8:v5UZg9o/LxGRbVkT68Qup","tlshash":"203308d472d671a243d386e5843b001bf3753824382d846cba2de9dbbd35a4691bbf39","size":53241,"data":"","first_seen":"2025-06-12T05:59:20.504038Z","last_seen":"2026-04-23T13:40:25.935372Z","times_seen":587,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"crm-lib.fasttrack-solutions.com/wc/rewards-main.umd.cjs?v=493597","fqdn":"crm-lib.fasttrack-solutions.com","domain":"fasttrack-solutions.com","tld":"com"},"ip":{"addr":"104.26.4.72","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"56a9a1fc282017f5069d416bbd3dc663","sha1":"71381a7b19fe123d86de52f9a777f47b540e04d7","sha256":"b3f8b98864b79b4818ffc553d0426ad57d766b69263e262a479fee636be261c2","sha512":"86bf512b5f0b2e7eb210d3067a515836298d494c379ad2c01a535102c0b6000e4c201aa4e86350c1309ce2a4505b8c8457f94294c406e649097a612ac5f297f0","ssdeep":"24576:HlX3M5UTRlXGmUVHnehOsBhCh1TTGrAJ+o/Ce9xGHelXOLmUl/V:HlHM5UTRl2mUVHnehOsBkh1TTMAJ+o/k","tlshash":"c7256d9072567434c37795a260be050c733d5b036806c6a8f2bc99a92fd7c9a627bf7c","size":971549,"data":"","first_seen":"2026-04-23T13:18:15.406147Z","last_seen":"2026-04-23T13:40:26.049922Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/tr/","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"dfb8f594026c49755dda719b8f3d5036","sha1":"8ab4e704f3f901dde225cb5eb3029292d2af5688","sha256":"07bba7dac43e959e4a3be2232d3db4c2b926aed07c1c05aec66d9eca35339c57","sha512":"5f8ffdee477aedf5a17204077a4d9e6aa19637c9dc260161cfd018983f916812c6a6edd8053a55ab8ffe87c0f21291c7a554a0dd0a48611caa6c32b9efc5851e","ssdeep":"","tlshash":"a1e0aba738134c7a79ab00bc6bf5a4643183251864088922fcedd0241f64a67cc1a44c","size":437,"data":"","first_seen":"2026-04-23T13:18:15.413557Z","last_seen":"2026-04-23T13:40:26.105672Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/lodash-CeISZwwN.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"0af14a8381aa9ffb9041549dd564ae57","sha1":"b00695d65a43fcb3bce778d4fd6c2eb1ef739508","sha256":"91145be72493b190ca52499d5d945d5a187482cae6add0e36306ffc697aaf446","sha512":"44efa6d772b31bad9a9561c9fc66f0c962b06343a31540d5bc31f3c8aa0c8fda87df68e8466bc810e02085c12a24bb72ef8a7a1581f8f16859b6ac646520ee10","ssdeep":"1536:/nsfx6WucPPRwy0/KHP5c+LBza4t8jxjiFOre/U3nadtDoayvi1Ynu9gMa5joGAw:/smcl3B4eFILYgMdGIkpOuFM7u","tlshash":"27f390c835d7f0a183a7287440bf084bf23dad65a84cd054e1aae0ed7db8919d277e6d","size":165093,"data":"","first_seen":"2026-04-21T12:24:48.978952Z","last_seen":"2026-04-23T13:21:42.170008Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69e6f4c07ce/js/twk-app.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"e736e189edb5d0d9d5b8e7f23dd9114a","sha1":"bcabee193f13756fa9154fc492fe420c47140343","sha256":"13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd","sha512":"ea972884c185633ea238bdacea6ac9da0e0e92f88588cd85c214514c3597bc7d811c4dc4cd35b671dd2db97179bedceb38bd5d200abb9653fbcaeac2ca6ec7b5","ssdeep":"","tlshash":"a0c080ac1496fc9c1674154a8377f54a5cd510108055141015d851a11311546560c54d","size":151,"data":"","first_seen":"2023-03-07T01:02:46Z","last_seen":"2026-04-23T17:21:01.281449Z","times_seen":77493,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69e6f4c07ce/js/twk-chunk-3ea2c7ce.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"52698c6dc96b5f2bd13e8f921334e398","sha1":"eb0adbc44ebc73775c5cca0a3851e8a6510d360c","sha256":"37527b07ac54a4567d7e23bde1edfde8ed74c4f30402c96fb56f4c0020c6af42","sha512":"032e41ececcfc651f34c235d15953baacb81e7cfaf492dd919c7fca2a7c49d507ae4a60710064c5419df70eb581254058dffbf1d0d4c53ef47d87bce4e036524","ssdeep":"96:60WlCWYW5rugkENQdx0hZUASzpqrcHZ73abT3Qlgjm6i5cCEsK7oGuyGwDf/2/5N:XBTW5qgNQdAR7c573abF8cCEsK72/5N","tlshash":"b5b11982b251b4668ab5380045cf6f07b07baf4f5d09cd50d783e4a3b230c5a9667e8c","size":5504,"data":"","first_seen":"2025-11-13T12:40:48.559139Z","last_seen":"2026-04-23T18:11:58.674847Z","times_seen":28972,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"64eda2185a5ff2799c5ae9f0d85dcf6d","sha1":"f458661a1d6bd37318bb439299cc5b0589413110","sha256":"4bd2e374a15591721b9040ba64af8f2059a63d5f1f93c6ea6629c8e29d1091fb","sha512":"56f14e941fc647b0ecb2bbb975e4be897b6ae90f47c128d950e90bdcd80dbfd606b39bfcc3e0437671da551c549b8ff223c11c786ff6b5b20be2ed1598a77029","ssdeep":"","tlshash":"52f002bb182021295c9514c7740e1688e0722a5bbd2729b3543344053468f8b2b6ab5d","size":603,"data":"","first_seen":"2026-04-21T12:24:49.109122Z","last_seen":"2026-04-23T13:40:26.105039Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/InformativeWidget-U7XsexQ0.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"b33695d67c48abe85873f5bf86c00af5","sha1":"0edd914a4fb8b3b268ceac53a25775329aadaaaf","sha256":"e68f8bff445a41225207efbe87a76048f840efdc5a396eb5e20c59c1a8b7a8e4","sha512":"3f3f59e5635099172d72bbc52ec00dd07d215779f272fc3afdd5f18f6cd6b5d8130e8c445232c3665177ea4800b81e47ba8fc0a1671a8887ba2990e65ca574c9","ssdeep":"","tlshash":"6911b946f590d67eb0350dc44657c0d46a212de4cf38d8e898b53008a43410bb6dbfac","size":1087,"data":"","first_seen":"2026-04-21T12:24:48.922225Z","last_seen":"2026-04-23T13:21:42.143661Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/GoogleTagManagerTracking-CdCbiusO.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"5d9e93426ec57249fd88745e9754c532","sha1":"529a3ec4a06dca386a2993fef6d4cebac1491cb7","sha256":"9e37d98b3fb5dc90d44ad81bb553aca186d59be34d2517a3991be1595feafcee","sha512":"14b18f8a2e347b10614046f90e1b5b3c8c76c4f2faabbd918ec2c2ff7ac7a177776ada8f413921475991ddee5179b971df31b6aade5a4d3d2f2374fdbea1e53e","ssdeep":"384:wbiHYqBlsFPDVPoZVe5mze5IiWVyoxJUJF+FOndK3pqyuQNJg1F0TQOmJNwizwTr:oi4yKtoZVeo66iWVyov8MFOndKqyuQN3","tlshash":"12a2bac7f9a548a0b5bd1fe81fc2528635b1b69af49144707c9e7c0c223cc4ef2b5a69","size":21773,"data":"","first_seen":"2026-04-23T13:18:15.323347Z","last_seen":"2026-04-23T13:21:42.153679Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69e6f4c07ce/js/twk-chunk-4fe9d5dd.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"8249fafc9a9fbe0f75d4bef0aae2305a","sha1":"fab6dda0967dfbaf8ba0cfe5cfade8e150d1735d","sha256":"69b650b4d6479fd29987836a9b74147aade85cc9c50024bcacd5dfb2cb793e8d","sha512":"d0bc9a750061e5b4b761db081656b0e1e655126a413aaa22e87ce14cdfaeac34d532acd08eb0d61274707212871f6d84369b8b2a1a6d3e6c3bfd3d4167afa865","ssdeep":"","tlshash":"f9110248f056b8fcdc8af64288df143034627d4a898cf9e6f5f0aad405555ab312bb5f","size":1000,"data":"","first_seen":"2025-04-29T08:39:38.372752Z","last_seen":"2026-04-23T18:02:33.557835Z","times_seen":36701,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/FacebookTracking-Di526DTV.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"1677c6d581eb780d31f16f54c87e7ef5","sha1":"cd18535059a569b9022672f896bb65a8079607c1","sha256":"c489bb95a03794f6e8af73883c3bad9f5a8095a9783421a209ca13ce31218da6","sha512":"66d41df0d890ca306b642c0b3f50c996aa4a562686627e35ce47c169dae512993f10ec0007c7ef2376b40d38b5b517a2b9c5119a5ceae2aaa82497c5a1fc8ec5","ssdeep":"","tlshash":"6401fe0f2c45b47d267c18b8d3bfd81426ba590e2a8b4595c6c789b9263454a40cef8d","size":680,"data":"","first_seen":"2026-04-21T12:24:49.081384Z","last_seen":"2026-04-23T13:21:42.206901Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/ButtonWithAction-DSAfkmWo.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"c4f4b4cf0623482ad6e165220287590a","sha1":"b6a866f3afbabcfadee5aa2e02f3f7886ee4a8fa","sha256":"5388b7316d931812f63ee58ecf67a9fd397a30258736f961919fa686a91a8aa2","sha512":"fe0f37dbc2aeb4281152419dd6962702fa59beb4a63fed2f8efff7c35f135bc6fa706ced3318313bb55a80ae282004208043ee64720cfcb0fb2f660e3f025498","ssdeep":"","tlshash":"72d0954f5441d3f903d37db0a12fc1212a155d64e7d48941804c1450373195d805ff2f","size":267,"data":"","first_seen":"2026-04-21T12:24:49.021237Z","last_seen":"2026-04-23T13:21:42.109803Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/LiveChatInc-xfcbsjSt.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"4a23a3152595007dee34bdb1ab005e38","sha1":"6f9e4dd1d3ac1c2c7a25b3dc3cffb4facc178676","sha256":"636431594cccbdcad77265ee3c2031bdc1bfae03b70859d5a69e99e01a6d07c8","sha512":"cf1e244c74669b5ec1e9f22edbf6b702f72fa5c4774dd4ff68538430d661cb332fa6ce03f8715c2443710d29bd8d443e6231f2322aa76e8ba02619b327fb1c02","ssdeep":"","tlshash":"1b51979de03874b4a37967e6323b771f32165a14a4484cb0357c4f166a0b58b8076eda","size":3140,"data":"","first_seen":"2026-04-23T13:18:15.362972Z","last_seen":"2026-04-23T13:21:42.203253Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69e6f4c07ce/js/twk-runtime.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"0c199dd28c0210b90a43b358644fe9f6","sha1":"54dd8bc2265fb1a30b18deed37b2041318ff6b92","sha256":"66ace4797cb7c73a99420a2763471f4bd182cab38f0ca27635c7fc5000a03188","sha512":"6b9dc20d585dcccff465f66b76f465bb7dc5547943b1676070c3f22b0e38fc6925b2c826876a22964b0b7ae16045d7a3d3b891a5b6c5f708f1c2485dacd82279","ssdeep":"","tlshash":"374195d936e4f9b6834318e1043fa016b6353976497be8c0531dd8f5bc79c45811afb6","size":2306,"data":"","first_seen":"2026-04-21T04:02:24.302032Z","last_seen":"2026-04-23T17:55:40.665392Z","times_seen":772,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/index.es-BkfTJV0A.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"14273a4e1f174468d9ad125d59fdbf95","sha1":"323ac744c931566d8324a88ebd619c69cabede1b","sha256":"497891c74b3d2f85ae305a4055fd2110ba81387895c6feb67338cc8b454f963b","sha512":"5e3ca72b4b96d9e498548295a2251fbdbfc8ce1bfe4e8bf503e340d06aafcea34b03aba178a2ae5597460018280f8783663549fb0a57c5dc072f67fff4e85619","ssdeep":"3072:bzCw7+KZdQZv/7VXKAMJtSu7vYK9u6INz8P1jXJphlzfl8FnN1Nd6UBh:bz77jdU/7sJJMcvYisoljSFN1Nd6UBh","tlshash":"ad54fa8472a7f47543d665a8943b1542f23a5c64700c902cf6acfceebdac4499a3bf78","size":295236,"data":"","first_seen":"2026-04-21T12:24:49.049849Z","last_seen":"2026-04-23T13:21:42.155821Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"crm-lib.fasttrack-solutions.com/lib/js/fasttrack-crm-chunk-vendors.js?v=bc48296","fqdn":"crm-lib.fasttrack-solutions.com","domain":"fasttrack-solutions.com","tld":"com"},"ip":{"addr":"104.26.4.72","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"914072ababccf9be7ab6560f2b73e2b8","sha1":"b0add509be06fbefa63c079e34fd852f53e7d030","sha256":"c49678dc6c2e1d77cc759665718d2559d4b09001e9705d5810ec7d6b431f5dda","sha512":"1a9ee5852d4befd559fb5a557aaa2ee96ca1a7b113e7bc391f71b0f2f3b32099c83d7d6f36bee253bd8168ab5d2f3128b1bb8e56abd3ef8929c533d918ace0ad","ssdeep":"12288:+iV5uogEvtEvvEvtEv1dgHg9quyqXjb7EqGDeuPqK3c8WsIJyZmoJwCFaFIFSAJs:puowdgHgfyqXEZFJTIPgKzYJRa","tlshash":"099554182a6bf3849409d0d7f9373d84c59ed19aa44764d24fb64bf31bb2352eaacd03","size":1880992,"data":"","first_seen":"2026-04-17T00:47:10.255432Z","last_seen":"2026-04-23T13:40:26.104428Z","times_seen":16,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/index-By9i3a2L.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"638bbe2624d45a620aa2e47f677bd067","sha1":"7290b07a33e3d91bd741e4df10b762993e76d999","sha256":"ae56a0e51b078f39de423d1264d84543088ae484bb2aa347ade4e678b7be67be","sha512":"6f61132552164590d3612e2d23025f5d66c993e7b1145a9bdfeb5c1c4fe900f082f032c9188e942eb10d5cca1af34b449493c5136ff2e919abfa5db435c5012c","ssdeep":"24576:lVo+1lCzwqTwWJPwgi2DwWTgExZPq4WhcKAHlx:lVo+1lCzwqcWJPwgi2DwWTgExZPq4Whq","tlshash":"aa357d85b045b87997b709e560af1102b1391e00f44dc4a0f57cedad29bd849a2bbffe","size":1137774,"data":"","first_seen":"2026-04-23T13:18:15.415912Z","last_seen":"2026-04-23T13:21:42.248619Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/SystemBetCalculatorContainer-DtyOsLF2.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ee02509bc8771a663f7b3ccab6d13c33","sha1":"0fdde3e73867ec0f9289a463a5e0884d6d9731d3","sha256":"8ce1bd8828cd63aa0fc068abfd854b9c11a3c2938f9285a3dfcc823f932900c7","sha512":"b81178082f60d68ecc5565dc1bcd32a011086f33e2e50403c0cc7a71f8c5a81d6c912be2c3543b0e0b5d525c633cee39faea29f246b850f93971d36b91c0756f","ssdeep":"","tlshash":"b111bd575368de74859e0eb24989a4640df5430a5a0cfa28b9b54c3cf12949243efffb","size":968,"data":"","first_seen":"2026-04-21T12:24:48.901741Z","last_seen":"2026-04-23T13:21:42.221848Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/WagmiConf-D709ykut.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2bc1cff1b4a88fcb7d6d511ae355aa96","sha1":"563de1fda53d30945b4e8745cb90e639ec4ee8e4","sha256":"4eff938056fa9f0de8c26d57aa0ab88a57c0855dcaf7c7369a0ff21a2e960fc6","sha512":"357be7810700745a6117be7eaa66f2439f05e435cefd3c7bb812a17f40816a600494b4f8dafa95ea9a844a6b2729d6f29bf2c035878ac6f0079801a690259df1","ssdeep":"1536:o2Caz/SCdwD7ZajZlO7jMMDWOx6uxG7k8UhVxSuS7XUF3waGBfGYBgEytq2bPfAV:ZCaSlx5xG7NU+WEy1bP4v1K/XGd","tlshash":"39a34ad07196b46103a74ae008bf440bf239ac34200e565cf269ecde79b96e99277f7d","size":100979,"data":"","first_seen":"2026-04-21T12:24:49.089926Z","last_seen":"2026-04-23T13:21:42.232076Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/DepositCountTracking-C4f65rk6.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"60f8ccc683f8e04b4d2bd5b46692978e","sha1":"a92629bb533866e0209a7cb4c588dd6a6d9aca42","sha256":"d7ac00917578c665dc9c2a20814ea59fc1c8582fb6b59b1e8d6dc5e66f43485b","sha512":"479ef92d357834a97e1b5b778ae0d90836ebe97dded4b150de9c50b144d8002410ff0fcfaa510f6ede63b84a17023c376a5e0d55e150792c568d9f359507ea4d","ssdeep":"","tlshash":"9df0dd9b68b8d2e58a493a8472c6d8e363f0650dba5689c385bd4d4a0248012e4c8e1b","size":645,"data":"","first_seen":"2026-04-21T12:24:49.022744Z","last_seen":"2026-04-23T13:21:42.221091Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/BetslipButton-kdf82NBZ.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"4b8d21182d8c4b955630a1c97c1378bd","sha1":"7e8954c2467d6ea9892e1b4af8d48791da08b9c4","sha256":"53476b4d35bfdf0b19098ca1197216bfe0a8ff916b22208bcfb475f4e713657e","sha512":"cf38dba2382349c9bd2aae9cda8ede2399b559f3284ec65b4822cfe7613e4fc89803312e1fb079212afa7d617dfe9ae57ade0e750348e3edeaf3ae1e3a89c35e","ssdeep":"","tlshash":"68e0ab87c508c2fa07421d92200bc121382755bca340f98180ad28613b34999845ee2f","size":418,"data":"","first_seen":"2026-04-21T12:24:48.880755Z","last_seen":"2026-04-23T13:21:42.113809Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/NotificationsButton-yutPbShF.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"a1ba16059ba8b51b87752c12dc5baf02","sha1":"eec0024f63275d7894852e63a327a9c8bcfcb852","sha256":"894a01b86786005132f90c701034d5fec594f5afa2c075e69407fa2a36d76e8a","sha512":"660eb05e3e5fb79227b39b5f88fa5e3336e1982419d7fe69fc7c1fa636b486048c9f0901c0feaec07a401e59b12b0526fc0da8a0b860d855dc4620d3c7a0dab2","ssdeep":"","tlshash":"16f0264be554d5f417830d21a23fd015393b683cef06588004aa1c941330019c44fe4f","size":558,"data":"","first_seen":"2026-04-21T12:24:49.056543Z","last_seen":"2026-04-23T13:21:42.162905Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/index-Pd1BUwU6.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"47c51419dd5562f5792c0c7dc42e742e","sha1":"e204e73bc9976ac330b6eaf057843e350226728d","sha256":"4737ce990a50bb36d1cc20cace204ae3b3fc533c1d322dfbacba962c916b91a8","sha512":"331a871e9de89557ede808f0b73caa9342921b6c15421b8a413c0cc4433554e253d34dfa36e5eb7c780b3e4aa644263d8178d1ade25f9f3f4bc2248baf8e2fca","ssdeep":"","tlshash":"515132cba042e7f4bfe708e6819b10b074378d5cfe1b449092be58964958752e36bf4d","size":2923,"data":"","first_seen":"2026-04-21T12:24:49.051938Z","last_seen":"2026-04-23T13:21:42.230897Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69e6f4c07ce/js/twk-chunk-6289ff8e.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"dcc9b8d3d56a19e96ea9c75f499a3370","sha1":"f89d61f994fa18ed397750234723840a7a5b21a1","sha256":"30c2b0c7ccc706ffb9ff59ef64113a51ac481711c8a9a5146dbdf5faeb1bf243","sha512":"580301e9f1f6bca19b82685d31653621a57753350fe6589fbfca8d6c24f1cb1a4188d9290a80f2134a660c06c135058d7bd0c457ea7477f9c6b3dd5a454c7c78","ssdeep":"1536:BigMXSFu196wofTn32jGDIgaOS9WbaGlDluK1yFY5dZPkx3u4V5pfYMrlSf:4DiuTgQG/gZx3u4V5pPrlSf","tlshash":"7aa30a6ef091b47d8993d26120af3212f3363d55a919d0a8f234cdf859d89c9a127f3e","size":106298,"data":"","first_seen":"2026-04-21T04:02:24.282434Z","last_seen":"2026-04-23T17:55:40.619074Z","times_seen":693,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/index-BJ21FeBp.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"9d93ecfbc55243109c8742160b35e284","sha1":"5cc1c573dbdd97cd1d0e239ee4a3003a49f64094","sha256":"aab1b4236679b9462c2c99e800555e4f4bf526bedcae296c4b33af62be729000","sha512":"59545f5311a35a7aaffdf5a0d5c6a78740b3f08484da0e1f2bc38d6ff1c03bb7f92e04d2d7289a5278286fad774947b5aa9656cbe2c3bd6294dd5646f75a5d31","ssdeep":"3072:mQwaIFmmU4Hxsu9jbgkqJFHSWotoOwhWBx9/F1FV:VwhFHU4HNwFH7MoOWexZFHV","tlshash":"01f34ce063b4e17db603836e97e605e0e21cb444f729c0f4b6ed87f540c3599deaa629","size":157556,"data":"","first_seen":"2026-04-21T12:24:48.87453Z","last_seen":"2026-04-23T13:21:42.219852Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/useOpenLiveChat-C_aqfNmB.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"b05dfb053febdb85be596bac72b4862a","sha1":"05e34092259cc0bd17a16f95ce919d1687186383","sha256":"e057e75f9b6a8f950c34f20a901597768538f90750bdf6c9aa5e2766f1a6e5ed","sha512":"270b643403c3db3d4d5d86f4b8585a7a6abd2b0e16018c9ac98eeab83f48775059117acd45ea51a1cd5d93532df6d36110e0525784c7932522e8cdc2b2f78e51","ssdeep":"","tlshash":"fff0e19a4154ae7cc0c08ec1501ba5f85b3927a4740dc842683f7cca6864c0586fa847","size":583,"data":"","first_seen":"2026-04-21T12:24:48.870088Z","last_seen":"2026-04-23T13:21:42.13906Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/GameSuggestedEventsWidget-C2pyJjPN.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"751a6d9bdce905b3da67bde527735018","sha1":"6eab5e951f1ad5abf219a195b0064c1ed86a0fd3","sha256":"b8c08c5a6a2762fc27e6450bd245d830bf789c22e00d40948de00d520000195a","sha512":"9bf68d9935943ac61e80e726518f708f6cd5fb3da4b1486be866d273c6148578c2ce7957eac09fef9f069b8ba5005e8ab9fc55ee3180854c183261f23860cb21","ssdeep":"","tlshash":"2971c646e010aa39917741d82bdf3119153632b4b94353c1b63fca3123e2592ab9bbdf","size":3709,"data":"","first_seen":"2026-04-21T12:24:48.990149Z","last_seen":"2026-04-23T13:21:42.13639Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69e6f4c07ce/js/twk-chunk-2d224aff.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"4e42f0fadb3d2018d982139dbc5a9af2","sha1":"d12184ccaab5502bc156c188c297f86645558c01","sha256":"e161173c1acd3f82e0a41546fb7b2f376e79f8c27961f80d4461d62e95c079cf","sha512":"e90584ce35254420922b8419185fba82b84092230827ba7d5ce318b574ca4955d6088ab40101198b0e709f2eccf2856e276ac91ca2a63bf9e38f4fb6063dbb18","ssdeep":"384:jqiSR0nIa0kIrCQl2kL3kCRGN//h6LiJq:SzP2D3SLi8","tlshash":"f2822ba6f149311bc925c751605f2228b33b19a9fa1ece7df2745cf245a8cc2906af3d","size":18392,"data":"","first_seen":"2026-04-21T04:02:24.316925Z","last_seen":"2026-04-23T17:55:40.610669Z","times_seen":694,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69e6f4c07ce/js/twk-chunk-2d0da3af.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"477a2a623a80ff8f0973f666737bd915","sha1":"74c39f31f294f54b947a9c2cba87722ff7817e5f","sha256":"9e74172aaebeb58804494741e8d7ecc910af78072e57a007f8e78749df40065f","sha512":"3ecfab73dbc492d60e250391376fa3c2e66083b799a6180e575bbccf3becd4092e69d827eca51422082e8074420408b46311e0a6479b0742439debe70d5cfbe8","ssdeep":"384:UJw/U5YK8Hx9KJ+ThWazJbUZDkM0kWEYPk6F+UtKM5eH:6+9KJ+ThWazJbUZDkM0kWEYPk6F+92eH","tlshash":"a552c6a7b2a4782d42379712308f3205f33b7d45b215da19f36edcea4aa84c16056f3e","size":14213,"data":"","first_seen":"2026-04-21T04:02:24.30834Z","last_seen":"2026-04-23T17:55:40.661449Z","times_seen":616,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"crm-lib.fasttrack-solutions.com/loader/fasttrack-crm.js","fqdn":"crm-lib.fasttrack-solutions.com","domain":"fasttrack-solutions.com","tld":"com"},"ip":{"addr":"104.26.4.72","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"0a3e94e19b384b80fd4132b3735bfc8f","sha1":"ec1475a09eda97a5622d7c5bc2d650c86314eb2b","sha256":"5c5fdf18e27f2ac8aa2ffbef0573c2280601802831df99d50ad86c51b57ef402","sha512":"84eefe0c0c2ac4755fbda71d622b0ee74447b5c1ffd35e740c1710d27b110167b2692ded7c311d5b8bef5360d24ad5f03382580eede0d9b6a58ef239b71fff2f","ssdeep":"192:/XKuPlMK5EbbbCWuUD7Z4ac2tMOx5YemndU25i5ObHwxaf6pedviiA:vKEiw8n1xDt4atx5Ye4ymr//A","tlshash":"9ee10e5c39f394610a93351f033be115f3b6e533221eec41b9dc8968af54667caa7d88","size":6791,"data":"","first_seen":"2026-04-17T00:47:10.117791Z","last_seen":"2026-04-23T13:40:25.954125Z","times_seen":16,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/FastTrackTracking-C80GL_Ah.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"44402e6c809f993a91be813f29131dc4","sha1":"0671bbefcca323b5a50859522d160175bbe76ba3","sha256":"1d295d131e759ef01fed7c13a6c9c25b30a03064b0b29952ff8f0bd1c6c5257f","sha512":"c9dee0cdde4cc36a00231a4e2e5f5719d5263ee852a5b7c14884a31fa15d1e0e2d297395c45f6cc45ed61cc3edd1c1b039f26721354694350db91356b2e84945","ssdeep":"","tlshash":"5421410f40f482f93c800e4ea2e7e2a0967e5539702dd4a3b17a0bb82b1c245d3dac93","size":1385,"data":"","first_seen":"2026-04-21T12:24:49.030129Z","last_seen":"2026-04-23T13:21:42.195985Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/DataspotTracking-BNSAxMZE.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"a43d6d9db291e70d4e23f436096e894e","sha1":"64f14bdaec33bbf43977c9906be595d3ca46d1ba","sha256":"e24a59385db663e56f90b790d445a3cdc8a6f349d11f651b3d92e5362525fac4","sha512":"3df63a09575fc7247f89411684c94afdcd9e76770ff3074340f2c50816f89733d102a5038c5ed539f30076f271c9714471093afe3fd3d2e1015b10d913b8dee6","ssdeep":"192:rECb+cB+hnlqWkO+bNKb0s3LnBaCHJNvuvXvqvxgFzL3IuXge3AmYO2hU:rEq+cBsqViaCHJ5Q/0W1LnXge3gO2hU","tlshash":"4d02e155641e78bd6037d6ad0d4711a208387042e1339de076aacf5a9e399c28ff77cb","size":8580,"data":"","first_seen":"2026-04-21T12:24:48.85803Z","last_seen":"2026-04-23T13:21:42.099406Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69e6f4c07ce/js/twk-chunk-7941cc06.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"09a6b2a4fc1400ec37c1115e6aa1670f","sha1":"d703fbc76276de75b56fad5c189fb663146d116b","sha256":"59147272a66366aa00b1f3771a23f360ee90c3bcac88ad31f59d29562b2d3c28","sha512":"2af2fecb20cad761430bd295a3e8846ad7404f20c9610dc8e20010e4d941b9067a192e700a964b92fccd2289ae4a10eb0e2ae81db8323b49bc3c0543dfe0e457","ssdeep":"768:Vlxfu8+HYUmI+rTRWf2z+y+Um/+VRJWf/W+Hc1lt7Gj67IW8/JGvgLCBxf6stK43:xfurowf20UJWfO+Et7GZrC90k","tlshash":"a533c8c9b2d6f4258763632130af3006f27a4964a81dd155f334d9f6b9ece48a227f2d","size":53530,"data":"","first_seen":"2025-11-13T12:40:48.539817Z","last_seen":"2026-04-23T18:11:58.702593Z","times_seen":28824,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"va.tawk.to/v1/session/start","fqdn":"va.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:32.287Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 06 Mar 2026 09:33:33 GMT","end":"Thu, 04 Jun 2026 10:33:27 GMT"},"fingerprint":{"sha1":"F0:6C:DC:32:63:CD:34:E3:15:CD:7F:77:F5:A3:64:E0:9B:36:95:83","sha256":"B6:7F:6E:A3:69:3E:0D:3B:04:3E:8B:65:86:7E:1D:5F:82:84:18:16:8D:AD:72:D5:51:E3:46:BC:BD:CD:BC:38"}}},"request":{"raw":"OPTIONS /v1/session/start HTTP/1.1\r\nHost: va.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://m.gallabet1075.com/\r\nOrigin: https://m.gallabet1075.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/3 200 OK\r\nx-served-by: visitor-application-preemptive-n4cd\r\naccess-control-allow-origin: https://m.gallabet1075.com\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 3600\r\naccess-control-allow-methods: POST,OPTIONS\r\naccess-control-allow-headers: content-type,x-tawk-token\r\ncache-control: public, s-maxage=600, max-age=600\r\ncontent-type: text/html; charset=utf-8\r\nvary: Accept-Encoding\r\ndate: Thu, 23 Apr 2026 13:17:35 GMT\r\npriority: u=4,i=?0\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\ncf-cache-status: DYNAMIC\r\nserver: cloudflare\r\ncontent-encoding: br\r\ncf-ray: 9f0d2624dac15685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-23T18:09:27.649541Z","times_seen":14112422,"resource_available":true,"data":null}},"time_used":3433,"timings":{"blocked":6,"dns":0,"connect":0,"send":0,"wait":3427,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/index-BEZjG7h8.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:32.622Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/index-BEZjG7h8.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.gallabet1075.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:32 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:38:43 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2329\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=MRnpLwNd5GRpi36BNF4XSmso1_cpr1aq6AvmbPSQFLI-1776950252.7813969-1.0.1.1-TJ4JwUE8b1uLPq3EHdWyMHwJk_MVG0i6d.6DXv5RiySN_nSGHbohDeCoClg.hicjqzzu7K5ssz9mDMNluT_gZhYkm33jsoWOx82vZCoJmScCY30bSt9NkdBVlusolPfF; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:32 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8EOj0QmSAuzfve6WEfHgHIGnbtD6cFUK%2F8fQT454KQawYu8zQAYBDCOWZGFqq8CNprPSmVlbJjVeWZ06ByKjg75YoqpzrCDU%2BZ2QRdvG%2F6pjupz595DLdOnr58emX1Lc00MSSQ%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\ncf-ray: 9f0d2626e9bd56b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":221144,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (37523)","md5":"51389aaba7e6ebbdd63dffdbae5bdc90","sha1":"e796b04617f2796b15630785ea1c29a781a858c2","sha256":"70ba85f8e51bb3ad5fe0dde119467afc4d5d3a30926146a6c6003cc10b33ff13","sha512":"ad79ee119859aa7849228f8dda55d8f25d5313cbd372b9af8c921ee5158e489eee7a76e9069b82de1b90fbcfc8c085cd266a77177761d9a3e734d4920fa2e2b4","ssdeep":"6144:2feL9y0h4R78o8e4Y0IALoh6wj9Sd51jjVvFa7IRcDGRD6On:2mJy0h4R78o8e4YB/j9e5xa7IFROQ","tlshash":"43240ac4b274b0b556e59494502b1201f1347c56b00d80e8b6bd9dff7faa88d92eef3a","first_seen":"2026-04-21T12:24:48.855058Z","last_seen":"2026-04-23T13:21:42.152893Z","times_seen":4,"resource_available":true,"data":null}},"time_used":381,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":322,"receive":59,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/index-BEZjG7h8.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:33.104Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/index-BEZjG7h8.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/assets/WagmiConf-D709ykut.js\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950253080; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:33 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:38:43 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2329\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=WlCOMsPGrznWlROp16qnadR92_a4331yuFEAjlJXmEs-1776950253.150991-1.0.1.1-U_WsIOV06Gn3VbeJ572N9WMJEYdGqqiVElfac0Cd0q53UwPwS8NFmFw_Uj_FfNPAWSgh5SHWfZGNPAz6oNedYnVswawIWz_sm_iGdcToJpIq078aLC_HXJMl72MXcrwj; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:33 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gcoc0nhcSvE79WkPwXQeoo2hKanSrBAqKxqio5xRSMJopgOvEFfD4YbDoZ7U%2BjwIE3oVicahAgR4zRodP3Fm1oAWqQYMUu51mVtglZUzNbvWs%2BB2jcU0cY1Xjpz2DR2kfYThbQ%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=3,i=?0\r\ncf-ray: 9f0d2629ed3656b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":221144,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (37523)","md5":"51389aaba7e6ebbdd63dffdbae5bdc90","sha1":"e796b04617f2796b15630785ea1c29a781a858c2","sha256":"70ba85f8e51bb3ad5fe0dde119467afc4d5d3a30926146a6c6003cc10b33ff13","sha512":"ad79ee119859aa7849228f8dda55d8f25d5313cbd372b9af8c921ee5158e489eee7a76e9069b82de1b90fbcfc8c085cd266a77177761d9a3e734d4920fa2e2b4","ssdeep":"6144:2feL9y0h4R78o8e4Y0IALoh6wj9Sd51jjVvFa7IRcDGRD6On:2mJy0h4R78o8e4YB/j9e5xa7IFROQ","tlshash":"43240ac4b274b0b556e59494502b1201f1347c56b00d80e8b6bd9dff7faa88d92eef3a","first_seen":"2026-04-21T12:24:48.855058Z","last_seen":"2026-04-23T13:21:42.152893Z","times_seen":4,"resource_available":true,"data":null}},"time_used":164,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":111,"receive":53,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/LiveGamesWidget-iPe0Z4pg.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.592Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/LiveGamesWidget-iPe0Z4pg.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/assets/index-By9i3a2L.js\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950254443; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=XKDEvxAC4CGpSoByOmN8OTT1vqxmcQ1ThoMtikmTEVc-1776950254.6205206-1.0.1.1-zEPf9UReafZwBcl0mmEKHiwQLRHsPotTo9qtAY3Iyp.5icPWZCFiydgX6ryoY6qbaPrcKuDGFCXF0qSVZep8s3Rk4Eikc5rBiuFEi7hndA5lNOQpQPjG8jUfUIw.aMZo; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hzVbFu1%2BrlmwvvLhlSAU4b7uuvDlH2Xj6Vf9gFlEgSAcPMsiMKRpSa0YIN7%2F4mcyP2z2RKonINVo51y8SWswbYZ4QdBF%2BadCqcluF3fTB0AVj3QmuuCl%2BB374pXXnSN5ajax0w%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=3,i=?0\r\ncf-ray: 9f0d2633194156b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":4061,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (4060)","md5":"80c5d38349d2a6ed139d7c30262a07ee","sha1":"833fc61ce17f6130d18c3c7abc82897d611d4d5a","sha256":"bc6d5f152dd941af45d0155fdf80ded6632abd487f9251935f811f88ac156ce4","sha512":"fce1ac12abdc334ab0816baed265ed3d09a0f8c73f950269a883f2f6627a734b48da6f036cdd85cd46b438788a50143b8cfb13c733162cb171d2e77d9391dbea","ssdeep":"","tlshash":"fe81e887d0b891fd642e8ce8f1a4d2500a322a95d7b14710f1de0739136c299f61ef6e","first_seen":"2026-04-21T12:24:48.877327Z","last_seen":"2026-04-23T13:21:42.129705Z","times_seen":4,"resource_available":true,"data":null}},"time_used":98,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":98,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/DepositCountTracking-C4f65rk6.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:33.762Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/DepositCountTracking-C4f65rk6.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.gallabet1075.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:33 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=OaQuBy8.dPEYhUGcY9Dv5OfnUePtMFi3TOZMbUwK8cc-1776950253.9412498-1.0.1.1-zr46DgH9RLDWpkvMQ7lIbtX65RgDSnixsP7pE9pn_X_qoRbCah7PlK_fOXJdcSfkPtbYIKoMtPFbTPnXPKdFzFfx9ai2NdgpnyOveMQ_7WbkeUPukWXvelQiYIKSxSGU; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:33 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yFDfDfHAeHCKkKvUiYIHW%2FiDiOMJ0qvi%2BNxdKxgrgD9AvLeWWBbP3S6L2tjuLC%2B%2FTImc98RSXvVyj4%2FeZNZi3xYt3SJUGvHqBVys9H8E58eupioURPzENID6eb90qTVL80Frag%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\ncf-ray: 9f0d262dda4756b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":645,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (644)","md5":"60f8ccc683f8e04b4d2bd5b46692978e","sha1":"a92629bb533866e0209a7cb4c588dd6a6d9aca42","sha256":"d7ac00917578c665dc9c2a20814ea59fc1c8582fb6b59b1e8d6dc5e66f43485b","sha512":"479ef92d357834a97e1b5b778ae0d90836ebe97dded4b150de9c50b144d8002410ff0fcfaa510f6ede63b84a17023c376a5e0d55e150792c568d9f359507ea4d","ssdeep":"","tlshash":"9df0dd9b68b8d2e58a493a8472c6d8e363f0650dba5689c385bd4d4a0248012e4c8e1b","first_seen":"2026-04-21T12:24:49.022744Z","last_seen":"2026-04-23T13:21:42.221091Z","times_seen":4,"resource_available":true,"data":null}},"time_used":261,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":261,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/PromotedProductsWidget-Cld990TR.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.141Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/PromotedProductsWidget-Cld990TR.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.gallabet1075.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=gsNnUCHIasBZ9jqmWFwggXSWa0ing31kdl.VbH_yaSU-1776950254.1145608-1.0.1.1-q8_GFjzxBmgVZOgFmeEIKuqaAH3WnbH0OGHoS4nfiDhPAJ4z60oaDLgmkY3h.XpM_tcpNsHL0u_BkmdSn2U9qfsYz03Sv6kpno7Rbz.s3wSqn.ZcPnb1bnM6C6_TztUa; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=B8PWK6vX%2B7G4ju0QgrQP6XW6s6PGSPuwzwdnq1j8H1jQWrwUV%2FRaQGBLs28b14nVVKRjbnd1BSrs3cCyHEdeTTtUiYA4uB%2FYbZDLkzQYOjH%2BJAhOYepod1wVdin6ZZx1Owo%2BPA%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\ncf-ray: 9f0d262fccbc56b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":2126,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (2125)","md5":"08cb1f32689e4b3699dbbdf78b9646a3","sha1":"63b34647cd0480f9bc68427fd6ac983eb54c7838","sha256":"fceca3553295edc93b8ee54a308364cfe42424abd7f58f9a4ce37df3870883ce","sha512":"bd56583809cf6e606ed445599c75a7dbb22df534e9588f8d479bb453f9366351d6bb37584893b2c8a03100c7a72afcb0ffb4cb0ed67bc8cfd1b84fe231ef913f","ssdeep":"","tlshash":"144173c2c538a37af63e4dec210550c43c263e24da7648b290b67d16a13d926fa57efc","first_seen":"2026-04-21T12:24:49.000596Z","last_seen":"2026-04-23T13:21:42.196931Z","times_seen":4,"resource_available":true,"data":null}},"time_used":125,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":125,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/HorizontalSportsList-CG9uv7Pr.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.152Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/HorizontalSportsList-CG9uv7Pr.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.gallabet1075.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=j7l_zgAlWLeJ5JudtSJ.435Arbo1J9H58SgX7h8zE1I-1776950254.1239529-1.0.1.1-OGuUUkS0SNss8zntCN4xiqYh776tsyqEzhN.MbHwwP9nh27N2OZZZtoW6ucQ9dlMOCwB.vsdiH3naKXGWvVhOaYAu7oYfjNQTQ5i0luC8hMacuXZXwgmrHvcPVejSsAZ; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=sJrXsbOwTAZWFc5suLIDwlw11Xo8EDZO6ne5dLTvG4Hk5d8%2FKOYlUREzWrbUtOhMM7VQ6rEJncOajb9abLheVmMuWD6e2YXXia8RPnq%2BmLiHhSWWkf1t5Hyi36Hir1cOxQe%2BUg%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\ncf-ray: 9f0d262fece456b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":422,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (421)","md5":"753ee192934290df27bf8701176d7761","sha1":"a8351c2e49e7f606ff2ccb7b00307c786af579eb","sha256":"a259f018ca326b43ed4403a43034a162faac3428e5e88c5154a4f8a32c608bb4","sha512":"c31bf1c798efdb234d594b705bcc3abff02e6dfe7871e3341a8078587775f653c52139f56a902545a185b509dc720f32b410589ce938d906b519d11b7a5cd918","ssdeep":"","tlshash":"8ce02b85d8628ef46a2a88efa95c24c46153057cef566a71d2a4921c1b7408bf66940e","first_seen":"2026-04-21T12:24:49.035577Z","last_seen":"2026-04-23T13:21:42.216813Z","times_seen":4,"resource_available":true,"data":null}},"time_used":119,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":119,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/PromotedProductsWidget-Cld990TR.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.208Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/PromotedProductsWidget-Cld990TR.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/assets/index-By9i3a2L.js\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950253805; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=IyYELwup.sSaeiUBrG4dKe_9zSjCF8uWPutMv0gyUBQ-1776950254.2035425-1.0.1.1-ithggDZchh74rW8PlB2d63.WOyq6hwqsIuDBbs.vbCkVUXBdeGm0.MISEi2qDjMfEOg1gSUmCsh8R7N9Y5aG0fiWLF66nn3WgECc7OFfIAb74WGW3F7pjRj6.pabAtoY; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zcZvgeSDK0miMhSQUdOaX3CHWtpDHwlOkxQtASP1PZEkRJUiM6izVP6CKKJif8HTzBr226AnBm%2BvydrvF2XqD7JTRKhQ8BQExipYXA1qiAgTROzl8Nej%2Bk9E9pCWaBxpaBZ%2Bvw%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=3,i=?0\r\ncf-ray: 9f0d26302d4356b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":2126,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (2125)","md5":"08cb1f32689e4b3699dbbdf78b9646a3","sha1":"63b34647cd0480f9bc68427fd6ac983eb54c7838","sha256":"fceca3553295edc93b8ee54a308364cfe42424abd7f58f9a4ce37df3870883ce","sha512":"bd56583809cf6e606ed445599c75a7dbb22df534e9588f8d479bb453f9366351d6bb37584893b2c8a03100c7a72afcb0ffb4cb0ed67bc8cfd1b84fe231ef913f","ssdeep":"","tlshash":"144173c2c538a37af63e4dec210550c43c263e24da7648b290b67d16a13d926fa57efc","first_seen":"2026-04-21T12:24:49.000596Z","last_seen":"2026-04-23T13:21:42.196931Z","times_seen":4,"resource_available":true,"data":null}},"time_used":146,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":146,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/index.6hr6LgI6.css","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.622Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/index.6hr6LgI6.css HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/tr/\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950254546; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nvary: Accept-Encoding, Accept-Encoding\r\nset-cookie: __cf_bm=d92_64qqZ488k_p1aeE3TqgbNefhjtBJuN8LfmRT7RI-1776950254.6842058-1.0.1.1-.imIk_.AGl_X55gCXHsqYwraxkX1ySKQ_zfY1v6SDHmG2akf8pQNSz2G7QYH0SvAvarhVDomJc6KvnTLI46p8KLdu86RTG2G47qyktbshsrCN7N1qtgp8GG.6aOCPh10; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5aMwPDmkpcEmA8iaEaJRTHMbNZbZ9muQSOvUwVTkOJtggqAR5O7Niv99SHPsQELEpA12wV1S6DV8k%2FXTiC0mCOKSh3%2F3xfLCYv2GtguVRTFblvzo4icus%2B9bwORTuraaO8J6Bg%3D%3D\"}]}\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=2,i=?0\r\ncf-ray: 9f0d263369ce56b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":1252,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1251)","md5":"d03ad7d634db584e4aed770123954f9b","sha1":"eacfeacdafdf8738f325cba4cd9352bad2829a4d","sha256":"7dc01c1d9e89862143b3c4cc81a2255e63cdb8412bf7421061819919fc2c6bf5","sha512":"e4641ddc5f100aec535f0f87f4b4cf617ff4fe450de4ed993b3681bec62023646689f9f12edc7b03c4dbf21e0b98081e4e8dd5b0b0a13970fd25946f953bde37","ssdeep":"","tlshash":"f0218ad7190b14feba73a6bf454346ebe5238c5bce63114ab6c21729c4827a2422245c","first_seen":"2025-10-29T09:08:38.623149Z","last_seen":"2026-04-23T13:40:26.098519Z","times_seen":981,"resource_available":false,"data":null}},"time_used":126,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":126,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69e6f4c07ce/css/message-preview.css","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:41.367Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 06 Mar 2026 09:33:33 GMT","end":"Thu, 04 Jun 2026 10:33:27 GMT"},"fingerprint":{"sha1":"F0:6C:DC:32:63:CD:34:E3:15:CD:7F:77:F5:A3:64:E0:9B:36:95:83","sha256":"B6:7F:6E:A3:69:3E:0D:3B:04:3E:8B:65:86:7E:1D:5F:82:84:18:16:8D:AD:72:D5:51:E3:46:BC:BD:CD:BC:38"}}},"request":{"raw":"GET /_s/v4/app/69e6f4c07ce/css/message-preview.css HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 23 Apr 2026 13:17:41 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 21 Apr 2026 03:54:35 GMT\r\netag: W/\"39f38fff97bceb6dd38d255228384ab9\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\nage: 206536\r\nvary: accept-encoding\r\ncf-cache-status: HIT\r\npriority: u=2,i=?0\r\nx-content-type-options: nosniff\r\ncf-ray: 9f0d265d8d14b509-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":54016,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (53968)","md5":"39f38fff97bceb6dd38d255228384ab9","sha1":"4f9d5ac34f834ec7f160fe555097691b45d47d39","sha256":"d9b57cfbaea5a38c3d279ba0a64a2fa0ccb499f94dfac8dc8845ac1c0f22f829","sha512":"cf1a36ed2530d962ee9a8013cfa3585dad4e85857e225c6a5670c92a574769d771b6a0f1ff2ae31c176ca078e7f747b704746996fe7dcbf826d906754e5545ed","ssdeep":"1536:fGUifm7kUdwddCriQiLc0Lg261F2BBCsEZf:J1V","tlshash":"cc3322b2f56710ccb363c22292d1f6bc202ae770d746ce96f427766c4ad12a63551fac","first_seen":"2026-01-16T00:46:03.995467Z","last_seen":"2026-04-23T17:55:50.578035Z","times_seen":21921,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":10,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/logo.png?v=1773142319","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:33.611Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /logo.png?v=1773142319 HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950253481; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:33 GMT\r\ncontent-type: image/png\r\ncontent-length: 11207\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:45 GMT\r\netag: \"69e7308d-2bc7\"\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\naccept-ranges: bytes\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=uW7sXJTTH2HYd59BhrWAslpmk5M7l8EigwGc7sxe078-1776950253.922441-1.0.1.1-fK6Cdb7nK5pWkAT.flH17LQO5riqDEc3A06Z6r2wCi60HCTjDbekAtV13BRr4BfSXs_ngjZifJ109jG5Jq_TIcJvg5_A3Wp4VuSZsFv7t152im5siAy9uNJ5PzJmokfo; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:33 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YDm6DKS8LOVNlVCLmPLJDCn6JCrSb4OhRDVq5tbjkUskmibTMtz8Q9C5hItor18%2BI8fob2b6lFFeQQK1ahkU1UaVAo1h1vWng6Ylso8Pfr5Yf5FDWX1lzsIeGgprQzrEcoV1Tw%3D%3D\"}]}\r\nx-xss-protection: 1; mode=block\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\npriority: u=4,i=?0\r\ncf-ray: 9f0d262d091c56b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":11207,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 360 x 120, 8-bit/color RGBA, non-interlaced","md5":"07435eae1f792873123ceaf56d03e8b4","sha1":"2d5bff4e74f8f098fe27f5d0883b4b767c57cf3f","sha256":"db6d4b5791fea04470cd762db779a812e6341957340b2a3a3e0832040b504d29","sha512":"32311cb25314e3a8c54bc7a486b5e20326c096413244025d5419ab254913ec4d085cac09dbf3c34939676903823dd30bee4a1ca1cb7f3d82d9215053357e7696","ssdeep":"192:ymSi6Gmmerb/9e0bjuq8eiaRTUaTjJJCVogmgjV3a8i0NCmN:yJi6GmVViZliUIyV4gR3aoN","tlshash":"8332c06b08f495d1b0046f56c266bc795590ee663038eb119cac0c77c42bff63797e68","first_seen":"2026-04-21T12:24:49.04731Z","last_seen":"2026-04-23T13:21:42.240003Z","times_seen":4,"resource_available":false,"data":null}},"time_used":392,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":392,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/LiveChatAdviser-Bp3CTXDT.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:33.721Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/LiveChatAdviser-Bp3CTXDT.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.gallabet1075.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:33 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=3biEgH409Z22jAVfUpBOWG1hh44JXBn3_c76t3AKF1k-1776950253.8935688-1.0.1.1-NHRhXdQe2.rlbTW8FMd4a7hO7Ov25YEEuxvcK5oJ5wQ72Zytd3Ls_Me8Ex9CGtEe8b3seszwCLyJAum_mBm8yaD1H8nuy1Ux9.WQVtJooWaamUIL2doPOIF0OM3mYdN_; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:33 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PKQ7kZCu9icvhLe3AABVqW4wWjGXWxgMxwft2gfE1SvytWgTj3YV0GEU%2FM0%2FeuGAtCysGOO65X8ogl5IgAcR8rPeswJ48NpODzThJABtARX1qMf%2Fx04a2mtaLEsfxvLHxiF6bQ%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\ncf-ray: 9f0d262da9f656b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":862,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (861)","md5":"800b5c6e1bdead95b25d98cf6c0cf4c7","sha1":"c942a5b28990f674f7453d1ac046dd0314c7db60","sha256":"1ed6f531cd6a3bf87def4a9ae8274512bdc3fe802326da9b35a7fd4efb605ca5","sha512":"f042335bc7a0f05f9dc94e0c8dbd22136a6bb7c71797394211f5f2b99a8ee66a9bd1baf93f607b8021a509ee1f063d2629961a9f3f7f8923188cafb3dffd8327","ssdeep":"","tlshash":"b01152d5f0c2e3fd6667284dc79e2443300a4fa4c23d0db9807b15641a3ce0aa30eed4","first_seen":"2026-04-21T12:24:48.971348Z","last_seen":"2026-04-23T13:21:42.216115Z","times_seen":4,"resource_available":true,"data":null}},"time_used":259,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Lato|Lilita+One","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"172.217.19.234","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:35.395Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:36:48 GMT","end":"Mon, 22 Jun 2026 08:36:47 GMT"},"fingerprint":{"sha1":"1A:63:7B:F3:04:6F:4C:E4:F3:15:87:E8:E7:FA:DD:B1:F7:7E:89:49","sha256":"5E:36:5D:D1:35:3B:0A:E9:8A:55:91:DC:12:B0:50:4A:AE:D9:A7:97:06:7C:0D:D7:F0:23:3E:8A:B2:08:19:00"}}},"request":{"raw":"GET /css?family=Lato|Lilita+One HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://crm-lib.fasttrack-solutions.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Thu, 23 Apr 2026 13:17:35 GMT\r\ndate: Thu, 23 Apr 2026 13:17:35 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1586,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"2f31f582a62929942285136edb852eb4","sha1":"ade05009e3f52242452d23f325d0d60eb2f4945d","sha256":"86d1d33f6f9e190954cb9cf8f930c7ce03e60bb102b64f2ce0baab352285acab","sha512":"2e4b5ff5cb64ede4c3e63e2477f156c55597e1c3ddd83d888fd96c66bf7cc6716dcf522fad19cdde2a4a564f530022feaff488500797d01f3673e52e295ddabd","ssdeep":"","tlshash":"6e31bf92097ba80497930dc212ce7d32ef1e62406845a825afff18dcfc67c699362b0d","first_seen":"2025-09-20T10:36:49.753015Z","last_seen":"2026-04-23T13:40:26.026075Z","times_seen":108,"resource_available":false,"data":null}},"time_used":165,"timings":{"blocked":73,"dns":1,"connect":7,"send":0,"wait":18,"receive":0,"ssl":62},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69e6f4c07ce/js/twk-chunk-6289ff8e.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:41.270Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 06 Mar 2026 09:33:33 GMT","end":"Thu, 04 Jun 2026 10:33:27 GMT"},"fingerprint":{"sha1":"F0:6C:DC:32:63:CD:34:E3:15:CD:7F:77:F5:A3:64:E0:9B:36:95:83","sha256":"B6:7F:6E:A3:69:3E:0D:3B:04:3E:8B:65:86:7E:1D:5F:82:84:18:16:8D:AD:72:D5:51:E3:46:BC:BD:CD:BC:38"}}},"request":{"raw":"GET /_s/v4/app/69e6f4c07ce/js/twk-chunk-6289ff8e.js HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 23 Apr 2026 13:17:41 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 21 Apr 2026 03:54:36 GMT\r\netag: W/\"dcc9b8d3d56a19e96ea9c75f499a3370\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\nage: 206537\r\nvary: accept-encoding\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nx-content-type-options: nosniff\r\ncf-ray: 9f0d265ced08b509-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":106298,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"dcc9b8d3d56a19e96ea9c75f499a3370","sha1":"f89d61f994fa18ed397750234723840a7a5b21a1","sha256":"30c2b0c7ccc706ffb9ff59ef64113a51ac481711c8a9a5146dbdf5faeb1bf243","sha512":"580301e9f1f6bca19b82685d31653621a57753350fe6589fbfca8d6c24f1cb1a4188d9290a80f2134a660c06c135058d7bd0c457ea7477f9c6b3dd5a454c7c78","ssdeep":"1536:BigMXSFu196wofTn32jGDIgaOS9WbaGlDluK1yFY5dZPkx3u4V5pfYMrlSf:4DiuTgQG/gZx3u4V5pPrlSf","tlshash":"7aa30a6ef091b47d8993d26120af3212f3363d55a919d0a8f234cdf859d89c9a127f3e","first_seen":"2026-04-21T04:02:24.282434Z","last_seen":"2026-04-23T17:55:40.619074Z","times_seen":693,"resource_available":true,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/GoogleAnalyticsTracking-KNUPbQw3.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:33.758Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/GoogleAnalyticsTracking-KNUPbQw3.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.gallabet1075.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=hEOQA.u.l.gEaeYBYB0nQVMlcnijm5rfcBf9Uya6giI-1776950253.9396093-1.0.1.1-Mt7IQRZg2IB8281nAEmFDqbjlxtN8s6WRa_vkk2yF4e0RjBs6HmYlKs4fa78p5guHraR7kuwP6PIx5yok.izK1147cclSXBV92h1fe.9TmzjppJPif7idlzLgvFsHeZ0; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:33 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IIIlec3JonMValACZyyo6jGVDwPMcBjwn3MrNhVKvxFWiYgyClkBPoNaYr5DBYLopnNavwoHHVoZgEl4UIMxrclj5u7Nbsar5Y0OHljTvnQIb1yMEDzcWUQ0mHWtOSfVOTzYEg%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\ncf-ray: 9f0d262dda3856b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":13706,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (10210)","md5":"55bab6325a5888c90cb320027d1f1674","sha1":"f4b5521240341ca8b7868c02ca44d6e52c4bfa01","sha256":"0e621617c4fad30c06041e2a9753a330e3afb517dc0121e2885ac32d6280f48b","sha512":"568e913d1d6e906d1e67c4c9fc922f7dc21af1761e839c4e0fcfc49baa2b3c88701169d96af31c89021f9c32e8fda6c2e60081c1995c7c2128aba5c71994957d","ssdeep":"192:QWYceR0SE+m/CTb3bHXCT76hYMGE0VK7D6L7kBNrnPsh52tJz2PM7mBE:xYcoE/CzClEP3BkS2PdBE","tlshash":"e552b55c32adb0b682df6054587f720bf1755910a458f480a275edf46ef8cae02abf36","first_seen":"2026-04-23T13:18:15.267749Z","last_seen":"2026-04-23T13:21:42.132957Z","times_seen":2,"resource_available":true,"data":null}},"time_used":276,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":276,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/NotificationsButton-yutPbShF.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:33.775Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/NotificationsButton-yutPbShF.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/assets/index-By9i3a2L.js\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950253701; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:33 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=e0TZfcXysLXKoLFXaJmfPYLkPsqsHMgAFfzkEq8GCjs-1776950253.9302225-1.0.1.1-WzunjbMynjWYcwoBd1YGixY9AL.a6ghI_T5Mjq9B8PWsvdYGheWIA_sTBABY0wfPBrR9UVo8BX0mQqElv_sAO3UgkyeQ.B2uD79cGkK9ykbFcgWRmNYnehLb2mCgXZXY; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:33 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=B0ihGR3XqJ9SacMuymQiO%2F%2FxUtPsTtPS%2FzluwGvEj20eEZ%2FTBEUMgvafIujqGxuBmq%2FvF4yu1xyvhS49kET%2BxvEGAeMTF5aNxaJsR4srWA%2FQPScWyS1NSFW2kkvNawCXVpXWFg%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=3,i=?0\r\ncf-ray: 9f0d262dea6056b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":558,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (557)","md5":"a1ba16059ba8b51b87752c12dc5baf02","sha1":"eec0024f63275d7894852e63a327a9c8bcfcb852","sha256":"894a01b86786005132f90c701034d5fec594f5afa2c075e69407fa2a36d76e8a","sha512":"660eb05e3e5fb79227b39b5f88fa5e3336e1982419d7fe69fc7c1fa636b486048c9f0901c0feaec07a401e59b12b0526fc0da8a0b860d855dc4620d3c7a0dab2","ssdeep":"","tlshash":"16f0264be554d5f417830d21a23fd015393b683cef06588004aa1c941330019c44fe4f","first_seen":"2026-04-21T12:24:49.056543Z","last_seen":"2026-04-23T13:21:42.162905Z","times_seen":4,"resource_available":true,"data":null}},"time_used":238,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":238,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/fonts/default/Roboto-RegularItalic.woff2?v=170","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:35.203Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /fonts/default/Roboto-RegularItalic.woff2?v=170 HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/assets/index._m59fQOD.css\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950255167; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:35 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 78564\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:45 GMT\r\netag: \"69e7308d-132e4\"\r\nexpires: Thu, 23 Apr 2026 13:47:02 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\naccept-ranges: bytes\r\nvia: 1.1 google\r\nage: 1832\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=nshO8DW5pS.COMw0bWThz1a29Jhp9sg668eywQQEehU-1776950255.2412858-1.0.1.1-UtDGg7FMfvm1d_iIuu4x.FLTwjRFZG6KUsl7ay21hrVuh5JIWKb7kchszm3h9bsFczdZXcez7VtGdc9GnuUiHWQ8bTVee_FY7QE_HO40ApEVv_npotw.2.BxAB1Jvarr; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:35 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RuY22yFFcSiNxh84VVz1%2FZdIl3uibstDDQkf3ECtTfQRM3L0KsP64As9HWlvk2AdN2OWeeydUrfg4a2cEjvnzEEp%2BCUIZF%2FLSrOgNj27c2Ee%2BnW8S7IhkVQGSXN7aVQX69t8ZA%3D%3D\"}]}\r\nx-xss-protection: 1; mode=block\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\npriority: u=4,i=?0\r\ncf-ray: 9f0d2636fe5656b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":78564,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 78564, version 1.0","md5":"ffa03f9099e16b1ed1a0158f01961b69","sha1":"f1b97110bb1dba1c8985b4c48fcc8f5c9cdb3e98","sha256":"84d373e980d8f7d376e80725c42737d1f76f34bdaff56575c866ffe61916263e","sha512":"e57c2b94d74e334cce5a9f880442efd3a3b90eb91b09b2384d3c2c109e087f51184a4a34d248ac980eee963d5dd4bf23f09d3032fa85310d925cbc2849d5199d","ssdeep":"1536:TzGsd78QYdAOQGSmGmOMz0En342rWzm4XAFVZ2lX8z31t6:TaQsAOjGmOw0EIq4iARqt6","tlshash":"f6731260bc8f5f5878b48e2c73ba52a89ff54c0824167356697ec6238f99344b24e74b","first_seen":"2026-04-10T06:10:39.548975Z","last_seen":"2026-04-23T13:40:26.04146Z","times_seen":20,"resource_available":false,"data":null}},"time_used":282,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":162,"receive":120,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/firebase-messaging-sw.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:29.949Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /firebase-messaging-sw.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/\r\nCookie: SERVERID=s2\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:30 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:38:12 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2357\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=CI5oMigSDgfHUUNc6AN46YOgv48EGO0GDtP9U52HXGU-1776950250.1198053-1.0.1.1-fJV.Uj7N_a._gDXjcGLBBVy095xE8z7OL8G9r4BRCLLlCauJWbrFb87MXNzFqolx3UKrtuoL77ZG7EdL1IpOw9BHSTvbTrlRX13v93t1xds5YlQfMTZKS4e4a6_aoTME; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:30 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IJ24r1NMVjPnnWeEJnN47o13bBPLJ05nWDL9yVZfO5JDXB0zNgOLQqOpzQPGe%2B%2FlKGwq%2F8X%2BIFfpTeJbgqHVCHl2i6wcBQYabMpp3LCgHkvlN9yH0PJa%2BY%2Fq1PORy2ez8AE5LA%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=3,i=?0\r\ncf-ray: 9f0d26162c5a56b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":1125,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text","md5":"44b92a7d10cb0970ced5798c2eb1b8ac","sha1":"819f60615624f025d1256efc408d8e576a909c7b","sha256":"a87215bfd90d96fb55335ce2b2411f38074588149c9e896505cb10b250e17e1e","sha512":"75c55da9e8afbd96b6219292c91fb88e01c15d20bafc974028763227220aa042f4b761895d44b0394baae53c225e9b0c109d2eca333aad6b382951a60448e8fe","ssdeep":"","tlshash":"5121cb124be2f8231e4104c7679f32186e290d2507b0f1de61bf56b86b0a57b206bbc5","first_seen":"2025-12-24T22:39:16.149326Z","last_seen":"2026-04-23T13:40:25.963691Z","times_seen":56,"resource_available":true,"data":null}},"time_used":229,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":229,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/index-By9i3a2L.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:33.339Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/index-By9i3a2L.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.gallabet1075.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:33 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:38:42 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2331\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=4O1MZoXMsHx18QyorX_opW5yb80l6bTggXKsjnbCczQ-1776950253.3823395-1.0.1.1-OLups7lH2YJP_mK_rJKiKaiMAsALxTynrTz9tEPFWv0ZghGVewI5ibFK1_S7Cahvx0dTJXrY9c0Y.WZ3mEQs3k_npB4tKTbmZz3uNLbxjDIEyds8sVH.GKVvqHgXU3jD; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:33 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GrthHABZSOyuk4mhehv8XRepj1U%2FHsIqu%2FqjVEgtfCZ5mgUmjabXULgkWhVhzfjO4hzXpuVdYjNfm3IKZ3FFakozfuhAZOyL8MR4iiGxM3yq19YOa7d9uSphlrOVztJX7KDlkQ%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\ncf-ray: 9f0d262b5eee56b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1137774,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (24532)","md5":"a5ef39b4b1955bbaa9d8931914abdbf6","sha1":"c6c4c2baecc68a96de72fa8e7f9df86e6fe922dc","sha256":"fb4f76fec46a321c0f7917703ccb22032259b175f7661e3e4bde4d870e65d627","sha512":"c6e08aa3c34683d424bc2856268c145932ec399bb0f0f0211e146fdd8ff24d3b7c4d0a9fca85ba081fd6d9a5007a2bce05b2eb3dbc29282e7b6ea38ed03755e9","ssdeep":"24576:lVo+1lCzwqTwWJPwgi2DwWTgExZPq4WhcKD:lVo+1lCzwqcWJPwgi2DwWTgExZPq4Wh3","tlshash":"2c257d85b155b87997b709e564af0102b1391e00f44cc460f67cedae29b9809a3bbffd","first_seen":"2026-04-23T13:18:15.270664Z","last_seen":"2026-04-23T13:21:42.184813Z","times_seen":2,"resource_available":false,"data":null}},"time_used":388,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":187,"receive":201,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69e6f4c07ce/languages/tr.json","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.511Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 06 Mar 2026 09:33:33 GMT","end":"Thu, 04 Jun 2026 10:33:27 GMT"},"fingerprint":{"sha1":"F0:6C:DC:32:63:CD:34:E3:15:CD:7F:77:F5:A3:64:E0:9B:36:95:83","sha256":"B6:7F:6E:A3:69:3E:0D:3B:04:3E:8B:65:86:7E:1D:5F:82:84:18:16:8D:AD:72:D5:51:E3:46:BC:BD:CD:BC:38"}}},"request":{"raw":"GET /_s/v4/app/69e6f4c07ce/languages/tr.json HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.gallabet1075.com/\r\nOrigin: https://m.gallabet1075.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/json\r\nlast-modified: Tue, 21 Apr 2026 03:54:36 GMT\r\netag: W/\"b1c2a4d2b221a5c3df91a782a9958602\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\nvary: accept-encoding\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nx-content-type-options: nosniff\r\ncf-ray: 9f0d2631eb655685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":12522,"size_decoded":0,"mime_type":"application/json","magic":"Unicode text, UTF-8 text","md5":"d5c878b97a6e060ddcc4f14fac2c8f68","sha1":"8f1cfd2be7067d0f230c6a8e4e85f700611ac5d3","sha256":"205a43ac3282e1533a6f03102f07c4b6fdb957b777e85135585af927547dda82","sha512":"9f49e1e332fbfc76add070a561f936093d3c54d0c9e0de4bd92407fd31a6716053b5177d586f8300394c15f21d9d7b68c9f4a25abccb5190ec3255eb87be6ab1","ssdeep":"192:OyJZiyVI8zVt8yr174zUet94dgbIfCTLOSWhmiUSI8MRcM:Bil4r8yB0ZgcTLHcmiLMRL","tlshash":"49429519cd61dd5b0196a34bf4db1643b0a942871f20382dbb4c86bd1f8e9af60fa74d","first_seen":"2025-06-19T03:00:53.745119Z","last_seen":"2026-04-23T13:40:25.934718Z","times_seen":518,"resource_available":false,"data":null}},"time_used":153,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":152,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69e6f4c07ce/js/twk-chunk-vendors.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:31.397Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 06 Mar 2026 09:33:33 GMT","end":"Thu, 04 Jun 2026 10:33:27 GMT"},"fingerprint":{"sha1":"F0:6C:DC:32:63:CD:34:E3:15:CD:7F:77:F5:A3:64:E0:9B:36:95:83","sha256":"B6:7F:6E:A3:69:3E:0D:3B:04:3E:8B:65:86:7E:1D:5F:82:84:18:16:8D:AD:72:D5:51:E3:46:BC:BD:CD:BC:38"}}},"request":{"raw":"GET /_s/v4/app/69e6f4c07ce/js/twk-chunk-vendors.js HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m.gallabet1075.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:31 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 03:54:36 GMT\r\netag: W/\"585323c7107bc10410961b74e1c9e4e6\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nx-content-type-options: nosniff\r\ncf-ray: 9f0d261f2bbe32fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":348599,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65465)","md5":"585323c7107bc10410961b74e1c9e4e6","sha1":"3cdb46391a560121b5e594ec3fcd8520e1c14a9e","sha256":"61fd6d8e0505ae224718e61791fb4358222c0b577e69391a0f780da30b08b9cb","sha512":"e267e688fc348acd1200f0c467613110078776e47b9aefe93ee57a22d62ca0cd3eca3caa5e5e97ea65a512f7e45281d82a07ece1225cd2b32dc6bdf52e74ff58","ssdeep":"3072:2u82gJcBg7MO79bp9t0fFA+1/hnWwet/NoZmg55+5Ar6VKkOPGWS:jzicBg7MOpWK+1ZWweBNo4++5Ar6k+WS","tlshash":"9d744cc8f193b0b946e2a2a5009f5207737b052968e88494f574dfe968e8d5c637bf3c","first_seen":"2026-04-21T04:02:24.325062Z","last_seen":"2026-04-23T17:55:40.631608Z","times_seen":772,"resource_available":true,"data":null}},"time_used":293,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":293,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"go-cms.gallabet1075.com/api/public/v1/tur/partners/751/popups?type=per_page\u0026platform=1\u0026country=NO","fqdn":"go-cms.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:33.637Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /api/public/v1/tur/partners/751/popups?type=per_page\u0026platform=1\u0026country=NO HTTP/1.1\r\nHost: go-cms.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m.gallabet1075.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:33 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE\r\naccess-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1o8KSyu8e25XY1S%2FG0M00IXkQ9cAcy5li5ZJ5yX5IHgzckAHyp9tic8Tg24XnSYDX0%2BtdzgHVQDdoGgs3FJ9LbNjJ%2BqmQxIj68tUmUdC2LhvcqIcnVfEquHONOb3Su2KxNfbI%2Fjto8%2F5%2Fw%3D%3D\"}]}\r\ncf-ray: 9f0d262d6fb556b1-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":56,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"43dfa1c019084a2c14989e86bd6886dd","sha1":"7fb0def9ba86bc2b460cf769b94379b420263485","sha256":"1bdf4392fdd5d05c96b5535705fea6d6b46a42dc167783da8fe90f42cfa4f81d","sha512":"e2eae1c1a2bc05c7f77e3028cd407b45a718221fe2cc4daef14f4879ea0c34870bf1f21aaf87e7d8e0b77557564edc5b1d6b6b4a8e2eb6a0793bfec2004e2c34","ssdeep":"","tlshash":"b0900212743591f36562f181252c2d027674b0806154c01c4d4c1968a7045673042428","first_seen":"2026-03-02T16:47:34.128167Z","last_seen":"2026-04-23T13:40:26.019813Z","times_seen":8,"resource_available":false,"data":null}},"time_used":276,"timings":{"blocked":26,"dns":0,"connect":0,"send":0,"wait":250,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"go-cms.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"go-cms.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"go-cms.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"go-cms.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/FavoriteGamesButton-Bt6bZ8ts.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:33.778Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/FavoriteGamesButton-Bt6bZ8ts.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/assets/index-By9i3a2L.js\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950253701; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=LIAcJ9CxNb62zJSeY4bvwhWaeUaBYDF4pqeyHmnryHQ-1776950254.0145245-1.0.1.1-6P6Az9JV0S1M2ELBftIPaxj9C_tp9iHQxRvtVh6DNvg34mtbqrxu9OOr1at0kNA8Vn4lTud.ywWnkxtvpb7jvKG_vJi1iMqjOEe4Wpkec6pcSt4fhE1AatOITiXT80DW; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IQnrWu8zstZBWKTXcENS19brCzSk5DU%2FWuMOkUZRJBSzjGap0FHWsZJvgNyCNvH7135WvnWn8wVwuzeoLYqfKQxn6rp739%2FFlqkoDxgOu2xta07cjvBvtbDzbCzUmTmCMP3fyQ%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=3,i=?0\r\ncf-ray: 9f0d262dea6356b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":427,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (426)","md5":"aeb81ac9f4671bd1d0a591aab0baaa5b","sha1":"f2056b313243905dbc9f28e6abc82a26651cb55b","sha256":"91dff9e0118d29a63161b6cf594b615ef2cae5aae3c81301d5c0a669cb1cdf48","sha512":"7beb316d344587f55f7f855735a549295f1863371fb579fd4c6eba64a34488731cef2ac850bca53dfc3bdf9c23f8c19c482f97be437c9bfa952d02f5cce415a2","ssdeep":"","tlshash":"cfe0a34ad049d2f927431ea05517c4242426a47cd758e590409e04643a71466854ee6f","first_seen":"2026-04-21T12:24:48.868475Z","last_seen":"2026-04-23T13:21:42.082172Z","times_seen":4,"resource_available":true,"data":null}},"time_used":322,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":322,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/JackpotPoolsWidgetContainer.C5xbwG7T.css","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:33.960Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/JackpotPoolsWidgetContainer.C5xbwG7T.css HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/tr/\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950253805; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:33 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nvary: Accept-Encoding, Accept-Encoding\r\nset-cookie: __cf_bm=2XcZelNdupNdEKBaYg4rXNavlbXZb3XIef3hRyFCvns-1776950253.9253774-1.0.1.1-FHdBFCLaTwsJRlZx_rH.FZ.wsYkGI496Ljh0QPtWZkABvgLXt8ufAquf_5zlzRrPWFcpouX.KYdIA21KVpLm4I6LRLaOHx2Ier45qEkFkd8K7ZC1HwLcTKRKz2Nscikg; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:33 GMT\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=43NqbijYbn%2F2nR9sWZ0wQyW75m6Igk4Y9QSWxIWBll%2FFPz2afjoeV5g6VNOE3xvc%2BEvNhQlGgV8zy%2FWDnozBVS47Ixi5nBZFdFxzZUJsWJhEcIcJe55FI%2FggiM7PKmR18ERB5A%3D%3D\"}]}\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=2,i=?0\r\ncf-ray: 9f0d262ebb4e56b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":7839,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (7838)","md5":"e5810a6dc4d39ef75c921489cfd463c7","sha1":"5fc7f46d4da76fb2a42c52007391d21797d606c1","sha256":"152eaf9db05e66e0b7e8ad6961a68ed2bacc25204acec7a0cc81547e002b278e","sha512":"07eb19ac6e96b910645b4e77b14840bc99ed3c4be03c78a7d8af8449906dff08791eb2701c710245c329b38281b118d422921cb1a3272c97fa5ea1d1de06bcbb","ssdeep":"96:Xnxo6ZIBmmohvoDxTTFQPHf9bzsV/bV/YgV/FxV/QV/OV/tV/IV/EVSVqV0VOVB2:XnX1Xx3erZg+L8Pyw","tlshash":"bbf1651352ab33ac6eee6937a170e31c7b7c083dc7131559adaf124a4e9aef1061971c","first_seen":"2026-03-17T07:58:07.338795Z","last_seen":"2026-04-23T13:40:25.96652Z","times_seen":32,"resource_available":false,"data":null}},"time_used":110,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":110,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/Notifications.4YD1Ldex.css","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:33.981Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/Notifications.4YD1Ldex.css HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/tr/\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950253805; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=_cbFIud1lfGsSdpiDPOhSCArLTfSSQ.snM0SfovNZaw-1776950254.0185642-1.0.1.1-O5dWRIfx3aZDBRHeVKe3N5KtZZf43VNOQH3bKR4XNTteimnfNG8_GvSvMFuYTtMixedTlHNDINvPn5WYIBP57jXB0umsybteYhSd8qg2ps4F_rduyHWEN_BKIhl7GV5d; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fNKA6nyqjhyoKDO%2FseSdDYdHIc1o7PevhKmnHyYwKg9bL82KjDKibn2qthGG4FgxSsJdan5Bk3n6vGgu9Kf759rgHNMchwDUqx8mP79OcQSMVCniHh3y6%2FZei8In2h3j4r%2BLMw%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=2,i=?0\r\ncf-ray: 9f0d262f3c1356b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":42,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"a84d03aa0e4c29b941ffd9b99044227c","sha1":"fb904cdd18d8bd1528967e5294579144896c0e2c","sha256":"80b5ae12e0eedb3d97d894297c05b2e62671e47d6889a2f4596e817d0246cb6c","sha512":"16edb86c710d17c07400df8df18cda1591e64e3c9d5aead59d1182669ba48fedff014be44b35b9cca88fa15c3f94ae855bd064280106c20951b626f3aaf2186b","ssdeep":"","tlshash":"c49004570517d0d4f551405300d11c50d4d744cd0dd51151c7c1dc1d50c010cdd31dcd","first_seen":"2026-01-10T12:08:16.414391Z","last_seen":"2026-04-23T13:21:42.157147Z","times_seen":202,"resource_available":false,"data":null}},"time_used":118,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":118,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/MarketSlider-May5T4d_.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.866Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/MarketSlider-May5T4d_.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/assets/LiveGamesWidget-iPe0Z4pg.js\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950254700; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2050\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=WIJ5wPbraVYjotk.7NnTRlP_nNts.93PBFWoVSaSp.Y-1776950254.8962793-1.0.1.1-Ascwuju4edTXSWPTadJOrynPTlC10s7KFZjwUlJ4WHij_3MunETCTAiJUVPfqZCmQPKGj83w1tqIQ61juQ76mtj4M1LUNlzZC1ZHL9CM5XDMMPshVHaEHXcM6hJ4TKi3; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6kyP1vSY%2FkCoxz4gp%2FWWFt6gONOfBzYPksRWx3s0lOC%2BDC1WY2G2elD3ywX1hd4b7v2d0e330qaRdq6KyO%2FWnhyr%2Fl%2Btkpczcqme579jB3oQk0qDpKwpavOKMdDifwi8ZRKShQ%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=3,i=?0\r\ncf-ray: 9f0d2634cb7f56b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":4384,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (4383)","md5":"feea55c67b86227b96fac92790da896a","sha1":"1d76497c4a47bcd68cade47f07b90dfc4a31af93","sha256":"5ad5d6cbb54b9abd12c813e38b1885d8cee4e1fb39c4d768b6e94424281ccecf","sha512":"84ff6cf0d5307e322ee2187c4d0b3fb90d061d44b14d08c5a7dbd840e35921cac28c12c8ce7317cd30d6bb46b01382268ea12ba41350049915a3f6b7042f3208","ssdeep":"96:GeHcJa/LobULY+sKOqG/RdMZTuwZctcmXrc1IrRewlUmtRbOLDv:1HUa/LoAhOQ/ctXdhlZt5w","tlshash":"cc918888d039c86471698cdee1376f13a2703973ab7682d3f05b0db94364148d6aeeb7","first_seen":"2026-04-21T12:24:49.03677Z","last_seen":"2026-04-23T13:21:42.223936Z","times_seen":4,"resource_available":true,"data":null}},"time_used":103,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":103,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"02503637-3458-4264-a556-a663e82c28cb.snippet.anjcdn.org/sealassets/d88ac0261d204e5dc0a170f57ab2e357-galabet.winwingames.io-486c6ced63392226b7bb98bcb3a47c5e200f727c81d94d94704379de531211a4683f102c172d4031615d4a731a036011-c2VhbC5wbmc%3D?status=valid","fqdn":"02503637-3458-4264-a556-a663e82c28cb.snippet.anjcdn.org","domain":"anjcdn.org","tld":"org"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://galabet.winwingames.io/","date":"2026-04-23T13:17:35.448Z","timestamp":0,"http_version":"","security_state":"broken","security_info":null,"request":{"raw":"GET /sealassets/d88ac0261d204e5dc0a170f57ab2e357-galabet.winwingames.io-486c6ced63392226b7bb98bcb3a47c5e200f727c81d94d94704379de531211a4683f102c172d4031615d4a731a036011-c2VhbC5wbmc%3D?status=valid HTTP/1.1\r\nHost: 02503637-3458-4264-a556-a663e82c28cb.snippet.anjcdn.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://galabet.winwingames.io/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-23T18:09:27.649541Z","times_seen":14112422,"resource_available":true,"data":null}},"time_used":84,"timings":{"blocked":0,"dns":71,"connect":1,"send":0,"wait":0,"receive":0,"ssl":10},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69e6f4c07ce/languages/en.json","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:32.091Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 06 Mar 2026 09:33:33 GMT","end":"Thu, 04 Jun 2026 10:33:27 GMT"},"fingerprint":{"sha1":"F0:6C:DC:32:63:CD:34:E3:15:CD:7F:77:F5:A3:64:E0:9B:36:95:83","sha256":"B6:7F:6E:A3:69:3E:0D:3B:04:3E:8B:65:86:7E:1D:5F:82:84:18:16:8D:AD:72:D5:51:E3:46:BC:BD:CD:BC:38"}}},"request":{"raw":"GET /_s/v4/app/69e6f4c07ce/languages/en.json HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.gallabet1075.com/\r\nOrigin: https://m.gallabet1075.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 23 Apr 2026 13:17:32 GMT\r\ncontent-type: application/json\r\nlast-modified: Tue, 21 Apr 2026 03:54:36 GMT\r\netag: W/\"4662c7c182dfe30065936bfa05f8c773\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\nvary: accept-encoding\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nx-content-type-options: nosniff\r\ncf-ray: 9f0d26238ab45685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11595,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"4662c7c182dfe30065936bfa05f8c773","sha1":"d1f155c335c31be5947ef8ebf82be1eee2782fc2","sha256":"2d2d85dfc80ec4f42d12bea574d59879d269b5c06557cf888367fbfa9036fe47","sha512":"abd2530371ef02602814b0bed360225c0530615c5db002d61511bca5e8cda0d8da2bd288631ee02da5fbf952b31bd4380284dcd56838277b52654f7d13dc6229","ssdeep":"192:wmr65/bLHzPrquLUVid+BCzfF+npqpe9svKGC6KEt1aZwf1E:fCbLHzxUVid+BEfF+np59L3Zwfi","tlshash":"ed323169ce504ea702d29646399f35437624829b1f54342eb78c91ac0f8ec6fa1f77ce","first_seen":"2025-06-18T04:11:24.033166Z","last_seen":"2026-04-23T17:39:21.202601Z","times_seen":45694,"resource_available":false,"data":null}},"time_used":157,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":157,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/tr-BJOLX3p9.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:32.235Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/tr-BJOLX3p9.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/assets/index-By9i3a2L.js\r\nCookie: SERVERID=s2; TawkConnectionTime=0; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:32 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:22 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2050\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=7Bicb7JyTrjyWHPx0ZgC_Wtol3r5A87b1tHqHhAUS1A-1776950252.535904-1.0.1.1-5o1OGp0uT1Hm2ezbTwkbgJJl9welOzLu2ryARF3byIjnbDrLj2g6jzkT7VMbynDJV86raXk9ROgyIg6r2zxqTIrM_Q5uQyUfp1H5vqk08ivGYmbASJi4OW6EL8MwdR5q; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:32 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DKwyvoEobAkxCmSxWxGFaLyOHXuLaOvxWHE0qvGUbAdt9aUM81AD%2F37V0w8LI7cAhMY4yfhX2YLGyzeXt78hywLJ56%2Fwva0wyRYsKrn7pX1VNrAp%2Fn0hy4thpx1EXWQpbwKz1A%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=3,i=?0\r\ncf-ray: 9f0d26247eee56b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":1459,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (1438)","md5":"848dac39aeadc83e3e3db257768fc109","sha1":"70882ae65034895049706536f339a84a05a38681","sha256":"4f7f017d03e2ca9f07d08eca3090c1bdff99623e91bb0e5dbb1f63be1f4456ab","sha512":"558018a24b150f92bbfaec01d53da786ffcacc01f08edeb4e434a13c6fcb2249a6bbbe058ddfb9295247187fe024ee8fd2e00ec5f5979fc2692fd2d1840aef04","ssdeep":"","tlshash":"9a31728d2946ebf28b011887cc2f4f04f81c2a187035f6605ba0c461ba709ee807ef3d","first_seen":"2026-04-21T12:24:49.066623Z","last_seen":"2026-04-23T13:21:42.206211Z","times_seen":4,"resource_available":true,"data":null}},"time_used":363,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":363,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/logo.png?v=1773142319","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:33.529Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /logo.png?v=1773142319 HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950253481; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-23T18:09:27.649541Z","times_seen":14112422,"resource_available":true,"data":null}},"time_used":2,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/FacebookTracking-Di526DTV.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:33.787Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/FacebookTracking-Di526DTV.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/assets/index-By9i3a2L.js\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950253701; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:33 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=BGomD9bRjp9oEH_M14hQ8Nwc2u4SpqL53DJNPFabcbY-1776950253.9082682-1.0.1.1-FugshSaWGLM_o.RQHhDs0sJMFma_oA1mL_nvkrGEi06C.1OHAwMOEU.8JI7mPjyIy.A1bkHWh07_qwFGI0p0EnXROZPL.G2J_kZZYYLYkBJ3lqf64bOiUk9sQw3e63_g; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:33 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=n7xS84fAw%2BzfLSM0hvi2P%2BrJ76xzlV1D%2FeZfuNteIbWnEQDNGcK1itBYnuEMQhq62qHWclq4YvfPM9FONs4fvObg7ox0N%2FfiHtpPA6%2BPP05jE4%2FPKZifUPpj6i8ExS5%2F050qkw%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=3,i=?0\r\ncf-ray: 9f0d262dfa7a56b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":680,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (679)","md5":"1677c6d581eb780d31f16f54c87e7ef5","sha1":"cd18535059a569b9022672f896bb65a8079607c1","sha256":"c489bb95a03794f6e8af73883c3bad9f5a8095a9783421a209ca13ce31218da6","sha512":"66d41df0d890ca306b642c0b3f50c996aa4a562686627e35ce47c169dae512993f10ec0007c7ef2376b40d38b5b517a2b9c5119a5ceae2aaa82497c5a1fc8ec5","ssdeep":"","tlshash":"6401fe0f2c45b47d267c18b8d3bfd81426ba590e2a8b4595c6c789b9263454a40cef8d","first_seen":"2026-04-21T12:24:49.081384Z","last_seen":"2026-04-23T13:21:42.206901Z","times_seen":4,"resource_available":true,"data":null}},"time_used":215,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":215,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/GameListItemTeams-CEtT3dwF.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.190Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/GameListItemTeams-CEtT3dwF.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.gallabet1075.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=WVHYT2kZt9tA0QNjx2g6KXzTETPr4FALYyP8RpNdZyA-1776950254.2896733-1.0.1.1-nFS2kAhaATEst.KzAIivU4M0WeqUwjoLB7sNBthfEZKt.B7sJJoqnFXOQgRuTuGzqqZDxOPNe8AQ0_az2fyGg3ufnajTM8P_Lwv7B0YDStsvXao3urCDwFhs0UwPL6h1; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fZLG6xuh72zvpLH%2BuTGRvIcTrYLF%2FZE4Cwb9l%2B%2B2K06VhJ2hfpbfsl65kzNOcMHo4pueINIAkr4LbZYzLSPguYPygTiaMCEI4VnyiHAwr1QgpIekTuaDfF6TwzDnqtyDwyAZYA%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\ncf-ray: 9f0d26300d2456b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1600,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (1599)","md5":"7cb2f48f38bfb0279904944386f1e2a7","sha1":"cf32f17c46b46eb301ca9c2532b6031f4bb374af","sha256":"331931960cb4393acd95f6f05ca57031fba28c8c78128b7cb87fcfe24c398b64","sha512":"e3b54febb38accafd50c414d77c3af83f5ff80bfac64243a41227cabb853ecb339ec8fc5bca335340b409b3b3b1789d651b44502501507af2756f604d766c444","ssdeep":"","tlshash":"f431e089f020eef5f9514cecd97d4622b11a0e96cf7846d1e12d9b341a34116b31aeae","first_seen":"2026-04-21T12:24:49.053198Z","last_seen":"2026-04-23T13:21:42.168338Z","times_seen":4,"resource_available":true,"data":null}},"time_used":252,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":252,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/BetslipMessage-BNH9Z4__.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.880Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/BetslipMessage-BNH9Z4__.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/assets/ExpressOfTheDay-43DWSrHP.js\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950254700; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 503 Service Unavailable\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: BYPASS\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=JZKr%2Bl4wJ9W%2Bltf8JIiMTtNBwOfa%2BUmQWpxwHAxRkPcLmP%2BC3d8whtvuNpLaSm23rPK%2BGXDsVt%2B0ByU7QzZy2e3cRAQZxeDHeDH5UWkCLO1oUkNGDU7cezSfi2QNv6YFr48hbuc%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f0d2634dba556b5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"503","status_text":"Service Unavailable","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-23T18:09:27.649541Z","times_seen":14112422,"resource_available":true,"data":null}},"time_used":70,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":70,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/LiveChatAdviser-Bp3CTXDT.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:33.780Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/LiveChatAdviser-Bp3CTXDT.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/assets/index-By9i3a2L.js\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950253701; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=mJNKVh5cFB8slWFr5F5tlG8EN_sluMLqAZ7DYafiDkI-1776950254.011012-1.0.1.1-sbsozgMdfi5TzQ2_P3PVg6Cnwt75imoK09mU9tPWQAKEbgi0LgPDvhkjTiQbs3_OX_1ox7GRP3W56R1iYz0UaoMKLkYiWDIowk.a5.S7askRBe0UfOG2gYvypA08SFpj; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Eu3dPEOwvft3K3lMJ8RYKRfVqZv%2F1nJ4tmuaWe18nqHIoE9E%2BRx2dzXlNQFkatVXz0pbDRjAMf8T4ES9pe5hWFZfdMW%2F23Dxi8rrXRSmNZr%2BnlHDYU7T7GQnkpxULQRWrk8nCg%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=3,i=?0\r\ncf-ray: 9f0d262dfa6b56b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":862,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (861)","md5":"800b5c6e1bdead95b25d98cf6c0cf4c7","sha1":"c942a5b28990f674f7453d1ac046dd0314c7db60","sha256":"1ed6f531cd6a3bf87def4a9ae8274512bdc3fe802326da9b35a7fd4efb605ca5","sha512":"f042335bc7a0f05f9dc94e0c8dbd22136a6bb7c71797394211f5f2b99a8ee66a9bd1baf93f607b8021a509ee1f063d2629961a9f3f7f8923188cafb3dffd8327","ssdeep":"","tlshash":"b01152d5f0c2e3fd6667284dc79e2443300a4fa4c23d0db9807b15641a3ce0aa30eed4","first_seen":"2026-04-21T12:24:48.971348Z","last_seen":"2026-04-23T13:21:42.216115Z","times_seen":4,"resource_available":true,"data":null}},"time_used":351,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":351,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"galabet.winwingames.io/public/proxy2.js","fqdn":"galabet.winwingames.io","domain":"winwingames.io","tld":"io"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://galabet.winwingames.io/","date":"2026-04-23T13:17:34.894Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"winwingames.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 08 Apr 2026 22:12:39 GMT","end":"Tue, 07 Jul 2026 23:11:19 GMT"},"fingerprint":{"sha1":"90:7E:2C:27:B0:AE:B2:70:1C:09:CA:A5:EB:B0:ED:3C:FB:33:60:E6","sha256":"D1:CE:FA:9D:79:3B:F6:79:1D:CD:A2:97:87:52:B4:4C:7F:63:B5:FB:4A:22:66:FE:29:5F:38:F5:74:60:9E:46"}}},"request":{"raw":"GET /public/proxy2.js HTTP/1.1\r\nHost: galabet.winwingames.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://galabet.winwingames.io/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:35 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Thu, 23 Apr 2026 13:17:35 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: EXPIRED\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jV%2FMOzLvKHcHcrKbhcMbpzawpSYF2kSCrD17mA74%2BaT4ri2v5Bty%2F5BfWPfs86vPt3k%2Fp%2BItFVxDnBt%2FyLDfiU9riHiZqQPlL0vVdp4XFkFqL4g9PnLfyuwDVtVWTIbrgt1VVi%2B1MQHg\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 9f0d26351c6adfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":19498,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"1296781ea2c9cd24e19fe155b42373f2","sha1":"d7ce9dffbb2482bc2f3795cdeaa727d99e49644d","sha256":"de74ac92be5c23abac0e045e3380edf98b53abeb1abc7351e98ec06a71a01359","sha512":"3922435bb5f624625705a335938c57a7addd890b26905e7097bbed9882d0508fd10eacfd3fa32cf5b570deece89987d97773fc9377c68416dc03707c32e4af72","ssdeep":"192:0e/p461ScOtSD3FfjmfO6goK78IANjSLsZPiSLrBEpKYehsKs841+yUV22hhCsrq:l//Sk8fhPVEQGrUFAvRZIgUlM","tlshash":"ce92860e927b6123447334bc978ba146be1150971d0acd847f4ce394bf85b6eb6b27ac","first_seen":"2025-12-24T22:39:16.372563Z","last_seen":"2026-04-23T13:40:25.960884Z","times_seen":35,"resource_available":true,"data":null}},"time_used":280,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":225,"receive":55,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/index._m59fQOD.css","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:29.946Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/index._m59fQOD.css HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/\r\nCookie: SERVERID=s2\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:30 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nvary: Accept-Encoding, Accept-Encoding\r\nset-cookie: __cf_bm=sPVx4ZlA94KKp5SCEHEJ0PPZOjAseHfEg7bSI5FiN6A-1776950250.1490018-1.0.1.1-qAu.G_Jbxi1GT1PoHgFeZKtxUofBqaO5wrxNgSCEIQYqzVaFyyZiCYdXGuqbLNcZ6WpOadmTvc.47fhLZcQioTgc2pB61fONhFV7LBT_lg20pJcba4PxfK4qGu_3tQd7; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:30 GMT\r\nexpires: Thu, 23 Apr 2026 13:38:42 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Hm0%2Fh1GZaIeFkfyJMwsSFaOseOKdzNFgDpmHvI1rx%2FypiKnXm7p2%2Blx9KJpkjLdELBlZKm%2BoilIO%2Fvk9rAfMdD2R6DBQIH%2FGcDti4VQzPsZ6hrMmi2c4rLifhpfES896i94RNA%3D%3D\"}]}\r\nvia: 1.1 google\r\nage: 2328\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=2,i=?0\r\ncf-ray: 9f0d26162c5456b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":517514,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (62128), with no line terminators","md5":"fc86389ac86e0954471fe6aeded4a930","sha1":"9bfb325f95a0f6b80219dcdc4456f0b486f7979a","sha256":"6a74f0262e6f99ec45b03f1b81495b9e81939513bd5ee759d46d7328574ddcf8","sha512":"02b646d6b19612cce3f8dddf7f0203243a1c740862c296a8aad1302cd5cf2620f7e85eef698b0597dabf70351e9f22e4352d097e0b601541a85f413623a04d14","ssdeep":"3072:HT1qmID/L6Zt4llM9booiOIZpb2jRzseBrQSaQFRBE:HJqmID/L6Zt4llM9b4OlOR2BE","tlshash":"02b4c8a1968822f87b33d91f93d1779cb024f061d9621e6ff18a252dc6d67900263f7e","first_seen":"2026-04-21T12:24:49.055166Z","last_seen":"2026-04-23T13:21:42.175591Z","times_seen":4,"resource_available":false,"data":null}},"time_used":559,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":487,"receive":72,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/loader.png?v=1773142319","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:31.643Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /loader.png?v=1773142319 HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/\r\nCookie: SERVERID=s2\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:31 GMT\r\ncontent-type: image/png\r\ncontent-length: 748\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:45 GMT\r\netag: \"69e7308d-2ec\"\r\nexpires: Thu, 23 Apr 2026 13:38:43 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\naccept-ranges: bytes\r\nvia: 1.1 google\r\nage: 2328\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=y_T6v06L5hhplRzWQsFUfTVn4sKFGMYNBS8B5KTZlRA-1776950251.8264937-1.0.1.1-N_gtywW3WwUu3ndrr.TOBN.im0Y7z7fZBs657GHXHqIZ3n9XblD67rDBOjRIc5bG22OEdbIVre1NQEPHozaN.8m1EXCtGqXNNunA3ZqCRXC6TMaa3gJxHsm4Ju.vMWTd; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:31 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MRgx6weV1rIomLHUdvt8K2yG7pjVASw8bbwh6QbFrOClUhUqeoAskQnIYnQuD9SqtTMsME59HXpLkd3LeN7luz7bVLEgrx90acQRbZ8Co0mbOPf42BA7qZIK0Ql%2F%2Bl2CZLXttQ%3D%3D\"}]}\r\nx-xss-protection: 1; mode=block\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\npriority: u=3,i=?0\r\ncf-ray: 9f0d2620ca5256b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":748,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced","md5":"32a764fce0033e829f53bb97a08c4717","sha1":"f010dc6c149341b82fe1ff9ac386a2f455df8466","sha256":"3668e57cf257d82869a6d02bb8beffab2df3b8026c6caf5742ab5277e92476da","sha512":"23d4e81136be808c40febfff441eb2e507fcc54dd0a8735c487ac0d8cf7b2e26294404101985c8849d53cdd143fab1bfc13426fa7adf751112199bb5ba0f97d2","ssdeep":"","tlshash":"e401b58653f4cf5abaf3e5946c24050c44e68210425a213c940e84dc2ab361600fd1ea","first_seen":"2026-02-24T14:18:16.758632Z","last_seen":"2026-04-23T13:21:42.143043Z","times_seen":16,"resource_available":false,"data":null}},"time_used":237,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":236,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/InternalDataspotTracking-ByS_Jx8a.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:33.763Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/InternalDataspotTracking-ByS_Jx8a.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.gallabet1075.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:33 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=JFDXJCoNAZ3XaQAd7SyQ70Ui5orKwdxLyxIZDCsxIMQ-1776950253.9408817-1.0.1.1-itKsAUtwS0sdfdUEN3kcl0zAL3k2qsWphP7nMdX6PrTQkCnl4jkhvO32vab5DnPqSZDOGIelrlSzJkjm_xr5.pCMgQxIxTCQxcxFD7LWLBy1rSerxNwvXc.xFePq6ijU; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:33 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6C6sB5A6re0R0%2FXZLZi5%2FpvYYeDOQlZ0U1VFj68RtxfWypmHtf1BgRvxi0ySfhG4AGlX0e0fH%2FXGIl%2FiJlgPEcarZQYlQgBtrpMQZCiOOt7Bfv3ACBUJAc51u1Yd4xmkZQrV9Q%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\ncf-ray: 9f0d262dea4f56b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":4865,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (4864)","md5":"3ff30fc004e44de041a044c35fc2b56e","sha1":"57f366335ccaa3a2fe8cc7f65fd4b345f2dd52d4","sha256":"b95ded52ff9ae61ef4cfe8b4f42da2fe291b68c55a516c1d7ab64a2d6f811a3c","sha512":"627a1ca75e980988dd8ddf3a5999e08dd02348f3d236f2e95c727cfe58ef95499fbe8499bb51ced9574f0f029d52163a1442cd62f3cb835385a4cd1cc5896587","ssdeep":"96:04W8ZUCVtfzEr2Cv7CvXvqvxGr9qCtz2T7TGgZQ1bZfQ41+pnys9OtmksEZRtifD:04W8ZUCVtLErNvuvXvqvxGZpFCHVkdYt","tlshash":"1ca1740fc83c04747051d5dd587796abc2bc7c9a91c0c8f0a03b9e6a521ad09dbf6ea7","first_seen":"2026-04-21T12:24:48.861306Z","last_seen":"2026-04-23T13:21:42.112089Z","times_seen":4,"resource_available":true,"data":null}},"time_used":251,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":251,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/UnavailableMarketEvent-CYfp4pDc.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.865Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/UnavailableMarketEvent-CYfp4pDc.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/assets/LiveGamesWidget-iPe0Z4pg.js\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950254700; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2050\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=0FQ9v_LZQF4498_157LKLMkGEgvh32Y0jLy1NiBYngA-1776950254.8997605-1.0.1.1-lVYbl_1MUaDBrOkotTP8xIhDfI2B1_FYSNzPdtoygd1IFO6g4ROfPkXgEv0pmLjQm6ZfxiwCIlgNn2_GLQrK8hshb416EPG3d4WZQN_kPCASMRR.2d4eMDwAyZ2Brsms; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fZW8xbyfbpG5a6O9FyujLgBQkqJOwfhs3Me13zqsUowig3ZTgdlCK7W8%2B4GRPxHeb7rS6Z6E7xuOOVdWFHkRJ7Xaza2fSQIy3uViBVE0tITRdnyWqD0DrTzvb5u3OFicTMqLUQ%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=3,i=?0\r\ncf-ray: 9f0d2634cb7a56b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":308,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (307)","md5":"301b968db5a1b6c70ef45f96a70caee7","sha1":"af0ad681fa2065e8e6fc3de5be1bb8bda7c32aae","sha256":"ccc3b33c3b33fb19d13f76b0790ee81c1ff29d5aca03f7a0093e100de40fa405","sha512":"244dbca0ebc897e9105bf0be8f0d97267cf9ec27d0d0d3313109bfdf2892c75bbc7031a49e17dfb6d251c76ffd8e9dbabd80f3d8821c3ea4aab452f28fdf7845","ssdeep":"","tlshash":"6ee086096104bbfad5261cc8ce3a4b49511206a5c7a949d395a910281b34265350ae9a","first_seen":"2026-04-21T12:24:48.997389Z","last_seen":"2026-04-23T13:21:42.132252Z","times_seen":4,"resource_available":true,"data":null}},"time_used":119,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":119,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/NotificationsButton-yutPbShF.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:33.700Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/NotificationsButton-yutPbShF.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.gallabet1075.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:33 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=.1AKfFwf4tYUEB42eRoS9pH95h.dg_NNpKzECOlvVxQ-1776950253.7612233-1.0.1.1-eU.n5w9vquDLxM7cM80zyezwyqGOzPSB9PQS6MLfgX_klYhNyWtvfNKId.pIOTBuZybn21vMjBqcCX9NKDlb2zEsGbp27zfjfEFvBWdllQQyR3PS2M6RRivcGIBJV27s; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:33 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=iqo685seTcG0k1Q2ViJ5ZYkuBY2iAhSe8u4QQjIaGxPSyEhIIezUZNzhaZgw0D3cNzPsnx9yyVnLO7QwpyiepXN0VK1eEePxHSD%2BdigSYnBg%2FXkpjeBc4PM7GouHQeemuNfdqw%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\ncf-ray: 9f0d262d89bd56b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":558,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (557)","md5":"a1ba16059ba8b51b87752c12dc5baf02","sha1":"eec0024f63275d7894852e63a327a9c8bcfcb852","sha256":"894a01b86786005132f90c701034d5fec594f5afa2c075e69407fa2a36d76e8a","sha512":"660eb05e3e5fb79227b39b5f88fa5e3336e1982419d7fe69fc7c1fa636b486048c9f0901c0feaec07a401e59b12b0526fc0da8a0b860d855dc4620d3c7a0dab2","ssdeep":"","tlshash":"16f0264be554d5f417830d21a23fd015393b683cef06588004aa1c941330019c44fe4f","first_seen":"2026-04-21T12:24:49.056543Z","last_seen":"2026-04-23T13:21:42.162905Z","times_seen":4,"resource_available":true,"data":null}},"time_used":223,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":221,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/InternalDataspotTracking-ByS_Jx8a.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:33.791Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/InternalDataspotTracking-ByS_Jx8a.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/assets/index-By9i3a2L.js\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950253701; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=lCpAi9zKU1i.E8aHBfQ.te3TlUP2PO2Uc.zIXDQh62w-1776950254.062986-1.0.1.1-XAwmtXxA7vurbaQHQBx5VbRSlK.9Xk2c3YzyPA4oVbLGjlX1Ml1jFNNyNurMOPTVwg31AJpOgojkcbujo1df3fFgJOYK6qL0Oy4gv0Dg4pfwMo2FhJ3HekRGLunZXvM4; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qj%2B9tqllgt6Zl%2F3W8Ddb9bZ2emzB7vVN0JIWIirQZ4hr9wjRWf%2Fwm4UWpxrUV60TikLbO9Mr6sEbO1%2FE5CqS00j4%2BtyoVV88bjg2wqp0i59aAQpu6OviQCyn7jAQTGLSx71hHA%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=3,i=?0\r\ncf-ray: 9f0d262e0a8656b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":4865,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (4864)","md5":"3ff30fc004e44de041a044c35fc2b56e","sha1":"57f366335ccaa3a2fe8cc7f65fd4b345f2dd52d4","sha256":"b95ded52ff9ae61ef4cfe8b4f42da2fe291b68c55a516c1d7ab64a2d6f811a3c","sha512":"627a1ca75e980988dd8ddf3a5999e08dd02348f3d236f2e95c727cfe58ef95499fbe8499bb51ced9574f0f029d52163a1442cd62f3cb835385a4cd1cc5896587","ssdeep":"96:04W8ZUCVtfzEr2Cv7CvXvqvxGr9qCtz2T7TGgZQ1bZfQ41+pnys9OtmksEZRtifD:04W8ZUCVtLErNvuvXvqvxGZpFCHVkdYt","tlshash":"1ca1740fc83c04747051d5dd587796abc2bc7c9a91c0c8f0a03b9e6a521ad09dbf6ea7","first_seen":"2026-04-21T12:24:48.861306Z","last_seen":"2026-04-23T13:21:42.112089Z","times_seen":4,"resource_available":true,"data":null}},"time_used":351,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":351,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/FeaturedGames.BqGfbibX.css","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:33.970Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/FeaturedGames.BqGfbibX.css HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/tr/\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950253805; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nvary: Accept-Encoding, Accept-Encoding\r\nset-cookie: __cf_bm=oqG9mkuzM19noDDjr8irQP9GcoIncRA9oO5Ir89HNeo-1776950254.1629293-1.0.1.1-IeD3.H6OPOMm4ERANw0TBopzAUg7H6_gTno8rJ46zsFdWmB2IDT.CoV6eWT0Wfu6ju7cyukn8zWQ2K5IKMvGM35JOF6wYp7ysIU576PSOr4tK1K5bew0RO0sBq_2abjK; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hilb9f5i4jAH6LLB8cAUCxdaS6%2BY3LmvSeUpOMRMLYA66yUHrbygIbBlQlGfrhvqbmVHhrXA12uOfMDSPcOu2DMiCqyQbb0IG3mKaffa5ODffSAVeSwdz%2BErqm3XpZ0Mpiu8pQ%3D%3D\"}]}\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=2,i=?0\r\ncf-ray: 9f0d262f3c0e56b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":7082,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (7081)","md5":"b9d344659eda7f84d59b2ca785922590","sha1":"5276c97b70f3ac831be147bd9d3184eb8532a2dc","sha256":"e89b502316316e94643e2b764cf5688400f9359a0dce35ddb32f4d1b6025e20c","sha512":"56e9d6058b85b8fd878993b2ee6e6ed7f5acfe624e013631471f889e36f34543c3ec77987f452bd46ec2e5c5d93266f4e01a5f80662867760c46463fe4c7235d","ssdeep":"192:TYFnOFceEDvCElpcFpgZFcV3r90CCkPaifKLwp2xA:sFnOFceGrcFp+FcVRWg","tlshash":"cee13115710e3a387a23a1ff26905b8ef4dac0f1de2a2d3ea490272bcad63560535d58","first_seen":"2026-01-23T19:25:36.430155Z","last_seen":"2026-04-23T13:40:26.053535Z","times_seen":354,"resource_available":false,"data":null}},"time_used":268,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":268,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/FavoriteGamesContent-Dih0wve2.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.672Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/FavoriteGamesContent-Dih0wve2.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/assets/index-By9i3a2L.js\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950254546; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2050\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=w7exaNK.X.0K3D2M43absD9dxMcASw6E_jiSZmHQDmo-1776950254.7206748-1.0.1.1-Fnmo2oX5OoJ1puMOT66JdeSttwFxEJdCzhOUC5I.SfEKFGrUAM.HCYNeBiBFLiGhr18bq4031d40CuG5qJ4vcaLyIiWZfWLtMLqZz5mk9xMGc.8wDmLc5T5u0mIEEUwQ; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=P%2FnXSPC9eI%2FTntHSWynCbLbgzKrhLcbyhysaHDvMPDHg8VirNfW6difP6sUG0vcded4poyflJfiykKJaJlHSLamLAahBxYmjJdi3eRL6NruHLPdJSiep%2BV5D9OtfCDB7dDUYYg%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=3,i=?0\r\ncf-ray: 9f0d2633ba2556b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":3155,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (1734)","md5":"908b6f08461acca2709ec911c51197d7","sha1":"888cf903783b8dd923aad19acd1eb664291a7891","sha256":"0f950782f65e4b79ef1b137414bdf3b8ecc50182087346bcbb50663d509c7077","sha512":"191364915a5ca76736f37b7c6b11eb165567184fb9e5a3e84eec324e41c7f32687ef026ccf2f82159e37549795a72c5508dd6d1234f5f4498e131f70ba17b33b","ssdeep":"","tlshash":"d651761101009fedba9eadd92e5bc1a054f6078c6155c62ead785f7e302da407137ff9","first_seen":"2026-04-21T12:24:48.915813Z","last_seen":"2026-04-23T13:21:42.192845Z","times_seen":4,"resource_available":true,"data":null}},"time_used":97,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":97,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/GameListItem-DPOBSFUA.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.856Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/GameListItem-DPOBSFUA.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/assets/LiveGamesWidget-iPe0Z4pg.js\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950254700; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 503 Service Unavailable\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: BYPASS\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TRoxuSz%2Fm2ejH8VJ6n1INml62ClRKLrrhxRs%2BGnXTw0k76UTsnB2s9fudcZ5%2FWTwWHhF3bva3rTxIiwUM7gLhpD5bk6mfOTjfJbXy%2FYSHEJHNsByOO1ucsDyRi1F8sV7V4lL0oE%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f0d2634bb6956b5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"503","status_text":"Service Unavailable","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-23T18:09:27.649541Z","times_seen":14112422,"resource_available":true,"data":null}},"time_used":111,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":111,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"crm-lib.fasttrack-solutions.com/lib/js/fasttrack-crm-app.js?v=bc48296","fqdn":"crm-lib.fasttrack-solutions.com","domain":"fasttrack-solutions.com","tld":"com"},"ip":{"addr":"104.26.4.72","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:35.445Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fasttrack-solutions.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 25 Mar 2026 06:34:08 GMT","end":"Tue, 23 Jun 2026 07:34:07 GMT"},"fingerprint":{"sha1":"6A:FF:CB:88:7D:2C:21:DB:DF:9C:CE:23:37:4F:33:97:B2:66:83:F9","sha256":"D6:89:30:57:7F:09:DC:DF:2F:F6:56:BD:C5:FA:DD:99:4A:6D:A6:D6:C0:95:94:F2:71:EA:ED:8B:67:DB:6D:46"}}},"request":{"raw":"GET /lib/js/fasttrack-crm-app.js?v=bc48296 HTTP/1.1\r\nHost: crm-lib.fasttrack-solutions.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m.gallabet1075.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:35 GMT\r\ncontent-type: text/javascript\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET\r\naccess-control-expose-headers: ETag\r\naccess-control-max-age: 3000\r\nlast-modified: Tue, 14 Apr 2026 15:09:36 GMT\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: fvxi.f9MCKb2jz3JV5VaJQagZR.MS86d\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=UtKWblL8B5w8px4BDG5%2B464Le0vqiaZ1o6JxbVdPNnPldZtu0eJlJNh1cnblk0qpBZ3ewDhU2yMAFMeujgALNrpfPBto5mVYNTqKtLbyrDqf%2BlmH0cd%2B6aNCYpr2LnZEOq%2B4EUhTiNvnIaRa8mL%2BpDg%3D\"}]}\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ceb77ae2808ed96bb38d1b2c27dcb6aa.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: kXz1hK1_5znT2qtzhe95KUsUnBbSjyS5Z8vSakhYZGiLfKpEzBxGJw==\r\nage: 2157\r\ncache-control: max-age=31536000\r\ncf-cache-status: MISS\r\netag: W/\"7dbbe1a7d40a4a855e0411c1a19652de\"\r\ncontent-encoding: br\r\ncf-ray: 9f0d26388dd7b500-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":75126,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"7dbbe1a7d40a4a855e0411c1a19652de","sha1":"c5af0f3dee6aacfb1b2cf8ad41c734f8039bb3a0","sha256":"7370b77a09553209c1fba44947bd713c2f8d842a282e296200398c4dd4c7afb6","sha512":"dc2ff9d25cc20706eb4719c0fdebc53267e7649d8a0d42b76d6a6eb96c4f0ff08b604fd2aff94db12a629bc08ba6507bb8a34cec6dd59bb42dbc5e002ce921ff","ssdeep":"768:HPZ1UbN3aQe+roEuPT38WwK6PhWv0Kh4y6QewkNzy2mh+slc38kCVoO4kB:vZObNKQe+UJPwHQe81h+slcCVo2B","tlshash":"1e73b78db1d2bae94df32021535b3604f23b1974542bd484f7acedd52928b0be227b6d","first_seen":"2026-04-17T00:47:10.101067Z","last_seen":"2026-04-23T13:40:26.026675Z","times_seen":16,"resource_available":true,"data":null}},"time_used":90,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":90,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/MarketTypeFilter-DYMtYos5.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.181Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/MarketTypeFilter-DYMtYos5.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.gallabet1075.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=T7HQkR_vDdA0vJwBa_WF0h6bnKerTPpHh2MaUNkJ0jY-1776950254.1154351-1.0.1.1-4KBqctL2kGgbUU8bTuDubeRrLN5IQkKdkxKzReghWvDvDO6Phe0w1eJdkCn1Ah_fQQ4QyaJIELjIBm8AFefSj7BLw7jVUHISdwGm9dNHALdAy1IRtcAsF2LoG9CaWY8E; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=eUk5%2B%2FHClF2jIBG3qLy8u0eDE3QR%2FCXFbA%2Bo3tvCCi3mXjJabZDCoKvhkJ6VA9kDJoghVu%2FswKpwN%2FSPb%2BP2YTffzPgximoBt0gpIteg3puC%2BCMi9auHRiO3u%2B82TfR9XOJolw%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\ncf-ray: 9f0d262ffd0e56b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":868,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (867)","md5":"7074c405da51af2784c9d5ce70baf5cc","sha1":"efbe41e54689d7f18787107761834b149899441a","sha256":"cb8b582f9ed6b75c9bc799db63a35da824375198dc5b44900528598979aa3e3d","sha512":"1d5c5426845c3d7d5fc07c38b32d15116e3c041d8d6b644c4daa6caaf9d5d5b3fc06ab7967c185207c9ada9d4735e41d6ffb5772564485e220223a826337c6ae","ssdeep":"","tlshash":"af11e345f744e3fcf23b1dc8c56d481853110a989b3946e1e02d1e950765585622ee4a","first_seen":"2026-04-21T12:24:48.883577Z","last_seen":"2026-04-23T13:21:42.120068Z","times_seen":4,"resource_available":true,"data":null}},"time_used":89,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":89,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/CasinoJackpot-Ds_Uh2fF.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.874Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/CasinoJackpot-Ds_Uh2fF.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/assets/JackpotPoolsWidgetContainer-DiFR-VGp.js\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950254700; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 503 Service Unavailable\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: BYPASS\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Ed9PO7Akdget7qpbI4diSxQUXpCFnrCqEenbHim9ZtopVKdO%2FUByLmg%2FoLDNzoYxdbfVGsvVZoVBXZnrvowd0x03TTOGkroYb3hB%2BYWUo8gAj27K1PRwr%2Bz7AreqqIcXo7lE%2B%2FY%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f0d2634cb9256b5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"503","status_text":"Service Unavailable","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-23T18:09:27.649541Z","times_seen":14112422,"resource_available":true,"data":null}},"time_used":76,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":76,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"icons.gallabet1075.com/storage/medias/galabet10/content_751_5ee67007a28ef498d36d3285fe92a5ce.webp","fqdn":"icons.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.884Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /storage/medias/galabet10/content_751_5ee67007a28ef498d36d3285fe92a5ce.webp HTTP/1.1\r\nHost: icons.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:35 GMT\r\ncontent-type: image/webp\r\ncontent-length: 159256\r\nserver: cloudflare\r\nlast-modified: Mon, 20 Apr 2026 14:51:13 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"69e63d61-26e18\"\r\nexpires: Wed, 29 Apr 2026 19:11:07 GMT\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\naccept-ranges: bytes\r\nage: 65187\r\ncf-cache-status: BYPASS\r\nset-cookie: __cf_bm=PSWSNrX4.ag6ArtVfLUtxidaJ3Mbmz2srJ9AeYc2pSs-1776950255.0405009-1.0.1.1-HI9wp4tGjrC521c4yRdIRDq17IpgUfLtVt.u6JT2wnpdYBz4qWcDPRo7QnEiXQmKl4pu7XkgTC049x8RF0W9_qjFW.OoBLwEujYfMlqCgGizpBnOtlKG56rOtuz33OJZ; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:35 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=M9kBP9IceCW%2FHYfV7cZ8NrjNzz7etmOGMobwDeVAl4rKTF7J7P%2FSlFmAiV7D5Fo1qwwkjrHL%2Bf8EVq%2BsbIJ42qMvOcgR63QcY5FkjISolacz1CGgbfgejA9etVsebPHXg5mNIMlUZ1E%3D\"}]}\r\naccess-control-expose-headers: Content-Length,Content-Range\r\nalt-svc: h3=\":443\"; ma=86400\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE\r\naccess-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization\r\npriority: u=4,i=?0\r\ncf-ray: 9f0d2634ebb056b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":159256,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1200x738, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"d0bc361e11504ef54cfe6531f9084bab","sha1":"9d31363b2cc7054447cbe41630749e90d62e7720","sha256":"5b902f581e1240c4dcd79b578ead258e9a59fb8972a22933e05fa73bd03346e7","sha512":"a6d0f2c3afc40c97753951b48a338c536af8f7d0c1fa702376e1d78659f9d6f6b89165c5c15d00ce19233a8878045ad3454645b77d9b2ed5fd22884aa21a4bf4","ssdeep":"3072:GbKn45cWAGrySgMFq+ixFOpbGZVSe+kPIEDIc+Rq9sm33tKKa:RnvhxIY37+kPIE8c+49smnTa","tlshash":"7af3127b7aca710590633884b796390f2fdbe2012fb5d3635c4d2ab68dd402659fa077","first_seen":"2026-04-23T13:18:15.285763Z","last_seen":"2026-04-23T13:21:42.19365Z","times_seen":2,"resource_available":false,"data":null}},"time_used":418,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":236,"receive":182,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"icons.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"icons.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"icons.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"icons.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69e6f4c07ce/js/twk-app.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:31.405Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 06 Mar 2026 09:33:33 GMT","end":"Thu, 04 Jun 2026 10:33:27 GMT"},"fingerprint":{"sha1":"F0:6C:DC:32:63:CD:34:E3:15:CD:7F:77:F5:A3:64:E0:9B:36:95:83","sha256":"B6:7F:6E:A3:69:3E:0D:3B:04:3E:8B:65:86:7E:1D:5F:82:84:18:16:8D:AD:72:D5:51:E3:46:BC:BD:CD:BC:38"}}},"request":{"raw":"GET /_s/v4/app/69e6f4c07ce/js/twk-app.js HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m.gallabet1075.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:31 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 03:54:36 GMT\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\ncf-cache-status: MISS\r\netag: W/\"e736e189edb5d0d9d5b8e7f23dd9114a\"\r\ncontent-encoding: br\r\ncf-ray: 9f0d261f3c0532fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":151,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with no line terminators","md5":"e736e189edb5d0d9d5b8e7f23dd9114a","sha1":"bcabee193f13756fa9154fc492fe420c47140343","sha256":"13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd","sha512":"ea972884c185633ea238bdacea6ac9da0e0e92f88588cd85c214514c3597bc7d811c4dc4cd35b671dd2db97179bedceb38bd5d200abb9653fbcaeac2ca6ec7b5","ssdeep":"","tlshash":"a0c080ac1496fc9c1674154a8377f54a5cd510108055141015d851a11311546560c54d","first_seen":"2023-03-07T01:02:46Z","last_seen":"2026-04-23T17:21:01.281449Z","times_seen":77493,"resource_available":true,"data":null}},"time_used":152,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":152,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"go-cms.gallabet1075.com/api/public/v1/tur/casino/partners/751/platforms/1/games?limit=12","fqdn":"go-cms.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.469Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /api/public/v1/tur/casino/partners/751/platforms/1/games?limit=12 HTTP/1.1\r\nHost: go-cms.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m.gallabet1075.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/json\r\ncontent-length: 1413\r\nserver: cloudflare\r\ncontent-encoding: br\r\ncache-control: max-age=600\r\nvary: Accept-Encoding\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=YpsqqqBPuPaAMqxHLb8QPvCeewyoE6wKkSPb2Peo3EY-1776950254.4313855-1.0.1.1-tOyPeFiiw8Cs4hUGwxtd0x.FizecHZd1cWTxkHi40ltBWTnZivft4b_Phe7QK8JAYLSKHSJYMTVCXJSDgsFqz5110oJtsFCRgmXnMnqHZK19MQAOdM_gxbupxNbVTEel; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=z6P0w91iIzja5XV61v%2BFXPnoySGOT4sfo7uu0mCDOoNDg1y4zFPneU0t%2BcQSyGOie15hWTfOPBLBD4WsObUBMR74Fk6IPaFTJXK5M828Y1AE9QuMnwU9dSGLnuGlTqd1FS3Nq9bEKsCw\"}]}\r\naccess-control-expose-headers: Content-Length,Content-Range\r\nalt-svc: h3=\":443\"; ma=86400\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE\r\naccess-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization\r\npriority: u=3,i=?0\r\ncf-ray: 9f0d2631bf1e56b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":6169,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"ab35ac8a0b369d205608ec1a01ef187c","sha1":"b41781dcb56a5ae72e47ade1d15fc59a0477aafe","sha256":"3b17b1edf72e66f2dc3c1611a6d4561d953e6f39e72b4dbf142a8e3b09f5c670","sha512":"24d9686a161bf0f147ac99685f8a581133aa2c3d678d2b9e869b7357ab3c86762cebaf1c521a2fc7f83403c808aba7ec5f7778aaff687223cb38838bef6ec6b3","ssdeep":"192:EG1X5jicOlFvtI1nMIQ3QJB+wFCVF1/U0t4thI+E1Cb1cDjDg:n/+/AykHAas26fg","tlshash":"98d1d15a9d38fbdfbb49094024433d0c98be17c2a689bd60dc5a9a4e60e50f516336ef","first_seen":"2026-04-23T13:18:15.287094Z","last_seen":"2026-04-23T13:21:42.238273Z","times_seen":2,"resource_available":false,"data":null}},"time_used":175,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":174,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"go-cms.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"go-cms.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"go-cms.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"go-cms.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"explorer-api.walletconnect.com/w3m/v1/getWalletImage/a38db32b-8291-4d25-9aae-4bf4b6e6f300?projectId=45f4062f4f6427f9e6eab952d2452b3c\u0026sdkType=w3m\u0026sdkVersion=js-2.7.1","fqdn":"explorer-api.walletconnect.com","domain":"walletconnect.com","tld":"com"},"ip":{"addr":"104.20.35.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:35.011Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"walletconnect.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Apr 2026 19:35:08 GMT","end":"Sat, 04 Jul 2026 20:34:55 GMT"},"fingerprint":{"sha1":"29:D9:EC:AF:28:AB:86:B5:F5:38:A9:38:B4:CF:23:E6:E6:9C:63:04","sha256":"83:7C:8B:D4:F5:FB:85:02:A1:F8:37:D9:53:80:6B:8E:C0:ED:FA:F2:DE:40:56:27:B6:C1:31:C4:A7:8C:01:8D"}}},"request":{"raw":"GET /w3m/v1/getWalletImage/a38db32b-8291-4d25-9aae-4bf4b6e6f300?projectId=45f4062f4f6427f9e6eab952d2452b3c\u0026sdkType=w3m\u0026sdkVersion=js-2.7.1 HTTP/1.1\r\nHost: explorer-api.walletconnect.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m.gallabet1075.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:35 GMT\r\ncontent-type: image/webp\r\ncontent-length: 2444\r\ncf-ray: 9f0d2635df0456aa-OSL\r\ncf-cache-status: HIT\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=86400\r\netag: \"cfEskOIKWizVhJrvVnrMlrV9p-fmDcyauXnchu_YTSDQ\"\r\nserver: cloudflare\r\nvary: Accept\r\nx-wc-r2-status: HIT\r\ncf-bgj: imgq:86,h2pri\r\ncf-images: internal=ok/- q=0 n=19+0 c=6+17 v=2023.9.8 l=2444\r\ncontent-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'\r\nx-content-type-options: nosniff\r\nx-robots-tag: noindex\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2444,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 120x120, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"4b44902a539b26f42ca501a8fc2eca9a","sha1":"c9156f826c8af47c13c4e95a4953987d2c34a74f","sha256":"e1473cf463a4e737486548692bef2ff33e1435ccb7b1d4d9e4428371b57a2666","sha512":"2dd9d9716c420f8d993a738149c8ed8a18bb8ee2034cadb05c3743cbab9ecb9eaabfa064be34e53fad571e80eeebdf7292cb9811a369dd67d51da327fd80fef2","ssdeep":"","tlshash":"db513db78f5778c0ec5c0e4b60017a48e401be0053f0e18caab51dd2069c629d371a8b","first_seen":"2024-06-21T17:22:35Z","last_seen":"2026-04-23T13:40:25.974419Z","times_seen":1581,"resource_available":false,"data":null}},"time_used":488,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":488,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Lato:400,700,900","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"172.217.19.234","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:35.396Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:36:48 GMT","end":"Mon, 22 Jun 2026 08:36:47 GMT"},"fingerprint":{"sha1":"1A:63:7B:F3:04:6F:4C:E4:F3:15:87:E8:E7:FA:DD:B1:F7:7E:89:49","sha256":"5E:36:5D:D1:35:3B:0A:E9:8A:55:91:DC:12:B0:50:4A:AE:D9:A7:97:06:7C:0D:D7:F0:23:3E:8A:B2:08:19:00"}}},"request":{"raw":"GET /css?family=Lato:400,700,900 HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://crm-lib.fasttrack-solutions.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Thu, 23 Apr 2026 13:17:35 GMT\r\ndate: Thu, 23 Apr 2026 13:17:35 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2338,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"ae317c913d9f17e384174fcac1e95f49","sha1":"97048ceeff296795e17fc282e38d26d44fce8bad","sha256":"0250efe84de4fea78b47bed1e3367687b72cbad25fa556879acfd9adf33f6b24","sha512":"3be7c2d8b49c8ecfd8fbe46e0e57aec92fe696894da6243f6b9f0052461f28eaff9b6974068276cde565287efe54a8a16379b21a522dfaaad925fa38215bfcc5","ssdeep":"","tlshash":"ee41ce92096fb908db830cc212c97d32ef0f625064499935afff14d8bca7d699362b0d","first_seen":"2025-09-17T17:57:20.126253Z","last_seen":"2026-04-23T17:51:13.872979Z","times_seen":5765,"resource_available":false,"data":null}},"time_used":291,"timings":{"blocked":135,"dns":1,"connect":10,"send":0,"wait":20,"receive":0,"ssl":120},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/pageBuilder/pageBuilderCssConfig.json?v=1776950100000","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:31.380Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /pageBuilder/pageBuilderCssConfig.json?v=1776950100000 HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/\r\nCookie: SERVERID=s2\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:31 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 14:17:31 GMT\r\ncache-control: max-age=3600\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=xdUEze3HHNRSa0PWdKQuLBGmXEOJ4PXWrLWFuwkUEtU-1776950251.5720043-1.0.1.1-XN2i6Kr5Wkzyensa3G1oT.Bl40a4Y8_HGYH59p9EO1Q8HzJbpQJ.UcE_zrLfCRAICaMYic.2kwU2o2Ue7ETYZRjYaAZu3.XfGOEH6OtIVEohrfKnqprDoVxhY1CunUnm; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:31 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2rsqqkw7vuYSujufLwJSp8KLxQz5nwnXFkRy%2FP%2FToo3M2cg26mhIwTVLzwRgGYPViIvty1cIA2WIKQxTImQ9xaZQ3ASchoxgc79QX%2FLBLie%2FsOt9Wp3ogHwjOZdwhZMwtWtXLQ%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=3,i=?0\r\ncf-ray: 9f0d261f083956b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":277,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"b384bef633c4dad28cb58c0ed626c676","sha1":"ed85abd1e0329f1d4b3a764fce34525abf680ff9","sha256":"efaa340e7652864fcef70fdb10125f60ec395fa732325cff6606c9d8446493ad","sha512":"0b6f27ab057be8f03ac22f0ddd42677644ff77a325f6972b4a665eee859b0637a78f6b1cd6a4d8f7a41f71f76bafa85978497a74a418dce33aa0082838b7ca3a","ssdeep":"","tlshash":"32d02ba19675cf1126d210a302872ce56c6dd247b1808a876485e2f670c92881953f36","first_seen":"2026-04-11T13:31:58.704895Z","last_seen":"2026-04-23T13:40:26.069716Z","times_seen":11,"resource_available":false,"data":null}},"time_used":303,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":303,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/SystemBetCalculatorContainer-DtyOsLF2.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:33.694Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/SystemBetCalculatorContainer-DtyOsLF2.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.gallabet1075.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:33 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=nvk6GUuXWaZZwEyP5xs5WQoudPDuznm0UPbQJ0Qrjnw-1776950253.7471247-1.0.1.1-.Vyeb.96Rdt33BhY51WiLYxfy.SP5VluI6PI90ud0BFuxEt6VStQRhM4hOFn89vEv.hdfrm1BPkv3Lo7y6vYgZ8ta3YcrUZ6lGIGGwuFXYK8Y2KFExB.1d6cWyRUXOAL; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:33 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5WAtTFpBLXu1c5p1y6YJsWK0Zxv8jrSMMoapGazRfO8KGFKHXu7i1WL9vep72cLVdL5s28eFwd64ZZ60q7fS855YAILvfoUV2XfHSXHvVdjHUEKV8yN3w%2FLGSsxHNFdo7aho8g%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\ncf-ray: 9f0d262d89bb56b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":968,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (548)","md5":"ee02509bc8771a663f7b3ccab6d13c33","sha1":"0fdde3e73867ec0f9289a463a5e0884d6d9731d3","sha256":"8ce1bd8828cd63aa0fc068abfd854b9c11a3c2938f9285a3dfcc823f932900c7","sha512":"b81178082f60d68ecc5565dc1bcd32a011086f33e2e50403c0cc7a71f8c5a81d6c912be2c3543b0e0b5d525c633cee39faea29f246b850f93971d36b91c0756f","ssdeep":"","tlshash":"b111bd575368de74859e0eb24989a4640df5430a5a0cfa28b9b54c3cf12949243efffb","first_seen":"2026-04-21T12:24:48.901741Z","last_seen":"2026-04-23T13:21:42.221848Z","times_seen":4,"resource_available":true,"data":null}},"time_used":221,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":208,"receive":13,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/Odometer-BwyieHyx.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.107Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/Odometer-BwyieHyx.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.gallabet1075.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=uW40WRyxkvQqG3Fo_cYMKBF71oo5rQxXBq69T7GDS_A-1776950254.1921473-1.0.1.1-MrVon2gCiz3PzL5d8NZkeysYyKwHGbmmp.GJhWd_9v6ZRyaNkHUbf0Eadptk_1TKBbymZXpjC9XE1DCRDV26FHM89lVPQoevHdKLbfb.cA6NS2w78TfdqXidX3ku0cjl; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0fLT%2F2CwQy7s39ShlqxMXbqoXmoic7MDY6xk8PJN2gIKLT3jcW8KPPsr81vTshWxd5VSsqpWRSW6e%2BS3l3bK8KHZKhPI1GQR6nSQ7WlskFzYkMKfTMPrLj6bm0qz%2BkKEhG1ksw%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\ncf-ray: 9f0d262f8c6f56b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":15624,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (15623)","md5":"4391e11450044a64634e667e65421850","sha1":"369ab405bf8b6c319b392f1eea1ede16b741827b","sha256":"56c55ac8a2292f88dc7a5439ee70abf3e6a2531b136c500b37b537e9e6b8332f","sha512":"571964e242a4677bd28b49daea908c06317a2ba230fe3d269d67b08d06414f9c0eed7c67ea12400fd470c6b56fd128959a8d63fca23fea56a632350438216cdb","ssdeep":"192:pd7KNJtQak5S0CGvDF2pXAkmkxm1HjI7kFuLPH7BNeqYpkYaSBpC7Tl+ea4PBD:+VQak59CGbMdmYm1HjoPy9tX3HeNPt","tlshash":"456219897922723443a3b1a055bb4609773e9d6a3c08405db67caeda7e32c19d12bff1","first_seen":"2026-04-21T12:24:48.850802Z","last_seen":"2026-04-23T13:21:42.165846Z","times_seen":4,"resource_available":true,"data":null}},"time_used":245,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":245,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/emptyWinner-PXmwQszX.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.137Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/emptyWinner-PXmwQszX.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.gallabet1075.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=Dvn6BC_PbflyLJLZqXu7VZdkOVN_gLQev3JTD46A3jY-1776950254.0858302-1.0.1.1-b1ynLlYR3T4gmqDdP2iTozQYy10LrV2FLAPITwdVMz_0EGnL3VksPR800ZNdw.Npqz1OPeCy_h7cDh_bC0UTq.dE6TjcigWSWTTLAdOlcLujkb4HdWHMXxXmHDAuyaco; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mjXO4IyibI4ZEXx1xaIQEOIM%2BuxHwZXb%2FcxTZc9r8Bh8Y3XqkZ%2FvgSzOBJRUP5ISvq1gR5OW27uRnnLRM7h89iwIBDP1Pd%2FUEl4i6X28BMEv3IZADaioT41%2FnutrIZbW9uawVQ%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\ncf-ray: 9f0d262fbcaa56b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":1786,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (1785)","md5":"e7e53d51c28710db55691300fa2905f4","sha1":"dd413489d8bf278a48bc6521e87157a84e7e8dab","sha256":"44943d7e927e35967acc3b28435781510ed8e16677eba481751b4692aa89c4cc","sha512":"e05ff8bea0d2d4cf48ce9966eeb265197be37022741dd901b20d945410c8af7a7ad7a8e13b22a42b3a8662a735cc29d7568b56c44f5c7c876af36969be108d90","ssdeep":"","tlshash":"1231878f9141c934b7630c9695d9d6c4cf142787aa34fed083a80faac576109c65cb8e","first_seen":"2026-04-21T12:24:48.983719Z","last_seen":"2026-04-23T13:21:42.160246Z","times_seen":4,"resource_available":true,"data":null}},"time_used":113,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":113,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/TabItem-BzmBdnmn.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.140Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/TabItem-BzmBdnmn.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.gallabet1075.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=vyQoDND4sN9cPmzsLtPUiM48x4THoxjdCs9fP62LCj8-1776950254.1126823-1.0.1.1-JHm0mapWiNRrE6naYaHomjg6Lh7BTX.spcqDosisG1Vl4hKOaqGZdBJWFMSnxPCYnBLzadkn7.QcpeIDP4NaT2ksvwwB9.Q5Hxpr57ycx463FzwNiVVOgUTCQv.HR5kX; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QCfwRuMIp8cWTPblDdSG78AIBT328xu%2BNIArYmJkV9BviRjoCy0SaMHkNvNqA%2FQjLVKM072M1fnYa3LQqVOVdyPPeOy0omxD0ZWpyUuXTBfTNR2PcjFe71q5VGw%2F0GaPbvPCTQ%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\ncf-ray: 9f0d262fccba56b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":423,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (422)","md5":"4c9b35d9950576247cb364ba1db6fe27","sha1":"88edc380b69ee8e477cd345f6c52fc9217f7a431","sha256":"97c0d12e9471309261c5bf0062bc5d992a71d52f3cfefbc7a9e1f9bde695d187","sha512":"ba0cd4ad970cd425389b6d7b4f60a42a25aee05427f39a0d4c2947949d7c9ae94e75d96cb40e1f391eac84e283afe2f529657d0e85dbe17c3be589504abd30da","ssdeep":"","tlshash":"6fe0ab42a010f3f9882b44d3d27ed4c736220ddcda6688e1e0b21044032d921f78ef8e","first_seen":"2026-04-21T12:24:48.837564Z","last_seen":"2026-04-23T13:21:42.213895Z","times_seen":4,"resource_available":true,"data":null}},"time_used":134,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":134,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/conf.json?v=1776950100000","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:31.355Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /conf.json?v=1776950100000 HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/\r\nCookie: SERVERID=s2\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:31 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\ncache-control: no-cache\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=g.AefoASoKaUMfLxRi35fElUOJ4iD196JlaBlMJC.Zo-1776950251.5370183-1.0.1.1-i5db_bTi26tREGm5M18I7cbkGlrCAAwP1zaw86Al06PIZThfkq8nooZnvjwVX2nQHTOXOBKO1X8z0pKK4u7nX_3RhVLGo.jnF8l.1z0iB0XHlUUOBniLirJoHlJQk1Z4; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:31 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Yb4AORA5%2FWvgKUc6hM%2B8j%2FGiEhtluGqeqfw%2BbC04SbBFFwb%2Fz9P2kbvqeUyJvxTH2g%2FGpsULgeYB8iHvJFz%2BO6O9T%2FKukWeHsri4rNtRDQUmDj0DDJyEkICVEmd6G1t7OmbZxQ%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=3,i=?0\r\ncf-ray: 9f0d261ef80c56b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":23734,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"f568a14b0c8d3ef0272b0f513aa41356","sha1":"2b2634ede90c7ef0388e9f4c5007bbad43bd74d9","sha256":"b87c8c2403cb829f753f324294d74741441ddfde326289e66a39c6b33b872c2d","sha512":"38cccc84becfe0eb701c7ce06167389f600f5be6e2b07a890f5db99aded7fc8d5b0dd81a397e805143d4d603b456eaf0e217be07a794dd66638d4e0a8e197749","ssdeep":"384:miodO1t2PvxRNLoU4rWmnzl8mARaACbs32VkrN/SM36:mOt2PvxRNLoU4rWmnzl8mwaACbs5/76","tlshash":"9ab21128d5784db302ca71b4a8be6147b530948b4e987c293f4c465c0f5da2f19bb7dd","first_seen":"2026-04-23T13:18:15.293794Z","last_seen":"2026-04-23T13:21:42.154749Z","times_seen":2,"resource_available":false,"data":null}},"time_used":284,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":283,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/BetConstruct-Icons.Dy6tH3mM.woff2?6reyr0","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:33.618Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/BetConstruct-Icons.Dy6tH3mM.woff2?6reyr0 HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/assets/index._m59fQOD.css\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950253481; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:33 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 419348\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\netag: \"69e73090-66614\"\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\naccept-ranges: bytes\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=10.BilzemXKijMDen87zYSn0pwgQtcsFGRPM0yFKA4A-1776950253.826631-1.0.1.1-LOaz8.uE9jbX7f6cl8rSJVTIvRjGA0dmNOcOzzyBvErTdhZLtNfs8yyQLD8As0dBMshoC7CtMMfnkAW61SiTleX47aSYtCZcM5vxpJ7iEMXigdWdg5jhESoHyDGmV6nj; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:33 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=u%2BQJsvUjhEmF3IV%2B7ygswA462AQoqf44647pvZ58SMKI4TY4sQ0GX7UvBXbT6nB4pTII1sT8XU8S8qKsSWFtcJadFOvvMq4MmjyipuJkHCWLDatP2WMpmL7E7dPxMzMlnORoPQ%3D%3D\"}]}\r\nx-xss-protection: 1; mode=block\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\npriority: u=4,i=?0\r\ncf-ray: 9f0d262d193856b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":419348,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 419348, version 1.0","md5":"91ef689a7ad9c44db5a0ea5b335e2a8a","sha1":"95d709458007fe3bd685c4fd4b08fba18ab48f12","sha256":"693bdc228f3727c750488c69c6fa33603b942b2f1323cee69a72523505fa17b0","sha512":"caf132e4c3d843687a0d60de1fb0988dbc3ecbc2ddb3f91ce24879a02c65323721fcf0430290fbc4787791df29e6b5b374c60cccb455e175a00003ecf920391f","ssdeep":"6144:Fyk9JZQ04vwyq+95Cgsw5X5qwPlfCkm6S/aBkFJtpU+i6/sZfLyi6J5T:BiTvPYgsJq1jT/w7l/sZfLlWh","tlshash":"849423c52815faf2c078c0827c4adaa264c429ad1396b09afc759fc7db53b8c09dfd56","first_seen":"2026-03-26T22:06:57.611328Z","last_seen":"2026-04-23T13:40:26.008706Z","times_seen":36,"resource_available":false,"data":null}},"time_used":628,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":342,"receive":286,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/CasinoJackpot.LKSeTzHB.css","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:33.956Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/CasinoJackpot.LKSeTzHB.css HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/tr/\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950253805; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nvary: Accept-Encoding, Accept-Encoding\r\nset-cookie: __cf_bm=tMzY.WStdUSaVZyBjeDxR_o7DYvX_mRK07b0_wBCIYo-1776950254.0721238-1.0.1.1-UMrxLAU472n.0qvYs01EDbYUJ026_mpzuXpJJP6HRx6wz0brwnS4cOuAH2S_5v.K2dP.J4_4_1YmBhBYgcgpAesONZRKSZnyV.3mjPJI52NzJWqYzuSVCokid1JcjE1V; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8SM4BEmB51ldk7c%2F5TiJ13Gk6IhxbG%2FtBU585zUPxvdJanNWemn%2BY27%2BxAsHJiXhagNIgGA2EaO%2BH9xNvoeDP%2BmjSY%2BTRnDSlUSWmsTMgwPuKoagBCpsr5B9Jmsyfn%2BAwVgAaA%3D%3D\"}]}\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=2,i=?0\r\ncf-ray: 9f0d262ebb4d56b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":13990,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (13989)","md5":"60eb6ddf76d9a756f395ba7e73eebaa9","sha1":"ceda179114e797219c1733ccd2cea653c04d3abe","sha256":"c725a658c393efb947422c925ce2f83c4f547dcade0b93b44fdeb871deb0d6e1","sha512":"c1be903e5060da80437133d36928bb0183d1e65cd511d2a0f34a748435c8df315dc13916241fbe769c14e46e8247e9bf599e1c9a3b5261d93315130562cbbb01","ssdeep":"192:5aKQrrxX/YyrspdNl3qLq/1R9z7g6mbftDxzNfDFDfhf3fOfNf5flt/1ttTpFVFF:9UVwVELPhoEDaLDRiQ/","tlshash":"0e52dd07656f33b829ef653726f0f7cc9a3c4879c7126564a8d2a2194bcf9b006617ec","first_seen":"2026-04-21T12:24:49.084502Z","last_seen":"2026-04-23T13:40:25.977307Z","times_seen":8,"resource_available":false,"data":null}},"time_used":276,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":276,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/RunningLine-CH7nI64D.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.138Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/RunningLine-CH7nI64D.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.gallabet1075.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=YHR51qnBPo_OoW8ywlGF3T.1JavWxQimurHIdoZUPp0-1776950254.09034-1.0.1.1-jhQdbpWJklmdr98_uVcZkWBdBFSYcqsTG9HEjLK120.U.72lRxKsjpX4B2.iStkeIyq3WPbIp5ADFVY8EUB1ARrcx4uTlKSFUri_rxHQ69IGtXZifYNrHiF1IRf12Fav; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7OKNmU3CABnqc17ba2hV2EbZW%2FE%2FBSLtAKBPhzxDmBD%2FZKRjDeTBGjwGwrSRW9A88SfrDTF%2BbcM9BDy676WHpvWm3Fv%2B8CSof%2B81UC64ufe4dvntCp9PL2EqkSuCcXlw5y0iNQ%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\ncf-ray: 9f0d262fbcab56b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":995,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (994)","md5":"6bcdb91f80d37da6a2e4a7bb6f6e3ef2","sha1":"bba04b041ba9ae72e22e24a501c5ec69d5fef686","sha256":"2af1a90f48dc3ca8cc3ec86abfbbcd85ec472a3de25b8bffd271952f5a8ecf4d","sha512":"1d9bc593e2faa93f543a3cc084d1c0e8cbb9d6b0c50894dd8ba196bb395c255048b902e60178488dbf6fdcb288b165eb30bd308e6b6a9171fec01b82edd4f06e","ssdeep":"","tlshash":"ed11c2569015f6fccaab06d6b53e040c299701a5fe175d90e47e18562a29180bf37fb8","first_seen":"2026-04-21T12:24:49.009967Z","last_seen":"2026-04-23T13:21:42.084828Z","times_seen":4,"resource_available":true,"data":null}},"time_used":122,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":122,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69e6f4c07ce/js/twk-main.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:31.392Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 06 Mar 2026 09:33:33 GMT","end":"Thu, 04 Jun 2026 10:33:27 GMT"},"fingerprint":{"sha1":"F0:6C:DC:32:63:CD:34:E3:15:CD:7F:77:F5:A3:64:E0:9B:36:95:83","sha256":"B6:7F:6E:A3:69:3E:0D:3B:04:3E:8B:65:86:7E:1D:5F:82:84:18:16:8D:AD:72:D5:51:E3:46:BC:BD:CD:BC:38"}}},"request":{"raw":"GET /_s/v4/app/69e6f4c07ce/js/twk-main.js HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m.gallabet1075.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:31 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 03:54:36 GMT\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\ncf-cache-status: MISS\r\netag: W/\"da5bb1dc647470204df0e49f5afac2de\"\r\ncontent-encoding: br\r\ncf-ray: 9f0d261f2bb732fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":121,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with no line terminators","md5":"da5bb1dc647470204df0e49f5afac2de","sha1":"f5cbf596ca5e4fe208e4c55af6e45b71f9febbe8","sha256":"705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c","sha512":"d9c0eda8c93df421f8147960ff4b00f8eacd8791b8386b020f04d0478c6b7a4328767a82b52b8cfbb7c3a44cb55cec488c2d1008670bee709d67d8bdbd887c39","ssdeep":"","tlshash":"d4b09b6c1057f86955e8064ed3b7f65d1d961050811104301658a1753321143c61c55b","first_seen":"2023-03-07T01:02:45Z","last_seen":"2026-04-23T17:21:01.281914Z","times_seen":77452,"resource_available":true,"data":null}},"time_used":153,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":153,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/SmartMarketEvent-DZJsJGjf.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.160Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/SmartMarketEvent-DZJsJGjf.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.gallabet1075.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=luBqcx_J24pmkgXF2H_1dKiKTnjoAdJncL2i2pjqzlY-1776950254.2304766-1.0.1.1-_XSEfG3cCXpiMNCt6APwX9EWruuutlVnvN8S6nfVc6YlWOrOPh_Mw80.zn2fzlZQt1Guuv0QfIhW52lUThDV.u.E5crlkgbJtuwzF8V.yPIiiOGipdI4YAD1tJ2JY3Fu; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=UMw0Zd4tyiBGfx2XdFlQmww1g01QftaPJf5ryk1FiFKjqhspDmjHDJpWN%2FlLySyEvO5n9wg7ba%2FM8bQnVJgxFFhwK0coBqZgf0l8Ih%2BaKjIRTGJjLzSh5AiD4ZHUsv52wCCirQ%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\ncf-ray: 9f0d262feced56b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":915,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (914)","md5":"21b42cac8d14d53da8603d367bdc0b4b","sha1":"1ae93919079837a6d354731844adc4c583a82ea9","sha256":"6398ba42e5f92a177f7cd5a8fdaa6ad138e05f54e3d3bd66b8ad7373726462ad","sha512":"b3ab5f11b9dd2a008c35b9596b60a1e7e48b12d11b15f7d2929ee112ea485f8ecfb46b716a56b099a3a0f9c2e7eafb419fccb54dd6bf3a45400f9046e76569c7","ssdeep":"","tlshash":"8811e3e6d540727e0632c8bdd1009f82415c02d7cb70035ae98b86f573bd4fda25de59","first_seen":"2026-04-21T12:24:48.844386Z","last_seen":"2026-04-23T13:21:42.145551Z","times_seen":4,"resource_available":true,"data":null}},"time_used":218,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":218,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/SwipeableContainer-X9GPeX0n.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.185Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/SwipeableContainer-X9GPeX0n.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.gallabet1075.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=HAC2pWXqIy9I7rj9VGxhKDU7NTTEDwZtlFziX4wxYEA-1776950254.140679-1.0.1.1-WGM4MZ.XOpMrjlodg7_I8L7njlPm6k6YRs__FZvGNmCqk5__XIkfaPtO9p4KGniUr6EFoJgK2cscraTP1W7JJ3Inenus7QsP0kOls4fy3wyomKHEz_W6oK1qQFGj6Xe6; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Hw4G6JJQxJueIP%2F7IjjPqNqFpLAcxfRYv0iIt0btJwdtyxZSHQqYmms1YlZgEbIdEJgISnKDT2kkK%2BKw7bnUMdQfcZa0GWJO%2BZmfH0oOuNKnAKMTfDZQLKqgfLuRLOVZxlwGIQ%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\ncf-ray: 9f0d26300d1956b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":1866,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (1865)","md5":"256cf910e286cf87d48005f99e79550f","sha1":"10ca9c0a456f565d7bed48eec780a225518d4554","sha256":"90a8f7a1c77844b10286a533a15e2917a6604d76bce574d27e972b178fc7a35c","sha512":"cc85a7c142d992f8b4943d85cb539c22165fad970cfd28dc0c0e6d10cebbd964c371c7102a76ac09bec8b209cc533a85158c9785e4ae8639be6efbaebb24a65b","ssdeep":"","tlshash":"b9318746d03aea74f623045a92998468b77b73a0f60909e4b07c4d28d73529df30efc7","first_seen":"2026-04-21T12:24:48.98619Z","last_seen":"2026-04-23T13:21:42.151562Z","times_seen":4,"resource_available":true,"data":null}},"time_used":124,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":124,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/useOpenLiveChat-C_aqfNmB.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.555Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/useOpenLiveChat-C_aqfNmB.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/assets/LiveChatInc-xfcbsjSt.js\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950254343; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2050\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=xO7PKcVG.MdM9ebuJE0vgA5wl7VfFbPjD7Ze4fu_rYU-1776950254.5885823-1.0.1.1-WUfjx.A3tX4UaxlGSlAHtzm.axnhpCthuq50E_6qMwUwTfmniihV9oCXzHagSfYNJH7j1srN7lITFu3J61F2waFMICbeC_GyrUmBXkPLjtkyn4w0x3Bt6cJ2q9Op1ikp; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=V0%2BrNC3%2BGtNue%2FDTg24JqUr2gLVcYAqFejdb6VG%2BdPHEZT03RJnxzuRVg6hLQ7fCQJLbffBF8G5eghEqRxPdzn%2FultyYYX6H593OrtH3k3FKK4htgpzkwt6ifyrSV08ZTlcmIw%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=3,i=?0\r\ncf-ray: 9f0d2632c88956b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":583,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (582)","md5":"b05dfb053febdb85be596bac72b4862a","sha1":"05e34092259cc0bd17a16f95ce919d1687186383","sha256":"e057e75f9b6a8f950c34f20a901597768538f90750bdf6c9aa5e2766f1a6e5ed","sha512":"270b643403c3db3d4d5d86f4b8585a7a6abd2b0e16018c9ac98eeab83f48775059117acd45ea51a1cd5d93532df6d36110e0525784c7932522e8cdc2b2f78e51","ssdeep":"","tlshash":"fff0e19a4154ae7cc0c08ec1501ba5f85b3927a4740dc842683f7cca6864c0586fa847","first_seen":"2026-04-21T12:24:48.870088Z","last_seen":"2026-04-23T13:21:42.13906Z","times_seen":4,"resource_available":true,"data":null}},"time_used":114,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":114,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/MarketSlider-BVrbva_v.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.867Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/MarketSlider-BVrbva_v.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/assets/LiveGamesWidget-iPe0Z4pg.js\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950254700; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 503 Service Unavailable\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: BYPASS\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HbnzmXMhN9paMVoT8V0THltnlBc7%2FF7m9cD3k9YTXiFJ5tfAazV1fazMfZvtUJLixVpq27cakp0BxjLIex89A%2FJDAW0V5Et1SFHQywvSo6769uvHgyKGFmp0AkZQjyS4pD9a6bI%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f0d2634cb8156b5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"503","status_text":"Service Unavailable","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-23T18:09:27.649541Z","times_seen":14112422,"resource_available":true,"data":null}},"time_used":92,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":92,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/HorizontalSportsList-CG9uv7Pr.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.877Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/HorizontalSportsList-CG9uv7Pr.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/assets/FeaturedGames-DWwns83P.js\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950254700; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 503 Service Unavailable\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: BYPASS\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=K7kscKhlV6cpJd43OvLwTIHbRZtbIp6cgM7OE7WOHrnU6dt0fz319uJ3PuQnvR3gb8071WLsJ6YN5b6iCxQNdxVNyylnd5u1gITgTfHcuCMVZ81g4X%2FrmFAGdhLSDYLs9qPl%2F10%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f0d2634db9956b5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"503","status_text":"Service Unavailable","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-23T18:09:27.649541Z","times_seen":14112422,"resource_available":true,"data":null}},"time_used":71,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":71,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/fonts/default/Roboto-Medium.woff2?v=170","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:35.206Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /fonts/default/Roboto-Medium.woff2?v=170 HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/assets/index._m59fQOD.css\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950255167; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:35 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 73924\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:45 GMT\r\netag: \"69e7308d-120c4\"\r\nexpires: Thu, 23 Apr 2026 13:47:03 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\naccept-ranges: bytes\r\nvia: 1.1 google\r\nage: 1832\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=nhtPRBb7VUZvpQGuha7z6h1a3gfpvLdHQd.0biw9zz4-1776950255.246921-1.0.1.1-NskgFKRoFwhFFxnabwEfWulSxd.4uy7oHWlZhfKm.rEqBGLPbvSJfWjUMkAzKH1_CDGkfcFfbXReCE3yatRVvp6JtpSUvBIRZt.Rk_EZoMODKn6kDbtfjnpzG5YcvUQv; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:35 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zwSU%2Fz1DftJyT%2F%2FLn1ofJct%2BIPoniTK2%2BkTbgiKVDjTLaA3ybxZd5TLZVs1m9i29r3Q43d2NpK9B3ghRxwANa%2F3RfwMxSjb9vv1nn4ueBFKjtB2wz1LK50Q7BXrvo88Weiwp2A%3D%3D\"}]}\r\nx-xss-protection: 1; mode=block\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\npriority: u=4,i=?0\r\ncf-ray: 9f0d26370e5f56b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":73924,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 73924, version 1.0","md5":"582c115c3f8f2e13a2c97e6826471c80","sha1":"822180738ed9ad4172d4e8354b81ecb2f7c46bd7","sha256":"9942fe6fe9ded7ab37fe4760990b57f5f43cebc438bf1bfe139c8b508acd424f","sha512":"03b3156c154922f4735e7b828d903c3400b320b352dda9ddb478786d8820fde8e9707cbc45c5e1282059994d65ead8e4987f249afb38534dab27ac59099c6f58","ssdeep":"1536:ckbrpZ5asBRVQFvoMJapYaiDKq4OevyyuZr47+uU76etJD5S1zYItyh+SlOUrfeZ:xHT5dBsRFuWKueK5r4SuU7DPS7yOUtRQ","tlshash":"a673025117a10b2ae42d1770187ebfd421af013ea2f6a2b0fbdc958f6d795bd0a74311","first_seen":"2026-04-05T07:31:10.885369Z","last_seen":"2026-04-23T13:40:25.953481Z","times_seen":19,"resource_available":false,"data":null}},"time_used":228,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":165,"receive":63,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"wss","addr":"eu-swarm-newm.gallabet1075.com/","fqdn":"eu-swarm-newm.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:32.280Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: eu-swarm-newm.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://m.gallabet1075.com\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: kj7amnCUc/ApAr7eIrVrYg==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 101 Switching Protocols\r\nDate: Thu, 23 Apr 2026 13:17:32 GMT\r\nConnection: upgrade\r\nSec-WebSocket-Accept: bFxJnkh7d/vRqP8DDkjSJLCFv60=\r\nSec-Websocket-Extensions: permessage-deflate; server_no_context_takeover; client_no_context_takeover\r\nVia: 1.1 google\r\nUpgrade: websocket\r\ncf-cache-status: DYNAMIC\r\nSet-Cookie: __cf_bm=en2kVk.Ftr.BHhQfbVNFZ_eKxlG2VuyWwZ821qC7Alk-1776950252-1.0.1.1-t98NIqzmXgPpEuMvSM1BZVZ23Um9GpSZr1qd6K3CG8lrTf_AVpuPlc.52ND5vO_BigGkWDOQtq4.z4SO8FmRXReKK4bBZLzXFvD85W.NHNA; path=/; expires=Thu, 23-Apr-26 13:47:32 GMT; domain=.galabet1070.com; HttpOnly; Secure; SameSite=None\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=PUgv6XxmgNO%2FJBeBLhGolxS4e22sk0h%2BDxXXXz3KC0l5EBNUYRKMvjBADwBbNikitCUr8YsvX6f5hJTQAXigjBqp3ijqhHhFO7xwkixBHrtxfcUadJ%2BZqxQ3zPGMZ4HC%2FMPLYWAY1zCtpoMJuuCvqA%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nalt-svc: h3=\":443\"; ma=86400\r\nServer: cloudflare\r\nCF-RAY: 9f0d26250fce569b-OSL\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=4136\u0026min_rtt=2994\u0026rtt_var=2825\u0026sent=18\u0026recv=7\u0026lost=0\u0026retrans=0\u0026sent_bytes=2834\u0026recv_bytes=1345\u0026delivery_rate=380711\u0026cwnd=66\u0026unsent_bytes=0\u0026cid=32020766d9aae389\u0026ts=104\u0026x=0\", cfL4;desc=\"?proto=TCP\u0026rtt=545\u0026min_rtt=511\u0026rtt_var=203\u0026sent=4\u0026recv=7\u0026lost=0\u0026retrans=0\u0026sent_bytes=2358\u0026recv_bytes=1174\u0026delivery_rate=4381240\u0026cwnd=52\u0026unsent_bytes=0\u0026cid=2e2e35aeeff48b1d\u0026ts=341\u0026x=0\"\r\n\r\n","headers":null,"cookies":null,"status_code":"101","status_text":"Switching Protocols","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-23T18:09:27.649541Z","times_seen":14112422,"resource_available":true,"data":null}},"time_used":397,"timings":{"blocked":0,"dns":25,"connect":26,"send":0,"wait":325,"receive":0,"ssl":46},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"eu-swarm-newm.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"eu-swarm-newm.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"eu-swarm-newm.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"eu-swarm-newm.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/___vite-browser-external_commonjs-proxy-CCjIxWCC.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:33.105Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/___vite-browser-external_commonjs-proxy-CCjIxWCC.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/assets/WagmiConf-D709ykut.js\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950253080; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:33 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:22 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2050\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=XC5V6Vr9y8lgat21pgUVMuvVblER9Zvbx6NJoA4GTdk-1776950253.148971-1.0.1.1-CVlo.89w.y7c.Lq0T6OPlJ1PudjGxn.vV1znsmESTbLT8t_piB_Z1Wa4ZLLcpao1ogoNU1vImzm7B7v3PG.XXT18e7ETOiOQfdHxjtEGDRAflsKSViQfkZ6mjsIxNeyB; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:33 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=FL5qNq6Y12DERBVGo0rpEBB8yCZgzIQdKB4D%2BjN4KOLMzGPoaL%2BVhR091O%2BnINsTdvq%2FAtbTaHRqEPDl79ZiwXotTOj3PKLr0d8j87vm5XvDtJdUeUqGkfAivwJ0lVf%2FtWZw7Q%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=3,i=?0\r\ncf-ray: 9f0d2629ed3956b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":178,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text","md5":"2c191b46b99e357a939a4a4b8c773c12","sha1":"3401415118bc2649e837edea0005ce70f99322bb","sha256":"b1497fa9daa91f85ecf7c57cf8615ded12e1e9667f07ab065133e14c39ded42f","sha512":"ae2b121ade5f07d63432308f0f51921ac0f6193b09dea272a3e61c220fa810ff129ba67ea1215e89b0e0ee9ba71b8f32f5662d705659a7879a90e94ae9fd0bb2","ssdeep":"","tlshash":"f9c080451654dcf462571d838619d801d54c4d6d73f4f9d0bb0c8d51021559b627df57","first_seen":"2026-04-21T12:24:48.947675Z","last_seen":"2026-04-23T13:21:42.199489Z","times_seen":4,"resource_available":true,"data":null}},"time_used":99,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":99,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/SportsGroup__platform-l0sNRNKZ.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.184Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/SportsGroup__platform-l0sNRNKZ.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.gallabet1075.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=Scch5B6duqujR4uPH.7GkWKJs8M_fPvvVCQt1BNeK58-1776950254.2851112-1.0.1.1-fwYX7yesmd.JEZma_JvLChFsTIvlLra10TO.qupgWDe.RqRzNHxzzekigpHwD7pOEvi53yg8.JEy9zzaQix0FhqWML1y_Qi4cV5kPm6K7xhCLbHW51L5dxqz6ut4z313; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zShmccj3OgzcTiNDYXabCfjibowSN9275lYmOY%2BR2RrgoVzVutjnM%2B%2Bg%2FK0dtyYUkz7vBU%2BZNcBAGseqyj%2FP0RlPbr4RrlH9Wgd27S6VZ%2BwFhj%2FLq1%2FegMvhL2dWX0M9eQGMJQ%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\ncf-ray: 9f0d262ffd1356b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"very short file (no magic)","md5":"68b329da9893e34099c7d8ad5cb9c940","sha1":"adc83b19e793491b1c6ea0fd8b46cd9f32e592fc","sha256":"01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b","sha512":"be688838ca8686e5c90689bf2ab585cef1137c999b48c70b92f67a5c34dc15697b5d11c982ed6d71be1e1e7f7b4e0733884aa97c3f7a339a8ed03577cf74be09","ssdeep":"","tlshash":"c700000000000000c00000300000000030300000000000000000000000000000000000","first_seen":"2023-03-07T01:02:54Z","last_seen":"2026-04-23T17:16:20.046784Z","times_seen":191820,"resource_available":true,"data":null}},"time_used":258,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":258,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/if-defined-CWaLTnLW.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.443Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/if-defined-CWaLTnLW.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/assets/index-BJ21FeBp.js\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950254126; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:23 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2050\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=U3kE9OUcmb1cwdYq.mqG4oL3tAq9WKdTapVgzqJbm4o-1776950254.3924813-1.0.1.1-9W1Lr0LzC5e5Ei8blKd1hKZWtcMPWCIisZ2RfiexIDV5M3.muiL0HOCk83U6tAcQEOjca8r1qlYQhJaY2j4yjENEz.v9pTv7BDeV0CW.KUFDAolFIAFz6OGGjVx1v4w6; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=eGXfSaXY8wgYEtBztHJ4IOwZUbF4VsRJv3%2FhMWqV6fGDpE3BK4GOZGAApOYpFY0L9ir4m8vkYUgHWJ4ZSLjMKu9DGFjd8zFKzz5MhWVW5QpXmWqld4lWDSLdPXA7vX1nXCcIgQ%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=3,i=?0\r\ncf-ray: 9f0d2631af0a56b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":53241,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (18566)","md5":"a3b110c47aadc250e8c08286a3927c90","sha1":"dc2412f014870a6cdd5d3fe64734a12372b2e66c","sha256":"ff1673476716b35b4481265e15bbbf19e034f23574e163b4f79ab7e39ee93d55","sha512":"a4b3491b2b16d7c8346d302b6c57643dfd39947c2bd5292310d2f86940fd9980430abd20062b49151f9417afc5d133f9056f0da838e0afe5e1c0b3b561b5580e","ssdeep":"1536:vMetjKG9nc1EM27QiZmqog9o/LxGRbVkT68QEC07G8:v5UZg9o/LxGRbVkT68Qup","tlshash":"203308d472d671a243d386e5843b001bf3753824382d846cba2de9dbbd35a4691bbf39","first_seen":"2025-06-12T05:59:20.504038Z","last_seen":"2026-04-23T13:40:25.935372Z","times_seen":587,"resource_available":true,"data":null}},"time_used":174,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":118,"receive":56,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/FeaturedGames-DWwns83P.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.589Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/FeaturedGames-DWwns83P.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/assets/index-By9i3a2L.js\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950254443; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=eGras9MhAVPqi41stMlLCQrGm_uBR58MqkgnIHD1g_U-1776950254.6227052-1.0.1.1-qEhd2oe5.vb_zJimhHc9CFRNwFYEDx9l9Sbkrix9vxBUrBZnt.rjQIQfDqvGAhdc5A6mDZ3D1fVTjaWko_jOGCgiLUr_ze3arxozwXD62h.DiK.zStGcd1KBnfq9d3Hu; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wiDfiIFOszH4bYqBlI7so66jvsdaxKaKc1c4yQUdarfZHuWbUoQR8ogBm1DeaEHr%2FlPIbtyQJ1akHcczRUdrSnrZTRJ%2BFwxw4PI70sRi6YTn3WEt7v97tMP5deVZiZYxbxS5tA%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=3,i=?0\r\ncf-ray: 9f0d2633192f56b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":7902,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (7901)","md5":"bcfddfb5689ff1c2391259b2f348992c","sha1":"ccb1572c067373494366fb079f2fd90fd898db07","sha256":"50b6bb1d3eb822aa4fc92de52882f9c26159a5376b6bbd24f54e76eff0551203","sha512":"776eb0edb6ce0b236714cf9b2d4153f65bde3c9fe57ead2163122cf7fbaf425b896bf2562c4d72750f762886b555d5eb3dee7a4ff03bd95cd4247b60ca87f302","ssdeep":"192://E3f6HZEUDkH92wlLcoWhCWOJmMwL4Bflg2yjTl:kyHZsH0wlLc/h6S2C5","tlshash":"40f1e90ae010b67de57b49e7b13f5508f47a0ad0e7190c90d0be2d2919e9246733ef8b","first_seen":"2026-04-21T12:24:48.910669Z","last_seen":"2026-04-23T13:21:42.12532Z","times_seen":4,"resource_available":true,"data":null}},"time_used":101,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":101,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69e6f4c07ce/js/twk-chunk-2d0da3af.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:41.249Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 06 Mar 2026 09:33:33 GMT","end":"Thu, 04 Jun 2026 10:33:27 GMT"},"fingerprint":{"sha1":"F0:6C:DC:32:63:CD:34:E3:15:CD:7F:77:F5:A3:64:E0:9B:36:95:83","sha256":"B6:7F:6E:A3:69:3E:0D:3B:04:3E:8B:65:86:7E:1D:5F:82:84:18:16:8D:AD:72:D5:51:E3:46:BC:BD:CD:BC:38"}}},"request":{"raw":"GET /_s/v4/app/69e6f4c07ce/js/twk-chunk-2d0da3af.js HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 23 Apr 2026 13:17:41 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 21 Apr 2026 03:54:36 GMT\r\netag: W/\"477a2a623a80ff8f0973f666737bd915\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\nage: 206537\r\nvary: accept-encoding\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nx-content-type-options: nosniff\r\ncf-ray: 9f0d265ccd05b509-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":14213,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (14213), with no line terminators","md5":"477a2a623a80ff8f0973f666737bd915","sha1":"74c39f31f294f54b947a9c2cba87722ff7817e5f","sha256":"9e74172aaebeb58804494741e8d7ecc910af78072e57a007f8e78749df40065f","sha512":"3ecfab73dbc492d60e250391376fa3c2e66083b799a6180e575bbccf3becd4092e69d827eca51422082e8074420408b46311e0a6479b0742439debe70d5cfbe8","ssdeep":"384:UJw/U5YK8Hx9KJ+ThWazJbUZDkM0kWEYPk6F+UtKM5eH:6+9KJ+ThWazJbUZDkM0kWEYPk6F+92eH","tlshash":"a552c6a7b2a4782d42379712308f3205f33b7d45b215da19f36edcea4aa84c16056f3e","first_seen":"2026-04-21T04:02:24.30834Z","last_seen":"2026-04-23T17:55:40.661449Z","times_seen":616,"resource_available":true,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/index.es-BkfTJV0A.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:33.336Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/index.es-BkfTJV0A.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.gallabet1075.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:33 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:23 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=aeVRXiVV_XglOYxn3IsQtYWFanXjdIQph_mM_KJX3kw-1776950253.3839371-1.0.1.1-.O3FaMZsofjB6CORNatPOeXNK2MPFnm5dxxXLx.KnNRgJ3tJjRN5aTOtqi7y96zbStAz1dF4Yr44xl2bqCc6TtipK93Dh4F8Q7XiPovFBMQZy4JVCSAXcdPB4M5SGDPI; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:33 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ggSwgl%2B1eVItmSu%2FZ7Js%2BGiptEZdj7Rkws0DW4%2Fd2agwPF6VMYfGnizB4akwQilG%2BweANXCBIrumT3yY0B2n7yZLyMrPjqq9IXDx0sao1uO6YWU90pxJtwn8ann22xb5Y2yDag%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\ncf-ray: 9f0d262b5eeb56b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":295236,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (48930), with LF, NEL line terminators","md5":"d4c0f6a13779520ec62c334d9a90e979","sha1":"9548896524faf8ebec9ce02845ce970dc03dc90e","sha256":"45866419629e89bf36ca8f0b1b7f4743bc1f24a31d2a062dcf1a5b8382084fbd","sha512":"50d9425898af77456bb5f63e653af1f715c00e4cc96d2ede6e26af65d3d3420edc38e1029d22b8d0d61b6cdbee1e194af586a1935e05e3af6ebf4f467fda6dad","ssdeep":"3072:bzCw7+KZdQZvC7VXKAMJtSu7XUYK9u6IN+8P1jXJphlzfl8FnN1Nd6UBh:bz77jdUC7sJJMcXUYis/ljSFN1Nd6UBh","tlshash":"1954098472a6f57503d665a4943f2642f2395c64b00c806cf6acfcdebdac449a63bf78","first_seen":"2026-04-23T13:18:15.318701Z","last_seen":"2026-04-23T13:18:15.318701Z","times_seen":1,"resource_available":false,"data":null}},"time_used":415,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":343,"receive":72,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/MarketTypeFilter-DYMtYos5.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.850Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/MarketTypeFilter-DYMtYos5.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/assets/LiveGamesWidget-iPe0Z4pg.js\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950254700; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2050\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=PdqiJutizj_6FQcu7SKcbl1iWEs3C1uibPwbqVOxN04-1776950254.878068-1.0.1.1-qpOReYM.fm0DbdrbaLOB_AGYEYB6kWyfLsod.eKo9gmc08br0oZZet.StMVgR_pKBrCDDSeHO3goh4UFEZcLike_Wv6T9brNcaVkf1C3C1zKNGzrcomipjZRYHfr5.tT; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ePOFEewjtwl44umiZADbEllDGL%2FYdwTylt3ATGaHY%2FrkDQFfKL68AOwkAHNOr%2FZ5KOp%2FrXrpBdXo5QO3XS5nB4EaaXhmB61zSYwYG7brNZhlXTmUSM9nmJbbH1N2hDqQIXziaQ%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=3,i=?0\r\ncf-ray: 9f0d2634ab6256b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":868,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (867)","md5":"7074c405da51af2784c9d5ce70baf5cc","sha1":"efbe41e54689d7f18787107761834b149899441a","sha256":"cb8b582f9ed6b75c9bc799db63a35da824375198dc5b44900528598979aa3e3d","sha512":"1d5c5426845c3d7d5fc07c38b32d15116e3c041d8d6b644c4daa6caaf9d5d5b3fc06ab7967c185207c9ada9d4735e41d6ffb5772564485e220223a826337c6ae","ssdeep":"","tlshash":"af11e345f744e3fcf23b1dc8c56d481853110a989b3946e1e02d1e950765585622ee4a","first_seen":"2026-04-21T12:24:48.883577Z","last_seen":"2026-04-23T13:21:42.120068Z","times_seen":4,"resource_available":true,"data":null}},"time_used":101,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":101,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/SwipeableContainer-X9GPeX0n.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.860Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/SwipeableContainer-X9GPeX0n.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/assets/LiveGamesWidget-iPe0Z4pg.js\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950254700; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2050\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=WDVBNsiMtg4dW3wbJJ1pHb39YyCqGRxi71QYZTc75cc-1776950254.8982553-1.0.1.1-Ob4ouSt_QoWlkxxRqxel95YajymEy0QXrCSJdWWp4si5TL6bPKZn9KdxqcIwPOGLBb5901_ixU0zVv51g1dBgG1hYedFNCIRy1gMjD8_kSLtic1W_84q9lm3.sySrHBe; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YVbPTux%2FGBa4Vrf0B80ABrA46S8QYoNU4BX9njYo5214SiMB3BaHBxvw%2Fg2rucy96SKOP5fhAXRsxZPSfHra1V25pl7wvSZPQspONIQHfxsqDx8TqttexiyKtAlLRwI1iegypw%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=3,i=?0\r\ncf-ray: 9f0d2634bb6d56b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":1866,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (1865)","md5":"256cf910e286cf87d48005f99e79550f","sha1":"10ca9c0a456f565d7bed48eec780a225518d4554","sha256":"90a8f7a1c77844b10286a533a15e2917a6604d76bce574d27e972b178fc7a35c","sha512":"cc85a7c142d992f8b4943d85cb539c22165fad970cfd28dc0c0e6d10cebbd964c371c7102a76ac09bec8b209cc533a85158c9785e4ae8639be6efbaebb24a65b","ssdeep":"","tlshash":"b9318746d03aea74f623045a92998468b77b73a0f60909e4b07c4d28d73529df30efc7","first_seen":"2026-04-21T12:24:48.98619Z","last_seen":"2026-04-23T13:21:42.151562Z","times_seen":4,"resource_available":true,"data":null}},"time_used":120,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":120,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/header.json?v=04/21/2026-12:07","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:33.613Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /header.json?v=04/21/2026-12:07 HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/tr/\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950253481; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:33 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 14:17:33 GMT\r\ncache-control: max-age=3600\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=9s3FDJzaTCQtoaNjvOuoObnDcsPBR8XKSpjEOIr.ygU-1776950253.6607168-1.0.1.1-p.rz1QdBfFjqWRkEirw5FJXkUIWUOeC5OV6CSUiNyNWJ3VF3ZBD9pmjYK1xbUOj2Db15sS901ddmjoJz6Nzqqwwaq3gYuOULWwwmietwnhFPi3z8hglHJFcbIvVGDdlV; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:33 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gQE%2Fb80TXGw6Rg21U7QQxb%2BQs7wVfqZjRHPiVuJfN0hk0Q5hJrSEpsHYwBRHUmPLZs43r9TFH2opSKlSaEhD6%2BFX4mR2%2BcTnsm7uzyGVkpKbhKUeBhdl01t4csbWkd8tDFsnQg%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=3,i=?0\r\ncf-ray: 9f0d262d091f56b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":225,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"4fbc119c5c8514e3587fdfa01f205866","sha1":"a396d7f127ee203b471f1a7e507184318e74163d","sha256":"10279aa2fbd66a0c0140d4b4cf9a39b0c9bd14b18bb35f1bd6eb26eab355b9d9","sha512":"9eef97111b2474b705b496860ecd29c7c591ddcb79887d755e5ea7bcf2d578a68bbecdc54ce4f11954f679ff2b8b5cf060da8cd4287a78a1fc3a92fdfc6125b7","ssdeep":"","tlshash":"cdd0a73aec10da7073a0c413c18067801140e514d644485c9cddea5a93dd7891180b67","first_seen":"2025-12-24T22:39:16.192168Z","last_seen":"2026-04-23T13:40:26.070858Z","times_seen":48,"resource_available":false,"data":null}},"time_used":154,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":154,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/JackpotPoolsWidgetContainer-DiFR-VGp.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.582Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/JackpotPoolsWidgetContainer-DiFR-VGp.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/assets/index-By9i3a2L.js\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950254443; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2050\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=xgRRFOqVRdzYrphBg9tynPEIgnyFOOqREHGX1qD8Kqs-1776950254.6011426-1.0.1.1-mWX8wM7jMlzjiCgCpzBy6uAyiCYFrfdDgroqHn_KvT9MHSiIHf5H24i_tGs61QhlnD1WPslWPYD8kZaBifmgq.Ol9Uzo0NPeywKmDNV6eps.chslGNSeEcNxjqVzHLaY; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=m1hUjfhaYLcI%2Fv0tNUcfvmv1CJcUrYBBqMorotbsqoGrW1wd5JQ1A6ml2O1wPZbKBRuv0kdhAy1aSMxj9C2ysAcuPuc1T7YxNLaIQYTxwHBax2ACOvSi8%2BOg6qxy38esb8SXzA%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=3,i=?0\r\ncf-ray: 9f0d2632e8dc56b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":5753,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (5752)","md5":"662484a9e667070db18823ff53b74cfc","sha1":"571d6d3704bba2b40e58651c46b5fb38bea0e5fd","sha256":"6cb2ea96a78963ca6aba1a9e89ea6b0be508e1faeedccacef2b9dbaa3574b63c","sha512":"b82e64eafd094f3830102431c8e6fb9d3c87c2374e52c2e0ec429979474e34ba0f9d800dce8bc58cebcaffe0290a66129fe19a904517a84ac49d0be8be979402","ssdeep":"96:jNfsm5Ty1jTATH913jmbw34aBlX2Z0FmWoeCtpi+3vieNMaxttM7zJ2d:jNUnjembw3Dj26FmheCt33aN1q","tlshash":"acc1650bf017f7fce8ac48b2416ed10e3b2d1ba9972141e4d0ad09281b6c855f769f9a","first_seen":"2026-04-21T12:24:48.937201Z","last_seen":"2026-04-23T13:21:42.233704Z","times_seen":4,"resource_available":true,"data":null}},"time_used":101,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":101,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/fonts/rubik/Rubik-Regular.woff2?v=170","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:30.608Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /fonts/rubik/Rubik-Regular.woff2?v=170 HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/assets/index._m59fQOD.css\r\nCookie: SERVERID=s2\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:30 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 65016\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:45 GMT\r\netag: \"69e7308d-fdf8\"\r\nexpires: Thu, 23 Apr 2026 13:43:19 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\naccept-ranges: bytes\r\nvia: 1.1 google\r\nage: 2051\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=oktTGEaK95chDMrzv2cfq8Igu.CgQPud3EVheO5zXEA-1776950250.793517-1.0.1.1-GSQuOZsMc258HN5uX.eZLpfwg5OE7DbdyDIbF49T4QEpS9K3YF5kELMNtKhKC0jlYHMwY39x4g.scbPnAXOntMItt6QKnchBzUjwj0YsRfKbI0_kdLWClZc1MbpyM39n; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:30 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QVBWSw6bIAm8tqGXM63UuTBzAoYZrlOkq1LYLMHAL4j7kouhvpPoKYAhZOvRiaOks4iWdLm%2F4Xb2XDbpTU3fdTOdttNlCuuWlw4HIZWP4Yfpmw5Hfev%2F8cbrU8GKZ4VmhyzzsA%3D%3D\"}]}\r\nx-xss-protection: 1; mode=block\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\npriority: u=4,i=?0\r\ncf-ray: 9f0d261a49c556b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":65016,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 65016, version 1.0","md5":"8337ad8d3b81dfebdda8672beb48193a","sha1":"e4c2689401e0b7a102a7e7d2de80ef4d00113ebf","sha256":"5a1334fe02cae3435260fb5a1cec196d3d6727943cf3e8d41404f996bb3654d7","sha512":"e2a2cc53ba800532793a338f0b1ab6fb335a4f7797fad5c70ea41ddfbb87289f631998e4c539c097f9d45b08228dc5692386d4ed1fee5d7fc27c96c2acfa051c","ssdeep":"1536:fcgmTURFnEYA8sMb4NUfaJOpe2G62dP2ZTCKWCz:fcgmTUzEQfCkpZ2sZ2Kbz","tlshash":"13530212124e446cb0a8d1f2fa73b5b3a46fd92f4677986c7a4e75046ee08531c82edb","first_seen":"2025-11-27T17:13:28.640443Z","last_seen":"2026-04-23T13:40:25.946117Z","times_seen":26,"resource_available":false,"data":null}},"time_used":372,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":277,"receive":95,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/GoogleTagManagerTracking-CdCbiusO.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:33.759Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/GoogleTagManagerTracking-CdCbiusO.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.gallabet1075.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:33 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=HGq1MJLBmarxqBtuxGrB3OQZAOGAakcPqRzjh9fMAm8-1776950253.7831273-1.0.1.1-3ZV1fF5bqSHH9UzVhgsJvmV20DNDSgyuHQrS90KI7sTCeF_pLhOrZaPEAuBEygwPi8gX.3exB4pevXqPPd1H5AdL9RACm7QI59b4xbkufA9G3.vDjNex3WDtJnEbqKfy; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:33 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FVlrp%2BCQa%2BFcShXr%2FPknu0Bdg1VwJhMEBlNg4TkT41Gwa1gh%2Fxwnoj%2FgxnAm4wsCQ1ZbjVmu6vFKVu4ug42u08lYK%2FVl8PS224Z4IX4ix2JbJHG7Uj9M0nEjbFk2h%2BqeW04bPQ%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\ncf-ray: 9f0d262dda3d56b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":21773,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (20471)","md5":"5d9e93426ec57249fd88745e9754c532","sha1":"529a3ec4a06dca386a2993fef6d4cebac1491cb7","sha256":"9e37d98b3fb5dc90d44ad81bb553aca186d59be34d2517a3991be1595feafcee","sha512":"14b18f8a2e347b10614046f90e1b5b3c8c76c4f2faabbd918ec2c2ff7ac7a177776ada8f413921475991ddee5179b971df31b6aade5a4d3d2f2374fdbea1e53e","ssdeep":"384:wbiHYqBlsFPDVPoZVe5mze5IiWVyoxJUJF+FOndK3pqyuQNJg1F0TQOmJNwizwTr:oi4yKtoZVeo66iWVyov8MFOndKqyuQN3","tlshash":"12a2bac7f9a548a0b5bd1fe81fc2528635b1b69af49144707c9e7c0c223cc4ef2b5a69","first_seen":"2026-04-23T13:18:15.323347Z","last_seen":"2026-04-23T13:21:42.153679Z","times_seen":2,"resource_available":true,"data":null}},"time_used":180,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":179,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69e6f4c07ce/js/twk-chunk-7941cc06.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:41.267Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 06 Mar 2026 09:33:33 GMT","end":"Thu, 04 Jun 2026 10:33:27 GMT"},"fingerprint":{"sha1":"F0:6C:DC:32:63:CD:34:E3:15:CD:7F:77:F5:A3:64:E0:9B:36:95:83","sha256":"B6:7F:6E:A3:69:3E:0D:3B:04:3E:8B:65:86:7E:1D:5F:82:84:18:16:8D:AD:72:D5:51:E3:46:BC:BD:CD:BC:38"}}},"request":{"raw":"GET /_s/v4/app/69e6f4c07ce/js/twk-chunk-7941cc06.js HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 23 Apr 2026 13:17:41 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 21 Apr 2026 03:54:36 GMT\r\netag: W/\"09a6b2a4fc1400ec37c1115e6aa1670f\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\nage: 206537\r\nvary: accept-encoding\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nx-content-type-options: nosniff\r\ncf-ray: 9f0d265cdd07b509-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":53530,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (53411)","md5":"09a6b2a4fc1400ec37c1115e6aa1670f","sha1":"d703fbc76276de75b56fad5c189fb663146d116b","sha256":"59147272a66366aa00b1f3771a23f360ee90c3bcac88ad31f59d29562b2d3c28","sha512":"2af2fecb20cad761430bd295a3e8846ad7404f20c9610dc8e20010e4d941b9067a192e700a964b92fccd2289ae4a10eb0e2ae81db8323b49bc3c0543dfe0e457","ssdeep":"768:Vlxfu8+HYUmI+rTRWf2z+y+Um/+VRJWf/W+Hc1lt7Gj67IW8/JGvgLCBxf6stK43:xfurowf20UJWfO+Et7GZrC90k","tlshash":"a533c8c9b2d6f4258763632130af3006f27a4964a81dd155f334d9f6b9ece48a227f2d","first_seen":"2025-11-13T12:40:48.539817Z","last_seen":"2026-04-23T18:11:58.702593Z","times_seen":28824,"resource_available":true,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/index-By9i3a2L.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:29.945Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/index-By9i3a2L.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/\r\nCookie: SERVERID=s2\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:30 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:38:42 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2328\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=BV5hsbjG7BaDxCtjOajwyBPIpAOcOReS6iLgq55w5TA-1776950250.1271627-1.0.1.1-6X91turlQO9WpG2tEmNXRQ6hXw0L5k6JlZzCkaPc6aOC.YB3n3869KP4TU_MAk4kKJvknFDZaDUoG8Z.TB5xKEFBMIHDM5XMSm1eMQUCpz6hdFZKtQGRn24cD1UwQkv0; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:30 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Rfmzgbx5ekzsYjqiwGsG2DBa2Vjvov7JPwpmOCTf%2BDz9V2s28ZVjbOhqU9SXuXuUICe9P8w1Tv3j762d4S0vj9FjIvcvs3hwlJbCX0dTiuelDZF5nCSOYT1sdAykyBmRV8Vtzw%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=3,i=?0\r\ncf-ray: 9f0d26162c5356b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":1137774,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (24532)","md5":"a5ef39b4b1955bbaa9d8931914abdbf6","sha1":"c6c4c2baecc68a96de72fa8e7f9df86e6fe922dc","sha256":"fb4f76fec46a321c0f7917703ccb22032259b175f7661e3e4bde4d870e65d627","sha512":"c6e08aa3c34683d424bc2856268c145932ec399bb0f0f0211e146fdd8ff24d3b7c4d0a9fca85ba081fd6d9a5007a2bce05b2eb3dbc29282e7b6ea38ed03755e9","ssdeep":"24576:lVo+1lCzwqTwWJPwgi2DwWTgExZPq4WhcKD:lVo+1lCzwqcWJPwgi2DwWTgExZPq4Wh3","tlshash":"2c257d85b155b87997b709e564af0102b1391e00f44cc460f67cedae29b9809a3bbffd","first_seen":"2026-04-23T13:18:15.270664Z","last_seen":"2026-04-23T13:21:42.184813Z","times_seen":2,"resource_available":false,"data":null}},"time_used":537,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":269,"receive":268,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/dynamicallyStructuredPages.json?v=1776950100000","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:31.378Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /dynamicallyStructuredPages.json?v=1776950100000 HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/\r\nCookie: SERVERID=s2\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:31 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 14:17:31 GMT\r\ncache-control: max-age=3600\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=LIIpcxCKMhrSqQhVGdMHp5qXlspsnbSWEmJOuSRRKIs-1776950251.5515296-1.0.1.1-gJ2FUh9EcsHGxiBWgi.Oh.vy.W3cS7E7wKqCECFvzMsBEysPVwQ41nY3nq5RM_z48_PORq.fqyh9cR5U62zS0JU4Q.1UPGHeMMgSerNow.z7Dj1jIVZ_8ZfMEM6ezoMS; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:31 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wXsD%2BUGMnE7AEmcl7z8v2z0NpsFhQqu2v5WgrGEtXpXS8eOYCCKNiYYZc9mgXMdWXZpYITfyTAvbzdQtE88QZKwCGjbKogSE2KXycat9mEHPOcxYr%2BZWkKqrM5sH3WR%2FX4MImg%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=3,i=?0\r\ncf-ray: 9f0d261f083456b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":764,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"61ff5ed77b867ea7b436a21eb8e5ab4e","sha1":"91488963a9157554638375ada821c4bb44b12dd2","sha256":"8329002355bc98821e6757dc86bd87104c3f79ab3fa48db2435c5d3baf0ec870","sha512":"e93a660a89166b2b4f17735c7ed67f95b3b333006596634a735da5159f605181c8a74bffe6924a82feef888aea5bab127c2aaf77685cd27efbd0d71b9d888456","ssdeep":"","tlshash":"2001493d3c10ceb4f7a08862d58167809992e576c7880c5c2cdeeb19c3ad24e1441b7b","first_seen":"2025-05-24T17:16:20.011585Z","last_seen":"2026-04-23T13:40:26.096204Z","times_seen":2476,"resource_available":false,"data":null}},"time_used":282,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":282,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/GameListItemStats-BXlmppzY.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.188Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/GameListItemStats-BXlmppzY.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.gallabet1075.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=LQZry3gbQ2QyheDongOWt5YEA3WhSgNdg816_xIHbjw-1776950254.140502-1.0.1.1-uNmmdoNsgyRmyWVvLH1UF2IFpzkvp.a83r4z4w83OqlMeqvCjfaPAnPT7CQzIEeI9Y0Otqdcsghpbd2HDiMzh0_h6xdXMfhGfESKV5fhAecOl1qCF5SHap9GvfgBneZ8; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Cl6ll2fbc143fWj42sWcLABiYuDkf4z8lBgX%2BCdpTtFtWoog6pGV370CyzaSAN987d1aVc82xYvGDwSWfSOXI%2Fbfvz60dQkhl6Yk1AfoAUCsHsJnQ5f6smSNNlG6E84%2B2pZolA%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\ncf-ray: 9f0d26300d2256b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":4429,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (3870)","md5":"5a6ad4919fb9e228ca0e1d839135878b","sha1":"7bc35eed27701315327f9b369ed74d92e7473911","sha256":"c88bc939f2174cf36b70cfef1f47432681161624ec76321a8f91aa62c701a279","sha512":"5ff28aaf23042d2f240d46fff8c7632a2b09356f3400d0093ad4651d1453d9be7abb4bde81f3c6a0f8176d866f13fb2964bf2d8b002ea6a7bc4aa0990102c9c9","ssdeep":"48:jOrkT/A1GF51Nf7/89lCgIGl5SLsK8vCK5Jx5fTYyx7XgxYzm9/L8umGus665LQj:j9A6Nf7/8jC6SoK8vCKfxay9iua8kQP","tlshash":"a791a69150745bad753d0cad659faa00205a072cee58caead5bd1f2e326c04e7337f74","first_seen":"2026-04-21T12:24:48.941466Z","last_seen":"2026-04-23T13:21:42.114814Z","times_seen":4,"resource_available":true,"data":null}},"time_used":115,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":115,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/withPanelButton-CZMGiM-x.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.499Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/withPanelButton-CZMGiM-x.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/assets/BetslipButton-kdf82NBZ.js\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950254227; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2050\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=T7wbrBErx6EaWtXKGnh8TSxkc8RipUHSeQqCEu1kOcI-1776950254.4201083-1.0.1.1-Wfsad.ZTtTkyVW0k7Gw5ypC0Lq4ivP9MnohVp8yXQDVb5wtiSIbd64CaqAMLV.KwW6ao9l2wyEMvrpQMaRxfkskBwYQcGBVLr.Tlfug8TzoFTNuzajTnqRvV3p7YsBcB; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Ny2P%2B40HiO9MiPOUFcjrVjZaGc2TDmhx6wleW1CFw1sjnZNTR9aOYaJx5Pl1kBpMLx4J%2FbrMPY5q4fsYtHJtP2vXiH1cL6a9dg1Klizy19xAkcXifwH1ESaYqeKFQ8HYHMYWrw%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=3,i=?0\r\ncf-ray: 9f0d2631df4456b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":1089,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (1088)","md5":"f4d15b1bfd3e75dde9577068cfe0fd2d","sha1":"77654457476f7caf254ef7bb2b5f00f7ceb41661","sha256":"ce48c81643016988a5bd0dd25411546e92cb88e93a881fbb28be7e848fdd93f0","sha512":"e412e91e3edc4c462aebcb09787ab705a6681ee081ed314be4347d7952e6e2e26237e5a46b93a69a00da19a53ec04c4684986be9a6db16e56d8d61d66eae2a78","ssdeep":"","tlshash":"d21112f4f580a9b2f4c41088577b2cb6319f32cadce1049021b6c8e91ff9448965e9af","first_seen":"2026-04-21T12:24:48.867057Z","last_seen":"2026-04-23T13:21:42.140256Z","times_seen":4,"resource_available":true,"data":null}},"time_used":109,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":104,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/FavoriteGamesContent-Dih0wve2.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.671Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/FavoriteGamesContent-Dih0wve2.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.gallabet1075.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2050\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=5cM.34p9Wsbw3jftJtxnMGYZlqDicZ_.Iv0UkEcNI1E-1776950254.811453-1.0.1.1-Ch83vCcCnnGJbAHCLcRRG60Y_Kbx_FyqGQbrqsV4qyxSpa9B.7oDI4IfDfYGa98qWHPM1wqllnKaEml9MP6VqlLL5qzY_kCPeAIwlcMJFIsM8u0O5f396t8kqNu3MJgu; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fODO3RfY%2FoJK2vXMFWOh6bbi3%2BL19FUspKGQUvGWG%2BS3obiK9MemUZrbT0zCknhzn1BlSGbemFw9RRquQRMr9Ywsoae110XXx8O%2FL85SGpFfVzr5e3JD7%2BJH8Dwg16U%2FNYUQOw%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\ncf-ray: 9f0d2633ba2156b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":3155,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (1734)","md5":"908b6f08461acca2709ec911c51197d7","sha1":"888cf903783b8dd923aad19acd1eb664291a7891","sha256":"0f950782f65e4b79ef1b137414bdf3b8ecc50182087346bcbb50663d509c7077","sha512":"191364915a5ca76736f37b7c6b11eb165567184fb9e5a3e84eec324e41c7f32687ef026ccf2f82159e37549795a72c5508dd6d1234f5f4498e131f70ba17b33b","ssdeep":"","tlshash":"d651761101009fedba9eadd92e5bc1a054f6078c6155c62ead785f7e302da407137ff9","first_seen":"2026-04-21T12:24:48.915813Z","last_seen":"2026-04-23T13:21:42.192845Z","times_seen":4,"resource_available":true,"data":null}},"time_used":190,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":190,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/Odometer-BwyieHyx.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.872Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/Odometer-BwyieHyx.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/assets/JackpotPoolsWidgetContainer-DiFR-VGp.js\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950254700; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 503 Service Unavailable\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: BYPASS\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=AScijLCvMnrsbpaHdPEbE8JpQi83nDhh4hk8WgqP2Q0dVORaGaIVIuxNIzoDdGHZgJvF4V9vpNyJPbdUKsA7kc7eUzOrw103kulS3fbeuUB%2FszSjxsggjUfEGmuJ0stCbO9M2oo%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f0d2634cb8c56b5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"503","status_text":"Service Unavailable","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-23T18:09:27.649541Z","times_seen":14112422,"resource_available":true,"data":null}},"time_used":77,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":77,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/TabItem-BzmBdnmn.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.870Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/TabItem-BzmBdnmn.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/assets/CasinoTopWinnersWidget-V5-R6cR2.js\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950254700; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 503 Service Unavailable\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: BYPASS\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=AR1XInrbjGUtwe6%2Fz8shDnE8Bkwx3XCHQ3cVad27L%2Fi9YUoj31n9dtL%2BP2OR6CkpGu2GC3qp2mxZyPM0Odku7m7iQFXs5zulDCa75Qcg%2Bj86M60N5VmaLj5f3DlbtQbpgi6dOHg%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f0d2634cb8856b5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"503","status_text":"Service Unavailable","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-23T18:09:27.649541Z","times_seen":14112422,"resource_available":true,"data":null}},"time_used":90,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":90,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/tr-BJOLX3p9.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:32.234Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/tr-BJOLX3p9.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.gallabet1075.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:32 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:22 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2050\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=Vou0Vjs2HNwesEVzolycCTfVGYcSSOMG0TtsDGl59Io-1776950252.4364245-1.0.1.1-W08u64k5nbfTskKfU4X_8cX4LQCAZg0oibicC7i.2FcNu1Fx1b_M3R8rfka.5nT6nf5b4Rb2D363avJCC5Tq9maQ2_Y3CcHdMqPK0X.jkDmbjgFpPn_wBSysQVE4UDCf; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:32 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qTU2699fyv4zAn%2BfSLPBTd8U1M4Lt%2Fk4VUUj999RFEGOrbYU1LVwJ2CiQSbV0q6gqjdWL1GllSv8KYrh%2BUM1E3z%2Fw6%2Bi2G0tK9QVtc5WqAgZIpBc7QzLRYM21oPnP%2BdzgqkClQ%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\ncf-ray: 9f0d26247eec56b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":1459,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (1438)","md5":"848dac39aeadc83e3e3db257768fc109","sha1":"70882ae65034895049706536f339a84a05a38681","sha256":"4f7f017d03e2ca9f07d08eca3090c1bdff99623e91bb0e5dbb1f63be1f4456ab","sha512":"558018a24b150f92bbfaec01d53da786ffcacc01f08edeb4e434a13c6fcb2249a6bbbe058ddfb9295247187fe024ee8fd2e00ec5f5979fc2692fd2d1840aef04","ssdeep":"","tlshash":"9a31728d2946ebf28b011887cc2f4f04f81c2a187035f6605ba0c461ba709ee807ef3d","first_seen":"2026-04-21T12:24:49.066623Z","last_seen":"2026-04-23T13:21:42.206211Z","times_seen":4,"resource_available":true,"data":null}},"time_used":264,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":264,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"explorer-api.walletconnect.com/w3m/v1/getInjectedListings?projectId=45f4062f4f6427f9e6eab952d2452b3c\u0026sdkType=w3m\u0026sdkVersion=js-2.7.1","fqdn":"explorer-api.walletconnect.com","domain":"walletconnect.com","tld":"com"},"ip":{"addr":"104.20.35.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.619Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"walletconnect.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Apr 2026 19:35:08 GMT","end":"Sat, 04 Jul 2026 20:34:55 GMT"},"fingerprint":{"sha1":"29:D9:EC:AF:28:AB:86:B5:F5:38:A9:38:B4:CF:23:E6:E6:9C:63:04","sha256":"83:7C:8B:D4:F5:FB:85:02:A1:F8:37:D9:53:80:6B:8E:C0:ED:FA:F2:DE:40:56:27:B6:C1:31:C4:A7:8C:01:8D"}}},"request":{"raw":"GET /w3m/v1/getInjectedListings?projectId=45f4062f4f6427f9e6eab952d2452b3c\u0026sdkType=w3m\u0026sdkVersion=js-2.7.1 HTTP/1.1\r\nHost: explorer-api.walletconnect.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.gallabet1075.com/\r\nOrigin: https://m.gallabet1075.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/json; charset=utf-8\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, s-maxage=86400\r\nx-robots-tag: noindex\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 9f0d2633bd2756aa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":443896,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"0c7cf51ae6549c10173059592b98adf6","sha1":"21b2e1ee5d6b6222e881701258b6cbd09c235b6a","sha256":"642880207c728644f64fbe4acbbe3a110e13b40f996ea7244a3a2a069d18a5b9","sha512":"69bb90152d3bc54058896667507fc3e27ff00577249770c49633ad035dea9dac9edf7a0eb9c0175ea4fd00da6d21fa8806928eac9d5f2b18dcb06d661395c8be","ssdeep":"3072:bnVMpaZB9ZbVITZyYA5vrAdZ7GlAMIDl3g4Wcmvu7IHkFQ7DWgkI:L+uBLVIgh4WHu7VQ2I","tlshash":"959444bb8f848e5b1b280bc9212d3d6c99de298bcbc55df6f1c0cf1844f4ab92315566","first_seen":"2026-04-21T12:24:49.085823Z","last_seen":"2026-04-23T13:40:25.984388Z","times_seen":13,"resource_available":false,"data":null}},"time_used":170,"timings":{"blocked":50,"dns":22,"connect":3,"send":0,"wait":67,"receive":0,"ssl":24},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/GameListItemTeams-CEtT3dwF.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.863Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/GameListItemTeams-CEtT3dwF.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/assets/LiveGamesWidget-iPe0Z4pg.js\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950254700; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2050\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=qEOPq86aTXY1cgxNBULL.92_ZmrnJzmhSdoEvIZ8bUA-1776950254.8947825-1.0.1.1-7xsyqvuDJZvaiYdPrYniS8zxbr96NqdqGqtia2Da5oRbXjGRzA1AnwJ_AvwOeC6YT5UWg2kGv3GoS92zzaUPAB2cAkjQX5xE96pqSIJRAr2ClxJKHdNVJLQ5RWCBlKVi; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=cvN3GtDDy48%2F%2BzjXc6YINYWl4u5j%2B89P16xPJwOUy6AAU7fMEZTf%2BnvFSIQ1dY4HLC7GhPQdcWPeIQ57VsPGJC8ommcfQpLBRF60uMC5t9jp3wDQY45t4eqZaVrmbQA%2FupbMNg%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=3,i=?0\r\ncf-ray: 9f0d2634bb7556b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":1600,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (1599)","md5":"7cb2f48f38bfb0279904944386f1e2a7","sha1":"cf32f17c46b46eb301ca9c2532b6031f4bb374af","sha256":"331931960cb4393acd95f6f05ca57031fba28c8c78128b7cb87fcfe24c398b64","sha512":"e3b54febb38accafd50c414d77c3af83f5ff80bfac64243a41227cabb853ecb339ec8fc5bca335340b409b3b3b1789d651b44502501507af2756f604d766c444","ssdeep":"","tlshash":"f431e089f020eef5f9514cecd97d4622b11a0e96cf7846d1e12d9b341a34116b31aeae","first_seen":"2026-04-21T12:24:49.053198Z","last_seen":"2026-04-23T13:21:42.168338Z","times_seen":4,"resource_available":true,"data":null}},"time_used":115,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":115,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/WagmiConf-D709ykut.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:32.619Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/WagmiConf-D709ykut.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.gallabet1075.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:32 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:38:43 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2329\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=7QNx0p5dSiYoPp80HEvuDLbyvWCzSHZ4rW6gejhhGYY-1776950252.7998013-1.0.1.1-hD8CCtLH2dR.d8.nzwTN1eOo4FR.Go3rtcuS4Fpiiu1S4G2579MMIue761bHBTQCjl1LG.9FWY6IZv6M7AcItrAkmw.CvdmCseOqcotnnHtvDbR_jovrATtCFntW3bof; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:32 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=b%2BW%2FgvK8L02ZQ%2B9O98oWAK4Vnx2sHDfsDBGBpzZJZXzltxOsa6FOQthotNgqkDec96rZPdgBRfeY4j%2B%2BXqS95eK6KIVXui2P6XZybNH5xfIYz4Jy0MbGgQw2KWPAQGF0vTY%2Fjw%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\ncf-ray: 9f0d2626d9ba56b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":100979,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (48215)","md5":"2bc1cff1b4a88fcb7d6d511ae355aa96","sha1":"563de1fda53d30945b4e8745cb90e639ec4ee8e4","sha256":"4eff938056fa9f0de8c26d57aa0ab88a57c0855dcaf7c7369a0ff21a2e960fc6","sha512":"357be7810700745a6117be7eaa66f2439f05e435cefd3c7bb812a17f40816a600494b4f8dafa95ea9a844a6b2729d6f29bf2c035878ac6f0079801a690259df1","ssdeep":"1536:o2Caz/SCdwD7ZajZlO7jMMDWOx6uxG7k8UhVxSuS7XUF3waGBfGYBgEytq2bPfAV:ZCaSlx5xG7NU+WEy1bP4v1K/XGd","tlshash":"39a34ad07196b46103a74ae008bf440bf239ac34200e565cf269ecde79b96e99277f7d","first_seen":"2026-04-21T12:24:49.089926Z","last_seen":"2026-04-23T13:21:42.232076Z","times_seen":4,"resource_available":true,"data":null}},"time_used":356,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":355,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/index.es-BkfTJV0A.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:33.343Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/index.es-BkfTJV0A.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/assets/WagmiConf-D709ykut.js\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950253281; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:33 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:23 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=1CVwawY1zfm9d6bzZzplcIAWJ0HOvkIoL0RkuR1kCLU-1776950253.7218666-1.0.1.1-om24d7Zaq68hkdMa7tZlbu_gxqwhzEoMY1jac5_dNNqyXwmY09uKgLob3tYc0rVl8nDQr538tgoqt3m30TvlQ4TQmtoWMLw1Ki40Mj_UFQHRgqDHfAULY.fOQckl4EZK; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:33 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=p8oAf4o2y5%2F8RSmiT4rP%2FQzm5epgvVcfOEZJ29H%2F4Ws1vO0doFC9kw88yu0ERKilh4ETKrXRR%2FuP7EMUDjq4Ic3CibR%2Bl87uQPCUNpI9Fc7P2vkdwlQ10x0ieKM9vOsN5%2BdKNA%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=3,i=?0\r\ncf-ray: 9f0d262b6ef556b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":295236,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (49514)","md5":"14273a4e1f174468d9ad125d59fdbf95","sha1":"323ac744c931566d8324a88ebd619c69cabede1b","sha256":"497891c74b3d2f85ae305a4055fd2110ba81387895c6feb67338cc8b454f963b","sha512":"5e3ca72b4b96d9e498548295a2251fbdbfc8ce1bfe4e8bf503e340d06aafcea34b03aba178a2ae5597460018280f8783663549fb0a57c5dc072f67fff4e85619","ssdeep":"3072:bzCw7+KZdQZv/7VXKAMJtSu7vYK9u6INz8P1jXJphlzfl8FnN1Nd6UBh:bz77jdU/7sJJMcvYisoljSFN1Nd6UBh","tlshash":"ad54fa8472a7f47543d665a8943b1542f23a5c64700c902cf6acfceebdac4499a3bf78","first_seen":"2026-04-21T12:24:49.049849Z","last_seen":"2026-04-23T13:21:42.155821Z","times_seen":4,"resource_available":true,"data":null}},"time_used":592,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":519,"receive":73,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/useOpenLiveChat-C_aqfNmB.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:33.764Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/useOpenLiveChat-C_aqfNmB.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.gallabet1075.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:33 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=PpYw0Zct.1BwM1QdJ79IFegbyxSjkzHl2rPHVQBICz0-1776950253.9283378-1.0.1.1-Hl_52wTuzSarEFe.SfsL.psNGNmJcd1XEN5LmEJnSFNposYEmIrQ0aXFME7aC.qBMMPu8QJOTntMGdZe3W9ozcmy1HHegQwzJYitBvKapf0R0BEGI2eyqr_F9NL43wok; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:33 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=h5rm8%2BH%2FmklP5Rlt6nz30Z%2Fm1RqubdfVO42uczSDMuJW6WTbEKYgx4d1dtGijMX67Ng4oa5G6HPKZJIasVbSE%2B3GVHG0vtODXlZ%2FzkDlxtbvQUDsCaLCoLITIm6Vxd2EO5BGHw%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\ncf-ray: 9f0d262dea5256b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":583,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (582)","md5":"b05dfb053febdb85be596bac72b4862a","sha1":"05e34092259cc0bd17a16f95ce919d1687186383","sha256":"e057e75f9b6a8f950c34f20a901597768538f90750bdf6c9aa5e2766f1a6e5ed","sha512":"270b643403c3db3d4d5d86f4b8585a7a6abd2b0e16018c9ac98eeab83f48775059117acd45ea51a1cd5d93532df6d36110e0525784c7932522e8cdc2b2f78e51","ssdeep":"","tlshash":"fff0e19a4154ae7cc0c08ec1501ba5f85b3927a4740dc842683f7cca6864c0586fa847","first_seen":"2026-04-21T12:24:48.870088Z","last_seen":"2026-04-23T13:21:42.13906Z","times_seen":4,"resource_available":true,"data":null}},"time_used":245,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":245,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/GameListCompetition-CDufXTne.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.196Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/GameListCompetition-CDufXTne.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.gallabet1075.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=U82EVfYXo2zc7LFWBwqFpw0ubcVe27SIn1zsESdav0A-1776950254.2659836-1.0.1.1-BJMTEJEGpavAs02wzHYBoydNyFaJqpuIF0e8aUbg1CaXUVnqquxgO3pj3jNDdhcckD6dyRnsF2J36ygC0nctunDKWYtsmgX4xl28CNFvANAkFCLp7akwsNIdzjAz.UGA; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9DYQ1Q3GIKP07%2BB4YtUQrLdmBnD4HAxYhVCvoVer9Ub7hy6hzUgGKq6DpjH7GAnBbf4wku9sI9YGRwAjab4YmGKk6sXGRT3MjIxi%2By%2FQQxk%2Bt%2BmIKMjuu3IfLNZCsg3Vas81iw%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\ncf-ray: 9f0d26300d2856b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":167,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text","md5":"cece9291e7e9a4b3d0ef3ba4b6ef0c46","sha1":"63e5889fce2617a81f38546d664e3f7fc63ed119","sha256":"8decca4ccfb6045463a8d709a6b02a8fe5b190a5b9ff71da64faa9fddce8c399","sha512":"c3b4296a20d2ecdd0e4efa985b818d53dc390004dfec6b01cd759209798a2a80a50812d4189be2a0e93fb197808dbd948128a1dcd6f9c52d36b006b40593e3a2","ssdeep":"","tlshash":"96c08c0684659bf9a91719e28b69a4421132853efaf48ad0c07486158e34aaae40ee9e","first_seen":"2026-04-21T12:24:48.975891Z","last_seen":"2026-04-23T13:21:42.128538Z","times_seen":4,"resource_available":true,"data":null}},"time_used":234,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":234,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"explorer-api.walletconnect.com/w3m/v1/getAllListings?projectId=45f4062f4f6427f9e6eab952d2452b3c\u0026sdkType=w3m\u0026sdkVersion=js-2.7.1\u0026recommendedIds=6db5c2cd78ea5a09e820b7543dacc90bf3b1727e5bbaddff544b301de1f74f39%2Cc57ca95b47569778a828d19178114f4db188b89b763c899ba0be274e97267d96%2Cecc4036f814562b41a5268adc86270fba1365471402006302e70169465b7ac18%2C4622a2b2d6af1c9844944291e5e7351a6aa24cd7b23099efac1b2fd875da31a0%2C8a0ee50d1f22f6651afcae7eb4253e52a3310b90af5daef78a8c4929a9bb99d4","fqdn":"explorer-api.walletconnect.com","domain":"walletconnect.com","tld":"com"},"ip":{"addr":"104.20.35.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.618Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"walletconnect.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Apr 2026 19:35:08 GMT","end":"Sat, 04 Jul 2026 20:34:55 GMT"},"fingerprint":{"sha1":"29:D9:EC:AF:28:AB:86:B5:F5:38:A9:38:B4:CF:23:E6:E6:9C:63:04","sha256":"83:7C:8B:D4:F5:FB:85:02:A1:F8:37:D9:53:80:6B:8E:C0:ED:FA:F2:DE:40:56:27:B6:C1:31:C4:A7:8C:01:8D"}}},"request":{"raw":"GET /w3m/v1/getAllListings?projectId=45f4062f4f6427f9e6eab952d2452b3c\u0026sdkType=w3m\u0026sdkVersion=js-2.7.1\u0026recommendedIds=6db5c2cd78ea5a09e820b7543dacc90bf3b1727e5bbaddff544b301de1f74f39%2Cc57ca95b47569778a828d19178114f4db188b89b763c899ba0be274e97267d96%2Cecc4036f814562b41a5268adc86270fba1365471402006302e70169465b7ac18%2C4622a2b2d6af1c9844944291e5e7351a6aa24cd7b23099efac1b2fd875da31a0%2C8a0ee50d1f22f6651afcae7eb4253e52a3310b90af5daef78a8c4929a9bb99d4 HTTP/1.1\r\nHost: explorer-api.walletconnect.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.gallabet1075.com/\r\nOrigin: https://m.gallabet1075.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/json; charset=utf-8\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, s-maxage=86400\r\nx-robots-tag: noindex\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 9f0d26339d0f56aa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4368,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"1594744c430c14575dd987b06663f8af","sha1":"6ae3a00b9045083fc80dba950b908f9e7513e211","sha256":"db922d127c83813e54ac9a7e4fb61318bdc34765fde199edd3859da07f9b1a04","sha512":"6dbc4888f6eb430e5c148b063707a5488e01f7a4ffef184ac67db37cb847c0d69eff429b0c1bd3122ca4b1594229d6f4f600497011a876d5ddaada4d1fb9569f","ssdeep":"96:nNSNbh/YiOQxX+1A2teUB7SOMVMrhIa1WUqrZurozkhLQtwN:8OQVqfhSPbUK6J0i","tlshash":"ec9110b79f444a5e2b2407c9702d3e9c855e250bcbc09ceaf0c0cf2984f9eb967559a6","first_seen":"2026-02-01T05:09:11.282943Z","last_seen":"2026-04-23T13:40:26.071462Z","times_seen":187,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":40,"dns":24,"connect":1,"send":0,"wait":77,"receive":0,"ssl":16},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"crm-lib.fasttrack-solutions.com/lib/js/fasttrack-crm-chunk-vendors.js?v=bc48296","fqdn":"crm-lib.fasttrack-solutions.com","domain":"fasttrack-solutions.com","tld":"com"},"ip":{"addr":"104.26.4.72","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:35.147Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fasttrack-solutions.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 25 Mar 2026 06:34:08 GMT","end":"Tue, 23 Jun 2026 07:34:07 GMT"},"fingerprint":{"sha1":"6A:FF:CB:88:7D:2C:21:DB:DF:9C:CE:23:37:4F:33:97:B2:66:83:F9","sha256":"D6:89:30:57:7F:09:DC:DF:2F:F6:56:BD:C5:FA:DD:99:4A:6D:A6:D6:C0:95:94:F2:71:EA:ED:8B:67:DB:6D:46"}}},"request":{"raw":"GET /lib/js/fasttrack-crm-chunk-vendors.js?v=bc48296 HTTP/1.1\r\nHost: crm-lib.fasttrack-solutions.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m.gallabet1075.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:35 GMT\r\ncontent-type: text/javascript\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET\r\naccess-control-expose-headers: ETag\r\naccess-control-max-age: 3000\r\nlast-modified: Tue, 14 Apr 2026 15:09:36 GMT\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: CNXe3DU2FEFHgpmxoo2VSt9O8EMF60CQ\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gIqClsyEKUCqz5%2Fq1V3yAsACaptbQaVVcg4wHLsH0sSN6MAfH3BiifHbkoOXoyY8grBo78qbMpkgfJaxtru%2BCqF%2BaSQZXk%2FXCGIhBTXfIZSi%2BECBQN4akWN7XV2nsyPF1gityA0vAk%2F7Envi9W566U0%3D\"}]}\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 1ad6d29ff66cbe7838d3a30dae2f9382.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: HjYmbkaTwEZoQfuXbKGm_Vm3o4l9QIUYE2WcHea3Z4XwsVD_Fki_Dw==\r\nage: 2158\r\ncache-control: max-age=31536000\r\ncf-cache-status: MISS\r\netag: W/\"914072ababccf9be7ab6560f2b73e2b8\"\r\ncontent-encoding: br\r\ncf-ray: 9f0d2636ec51b500-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":1880992,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (37482)","md5":"ab6829453184d168f60ad87cb317a479","sha1":"8793961d7cfc1f975b0004925ecb1b06d2a73ed3","sha256":"b6284ca1c291c1480a652c9273330648c0c77919725f49ca8c51ae3a0d2bc9f3","sha512":"8f8571daae9cf5373405429017b605bee1b854685f60a12bdb206a7d018572b750d78d3bb0f0730c70d43718ec75cd232d4313cdd573dbb00fd476eb5de4d69d","ssdeep":"12288:+iV5uogEvtEvvEvtEvNs3wHg9quyqXjb7EqGDeuPqK3c8WsIJyZmoJwCFaFIFSA3:puoOsAHgfyqXEZFJTIPgKzYJRr","tlshash":"3335a488299ff7500597e0e7e02b1d08d22eca35f847a4409fb2dbb36a72356d36de15","first_seen":"2026-04-20T06:00:31.850411Z","last_seen":"2026-04-23T13:18:15.332198Z","times_seen":3,"resource_available":false,"data":null}},"time_used":126,"timings":{"blocked":32,"dns":3,"connect":1,"send":0,"wait":63,"receive":0,"ssl":24},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"galabet.winwingames.io/img.png","fqdn":"galabet.winwingames.io","domain":"winwingames.io","tld":"io"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://galabet.winwingames.io/","date":"2026-04-23T13:17:35.950Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"winwingames.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 08 Apr 2026 22:12:39 GMT","end":"Tue, 07 Jul 2026 23:11:19 GMT"},"fingerprint":{"sha1":"90:7E:2C:27:B0:AE:B2:70:1C:09:CA:A5:EB:B0:ED:3C:FB:33:60:E6","sha256":"D1:CE:FA:9D:79:3B:F6:79:1D:CD:A2:97:87:52:B4:4C:7F:63:B5:FB:4A:22:66:FE:29:5F:38:F5:74:60:9E:46"}}},"request":{"raw":"GET /img.png HTTP/1.1\r\nHost: galabet.winwingames.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://galabet.winwingames.io/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:36 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 23 Apr 2026 13:17:36 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: EXPIRED\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DAXPFrgvz8yD63wPDFKir6f64dMwX3zNJHs0Csyff94UJ%2FniaTSWlHr6EjGsUfduHy0x%2FhE5E0ZyrEPhAGMz0beccuvDPzl1w1ADBoSoeVhlVYmQ3iVTqOrMZVzwwoLRJQHbPH%2F90T2g\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 9f0d263bbf03dfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":29644,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced","md5":"2ad3a45d82e0940f4c3dc90088721bdd","sha1":"a85bbcda89334914c332b2315aa94f32c843c867","sha256":"bdeff9d8a5ad9b3cb7dcfe91fe91080359bc5a836d18d2f78e1d308c412d87b5","sha512":"06a4f493c0b3fe9ca7ecbf17347ce0aab1e3447c4c62e2876b945fd13f40140cdf11b66e8a799492d8709ba21ccd90c54c7c5f446370bbc7e2579d0b0477360f","ssdeep":"768:VQRzoYMic5jrKBzf/csKDh/GxEsBJWnO2iPRvzLsiWY:KpMVjOzcPVOKJn1iPRHx","tlshash":"3ed2e12fe1997b7a550136f649372eb5124b0e5a54c3f878c31c68a8c217b08cef5ab9","first_seen":"2025-12-24T22:39:16.249591Z","last_seen":"2026-04-23T13:40:25.997226Z","times_seen":49,"resource_available":false,"data":null}},"time_used":273,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":213,"receive":60,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/walletConnect-CiycSUBb.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:33.108Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/walletConnect-CiycSUBb.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/assets/WagmiConf-D709ykut.js\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950253080; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:33 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:22 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2050\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=TDl9KuYPczwark0NVZwO7EcxCYT6nOwCB1Ly66TXM18-1776950253.152059-1.0.1.1-Fnf5YLExvRUsxY0vPxoAcV7VfX46BEyK8v4MqkybnrFaEGYz4TXqjDAadhEAubCehTDAR.Kj4AAAP87JfoAGNdupuFp5idRz8gDT1a0P9yIMVeYj1pTe93K.locuvdsA; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:33 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=iQUBdtskcUUkLf0I%2BtY%2BtJ2IL6gmYnjS9HVK4QdfqCHOomZ22ySvwPzPBzh68uWLadgfZ0NGO8b4fMFrCDu2%2FpHHdlHg0Olc%2BKbmJosFwH%2BAhf%2BUODejtN%2BL7favVtI0BHH4Kw%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=3,i=?0\r\ncf-ray: 9f0d2629ed3d56b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":1998,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (1997)","md5":"da47465662d5f1b88313ef72ebb29b9b","sha1":"e0d2fd5d0504d57d4b24f518b22952d2c988a7fe","sha256":"3bab1d05ac548fa6a9da34691fb10a9952e78e39de56d9db8e707490f5693803","sha512":"0caccce9e0a63d128acb707352cf961d8f203ab6088a491971a415a6902229d366a19c5983aa951831611446a97d432ac6eb2fa0aaba7cafee0d82e68688bcb2","ssdeep":"","tlshash":"cc4153ed9a14e4fccd74d1801ac9a709a0268ec6b40d40cb71cd912f0ffd4aad546b27","first_seen":"2025-03-03T02:49:15.275081Z","last_seen":"2026-04-23T13:40:26.073528Z","times_seen":1607,"resource_available":true,"data":null}},"time_used":98,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":98,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/UnavailableMarketEvent-CYfp4pDc.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.161Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/UnavailableMarketEvent-CYfp4pDc.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.gallabet1075.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=c.1XjKN7ng5AKnsZvWNOpOgjYx_GzswztGcqhW8jSss-1776950254.2639654-1.0.1.1-sRtOPIQHNHHLFULU2V8Po1BYJz7WJoJyELhaQ41ruqpZBYRJVKTBP6nG0PHbhj25SYslj65uBDTK6bukyD9DUhGZC_jxtoXSyZn9UkUBxgMc..rdPiUwcOlOAxAQS8lb; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TxMAU88r2Y%2Bn6mG3pkXdP2Thz8AECmedEFCYsWxH5P88mSMVQPwrB6l1K6Tz1AwLWwgLH8eGz%2FpGURRy045bA5COmOLssL0LKJd5C4lXF%2BmH1Ah3QfCNpnYtX8eHKCRzOAYlLw%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\ncf-ray: 9f0d262fecf456b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":308,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (307)","md5":"301b968db5a1b6c70ef45f96a70caee7","sha1":"af0ad681fa2065e8e6fc3de5be1bb8bda7c32aae","sha256":"ccc3b33c3b33fb19d13f76b0790ee81c1ff29d5aca03f7a0093e100de40fa405","sha512":"244dbca0ebc897e9105bf0be8f0d97267cf9ec27d0d0d3313109bfdf2892c75bbc7031a49e17dfb6d251c76ffd8e9dbabd80f3d8821c3ea4aab452f28fdf7845","ssdeep":"","tlshash":"6ee086096104bbfad5261cc8ce3a4b49511206a5c7a949d395a910281b34265350ae9a","first_seen":"2026-04-21T12:24:48.997389Z","last_seen":"2026-04-23T13:21:42.132252Z","times_seen":4,"resource_available":true,"data":null}},"time_used":253,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":253,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"go-cms.gallabet1075.com/api/public/v1/tur/partners/751/components/1974/contents?use_webp=1\u0026platform=1\u0026country=NO","fqdn":"go-cms.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.460Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /api/public/v1/tur/partners/751/components/1974/contents?use_webp=1\u0026platform=1\u0026country=NO HTTP/1.1\r\nHost: go-cms.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m.gallabet1075.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/json\r\ncontent-length: 2651\r\nserver: cloudflare\r\ncontent-encoding: br\r\ncache-control: no-cache\r\npragma: no-cache\r\nvary: Accept-Encoding\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=EPcuUkiduleotG6yXB9qTp5EOYwgXaqiWHu0rA2TK9E-1776950254.4168036-1.0.1.1-Xj4PpfPZRqSo61w1nBxlsS1Pobl7ju.LhuRlQ_9lJrKhhBwHpiHozebRehtGCBvLM3xg646LjtEFE7qFuZeemdnkphk0.L73yr2GhnV.mwDB8h4hVg4yydjwq.JQ5ZRq; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gGARwZno8nV2lFM%2BGuiVcvEtFOyopyiizMwgL1E3m%2BdRYkkwZhQ4m8zeVogujka1kiZLMEnrSvgRyWs1NKuopMkfF%2By36wARniH2pse%2FVx621LpZTxHVth%2BbsncTrC1LO66AmnI3R4X9\"}]}\r\naccess-control-expose-headers: Content-Length,Content-Range\r\nalt-svc: h3=\":443\"; ma=86400\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE\r\naccess-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization\r\npriority: u=3,i=?0\r\ncf-ray: 9f0d2631af0f56b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":12937,"size_decoded":0,"mime_type":"application/json","magic":"Unicode text, UTF-8 text, with very long lines (12839), with no line terminators","md5":"749a1194834ebd8ba577137d49c7c0e8","sha1":"dc93165713ea2551f3f70ece9b850901c94bfc51","sha256":"9044c1f660fbd9a1591413de2075ae95f584d9486018e85fc4bc0a5090132a14","sha512":"4701e781b6b4ed3e2a07011e08a6a467aa89266f8820af70bc4cf9f197a25a4fc3659bbbb9630d0a73c55f0e948e9f03d6791a32397386f29ec8c97fb6b031c9","ssdeep":"384:J95ZzIwuu4Q8YqhQYwsC07OTGe0UZQFfIpxCbN1xg1eZtZDD5Y5zhsDZvoXC2G:P3s0tvqyBjCkhlOVw0BzwmtJ1g1Wl6ZG","tlshash":"0342ef23b02dd9ba5b443b40b4c3394ac9dd5486dc0e9a70dd458f8d92ea62ec6e33d7","first_seen":"2026-04-23T13:18:15.33423Z","last_seen":"2026-04-23T13:21:42.223288Z","times_seen":2,"resource_available":false,"data":null}},"time_used":244,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":244,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"go-cms.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"go-cms.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"go-cms.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"go-cms.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/getLiveGameAdditionalInfo-Bn5y1a93.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.155Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/getLiveGameAdditionalInfo-Bn5y1a93.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.gallabet1075.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=BkWIRi4RGhLoR9yCGd4rM5Z4_V3o94pL6.fT4UJZOSo-1776950254.111001-1.0.1.1-zM.rYPs6N36KDRGXj1uTfabMowcywXgENKev6izObHwYW_SOafX_nEhux7bDIu3.P8NdAKi88NVjbOXKbynFh0DM38H7_FDOAmFo1VNO1A4.jI8FPZ2w3TB3xd.OQway; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KsD8irav1xzoyhKdCAI0m%2FAF%2BBSov7r3WZDPek5DPHk4QwZxAf8Y7vQ9p3MNg5auEpUXmBu4EjdAkpWeNau2sCJ9xtM7boXhZODXfM5AE1tG3v7gwVU9RjnQgUr4TWOKmCjvQg%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\ncf-ray: 9f0d262fece656b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":1150,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, Unicode text, UTF-8 text, with very long lines (1148)","md5":"8b743c5d72844c3db6164a2a1f684358","sha1":"e2b4e8733e2d176b5e0f2b2b3189221f475c421b","sha256":"dfa7b4b99866043001b4c7d477256cedac63f2e95dcf2308cde374d13111915f","sha512":"d78cfc2f29330f3f33bfcac2be9a20e7b9a0b56054ac138d2642499694c9a8db4595fba66f2a20cf63ffc93129110474f6c7926dcc35dc20fe332f78cee67654","ssdeep":"","tlshash":"e82114b6606e92bfb5da4d945ab01b31a2b5ba09394445ccbb3cc9091977484a7e203a","first_seen":"2026-04-21T12:24:48.897175Z","last_seen":"2026-04-23T13:21:42.164014Z","times_seen":4,"resource_available":true,"data":null}},"time_used":101,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":101,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/GameListCompetition-CDufXTne.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.865Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/GameListCompetition-CDufXTne.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/assets/LiveGamesWidget-iPe0Z4pg.js\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950254700; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2050\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=_h9wLN4clPw4x5SE8gapD75XZGglf_xYdtEpZQ8_F2k-1776950254.894295-1.0.1.1-VunQXIPmlgP436EeEHQtpH6_xPE5_p8RYDxsYsZcn0B8K.hacF7A4HtxUf0ACffYStFY4Fx6lJ6p3VKWAsZmpkgX5_2pIRb9CYcuV9lGij1uDiRWmMRDHBUiSYGTlHa1; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YpBWje%2FFmYWvynySNyJLBfGZBTLwdU3tozTG%2Bafj30AXpPSUJp8oJbxvFyc4lDua%2FbtJz3Fu97LTWREDeia4M2O3EnqHIGqYDgW4Kq76e%2BFpwhq51rW%2Fx7IxqxgF6RVG%2BVOaaw%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=3,i=?0\r\ncf-ray: 9f0d2634cb7d56b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":167,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text","md5":"cece9291e7e9a4b3d0ef3ba4b6ef0c46","sha1":"63e5889fce2617a81f38546d664e3f7fc63ed119","sha256":"8decca4ccfb6045463a8d709a6b02a8fe5b190a5b9ff71da64faa9fddce8c399","sha512":"c3b4296a20d2ecdd0e4efa985b818d53dc390004dfec6b01cd759209798a2a80a50812d4189be2a0e93fb197808dbd948128a1dcd6f9c52d36b006b40593e3a2","ssdeep":"","tlshash":"96c08c0684659bf9a91719e28b69a4421132853efaf48ad0c07486158e34aaae40ee9e","first_seen":"2026-04-21T12:24:48.975891Z","last_seen":"2026-04-23T13:21:42.128538Z","times_seen":4,"resource_available":true,"data":null}},"time_used":113,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":113,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/LiveGamesWidget-iPe0Z4pg.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.180Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/LiveGamesWidget-iPe0Z4pg.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.gallabet1075.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=35rfGx9P20p5bbZiqw_cPnAtx2BLv.IjJXEPoGvdo34-1776950254.2625148-1.0.1.1-9b49NKqMAb98NznIlHyxEr8YZ6kS_C4.RzLEzmfPQQZDKA73ta5.GYz9fpjQDXd_BYVnC5XciNlJDrtLUkT4Tbcy9_rOfep7Al1VjEfzG3tjeSATUteDvmZF8itvBGl2; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TU%2Bi6kAELXDJWVFowP4%2BbTczoOnf%2FUrmEiCIM9AtBODP7OrqEompcYBkoYNJ5%2BleYt2QMFR5604TLU%2FlH6SWD%2BI8zCDnocuI3M4S5JuafZydttDk4nbVIsejdSccUbwu3PQlnA%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\ncf-ray: 9f0d262ffd0a56b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4061,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (4060)","md5":"80c5d38349d2a6ed139d7c30262a07ee","sha1":"833fc61ce17f6130d18c3c7abc82897d611d4d5a","sha256":"bc6d5f152dd941af45d0155fdf80ded6632abd487f9251935f811f88ac156ce4","sha512":"fce1ac12abdc334ab0816baed265ed3d09a0f8c73f950269a883f2f6627a734b48da6f036cdd85cd46b438788a50143b8cfb13c733162cb171d2e77d9391dbea","ssdeep":"","tlshash":"fe81e887d0b891fd642e8ce8f1a4d2500a322a95d7b14710f1de0739136c299f61ef6e","first_seen":"2026-04-21T12:24:48.877327Z","last_seen":"2026-04-23T13:21:42.129705Z","times_seen":4,"resource_available":true,"data":null}},"time_used":242,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":242,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/events-1g1c6Kmi.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.520Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/events-1g1c6Kmi.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/assets/index.es-BkfTJV0A.js\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950254227; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:23 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2050\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=GlnoLI_HUaTGqzEprQugFqSJaaBM.9L3c1ev_BiFYwY-1776950254.4479468-1.0.1.1-tQlkP3CynbOS_9NzIM0MP.vgBwTTGJ9L4PkvCXBoGCKqlTDn26Va2jO1xjYj3zG3_AAD1usJwRIFtnIg6S27lDDNY9n1s27nzqKBbQIGLREXccIs9jLiR.PLgb6sKuik; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Ce6FC4OM75dlWWDmkfysWyKZgU7XRPQlhLW%2FSKzi4IYoCC0EvyABEBd6mjEx%2Byp6NLDechA8q%2F1UE7rGAxpdiZ374yBOsFEk9%2FM9pwZwxE3cwui8rxOqPy5RpuYVvZ8HWsGfaQ%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=3,i=?0\r\ncf-ray: 9f0d2631ff7956b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":6141,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (6140)","md5":"36da527a5cac4a34d0db7d9918e99fc5","sha1":"988fbe6bd49724f3c91089eb7d83d308c4c17230","sha256":"4550eb4e481ccfdee74d71d76d9e2331e2130a517aaebc1390016833a135d95f","sha512":"82f8ef57a5a79e627ee3585fa432fdbbfc8a8519c454b30a2b3602e9eb4eb0a8bec36663b1bf75327e7af4cdb3d3f6b93d7c6b16bef2329b7769cafc00a76499","ssdeep":"96:rd9bkM29yWHs9qYfoJCOoRLRlqSpbDq6v3WZHbK3hMSNPaVqsVqH:r3IM2sWMtBq6n3PzH","tlshash":"b3c143ccb38574b013e7e3abb07f520bf134a598740c5108b61aecf9696bd9a4126f78","first_seen":"2026-04-21T12:24:49.042921Z","last_seen":"2026-04-23T13:21:42.135149Z","times_seen":4,"resource_available":true,"data":null}},"time_used":105,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":105,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/index-Pd1BUwU6.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.669Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/index-Pd1BUwU6.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.gallabet1075.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2050\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=LedKg74NQKwu8Ok_nktWCuVVHWwEsOR_4C1eMFFR.xY-1776950254.7207696-1.0.1.1-4kjJHVy85neqvfxhKXPzESaeetLqAqOInkiqjs8V6tf1U66sFKb5QCCgLjQHmymb1ivHlh0plOqtMEbrIThD51gTd4B56TgVqlk34qBR6KD96AB_8Cm.k93rUxHEQEqF; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=I2JejZVkJ22I9nb4d3oa%2FSUBc0YI9cPRZ9xNYvBSZPGvVr%2BC4QK5nGAgQRxnRBgdi%2B7yeJzBXCIxXol75xvtedpoBGDopKv7T%2BFzjQglsNGIWB7jxoZlR1B7teXYDEgeXnhQ%2BA%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\ncf-ray: 9f0d2633ba1f56b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":2923,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (2922)","md5":"47c51419dd5562f5792c0c7dc42e742e","sha1":"e204e73bc9976ac330b6eaf057843e350226728d","sha256":"4737ce990a50bb36d1cc20cace204ae3b3fc533c1d322dfbacba962c916b91a8","sha512":"331a871e9de89557ede808f0b73caa9342921b6c15421b8a413c0cc4433554e253d34dfa36e5eb7c780b3e4aa644263d8178d1ade25f9f3f4bc2248baf8e2fca","ssdeep":"","tlshash":"515132cba042e7f4bfe708e6819b10b074378d5cfe1b449092be58964958752e36bf4d","first_seen":"2026-04-21T12:24:49.051938Z","last_seen":"2026-04-23T13:21:42.230897Z","times_seen":4,"resource_available":true,"data":null}},"time_used":100,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":99,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/SportsGroup__platform-l0sNRNKZ.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.857Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/SportsGroup__platform-l0sNRNKZ.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/assets/LiveGamesWidget-iPe0Z4pg.js\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950254700; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2050\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=SoFg71CIlXUGv_P2mRvFTec5GlLUKBLyu47Vjc7.2rE-1776950254.8888133-1.0.1.1-lvdWDuZhF3z.JM1.8GPBxii1yw35FjVInKbZZTS4xO8ocgInbAWkKEr0QdXXlh6QGmiljHyDQao9t_LDCP4nS8oYAd.f6XAUrtD_2CXZVFEXrzsRyeEXLg0qxEve4A6v; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RcAyebu4fQq8udNSX58RwOVzGyVUlE6nCXCZzm4IZheLNlT8cxndiN8tWS36gdtfJjosLjoAj2z%2B2mU257z%2BgLVzk%2B%2BZBcQOlLaCXyTnmW05kXxMe3vK80T00pI0j%2BF904Ekow%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=3,i=?0\r\ncf-ray: 9f0d2634bb6b56b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"very short file (no magic)","md5":"68b329da9893e34099c7d8ad5cb9c940","sha1":"adc83b19e793491b1c6ea0fd8b46cd9f32e592fc","sha256":"01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b","sha512":"be688838ca8686e5c90689bf2ab585cef1137c999b48c70b92f67a5c34dc15697b5d11c982ed6d71be1e1e7f7b4e0733884aa97c3f7a339a8ed03577cf74be09","ssdeep":"","tlshash":"c700000000000000c00000300000000030300000000000000000000000000000000000","first_seen":"2023-03-07T01:02:54Z","last_seen":"2026-04-23T17:16:20.046784Z","times_seen":191820,"resource_available":true,"data":null}},"time_used":108,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":108,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69e6f4c07ce/js/twk-chunk-2d0c8092.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:41.273Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 06 Mar 2026 09:33:33 GMT","end":"Thu, 04 Jun 2026 10:33:27 GMT"},"fingerprint":{"sha1":"F0:6C:DC:32:63:CD:34:E3:15:CD:7F:77:F5:A3:64:E0:9B:36:95:83","sha256":"B6:7F:6E:A3:69:3E:0D:3B:04:3E:8B:65:86:7E:1D:5F:82:84:18:16:8D:AD:72:D5:51:E3:46:BC:BD:CD:BC:38"}}},"request":{"raw":"GET /_s/v4/app/69e6f4c07ce/js/twk-chunk-2d0c8092.js HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 23 Apr 2026 13:17:41 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 21 Apr 2026 03:54:36 GMT\r\netag: W/\"8e1fd56881e603bfea6cc93c10b24bc6\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\nage: 206537\r\nvary: accept-encoding\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nx-content-type-options: nosniff\r\ncf-ray: 9f0d265ced09b509-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5261,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (5261), with no line terminators","md5":"8e1fd56881e603bfea6cc93c10b24bc6","sha1":"faad055fe1c9f8973ee196f6f2516b5330da3eb4","sha256":"b633712a574025a2652d96a1661f7df6f46d1d078e91afe33bf807b67d8eea1b","sha512":"8f806f63b4b03f201b864bdd05c93bcdf03295f77c698f4f78c5bcbbafc01e56cd440eadcae08f880c9c23ef4792cade6f4bcbb4d6a1ca630f3d8f674c364fdf","ssdeep":"96:zNC9Hqt7pEma7hY/rcKAJBPDRIv6hJQ7i16p3n4vkjvxQcsD:zKHhNYKLRIvgx43nVY","tlshash":"e1b1859af247b456c156225150ef3b1df33a281ca61ccdc4a66965f218784cba077b39","first_seen":"2026-04-21T04:02:24.321466Z","last_seen":"2026-04-23T17:55:40.603243Z","times_seen":694,"resource_available":true,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/Firebase-CifH36fp.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:33.773Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/Firebase-CifH36fp.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/assets/index-By9i3a2L.js\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950253701; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=83kj95NXzA4j.sxaa0yo_D74te8pXIIwq_x0tHtUn3c-1776950254.0369782-1.0.1.1-JVg1f8fQD8AsDGqozA9mOhSOVTEC9Jc1HAJ4j7k0EPcZ9e_rCu79wfXzcbGZJBEMJVl3yvTimmsJQCcigCVKuPQ_RBo6LIORn4T8.cvuYGx6C_rFbPZ8tfdDkZiXFjDr; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=r1r4Ia10hmkhk2eoffrCzxA5C%2F5qDeTWEQ658KTxGFeoGhfB0VUjMu4E35B%2B1rHA5gkhlBeqB5KlRPS2TJ15kF27Eju5OiW4LYSewRXQARj%2ByPfS3wOQAgWPOUIcMVjYSHRlzQ%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=3,i=?0\r\ncf-ray: 9f0d262dea5c56b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":84095,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (4779)","md5":"d23df4ffc78896569b07187cf4a48d32","sha1":"e273ad423a635ff19510aaa37ac6463bb6c1a27e","sha256":"e25409253f5c5bc35aec45ef960561be1d9c89c60bfde100b52a181bc11c0e18","sha512":"f636a22cab13b3cbc6ef726f2561a4e2f15526b44fb3f07a97e1109ef0013af95d9ab3167b6328523599f7f106c36634ffd2548d1c454c4892dab846dc5c093b","ssdeep":"1536:H4B1ZtLG0w0MlRdcuwMU51uxIZOLphF4yslNmuICMmWJRvebilqVotWL8Avw+u7h:Hs1ZtLG0w0MlRdcuwMU51uxIZOLzF4yv","tlshash":"cc83957d7a922a3317d189ab792f50cbb319c64d390f8394741ec0e91e3e45a45faeb0","first_seen":"2026-04-21T12:24:48.879237Z","last_seen":"2026-04-23T13:21:42.200059Z","times_seen":4,"resource_available":true,"data":null}},"time_used":388,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":388,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/GoogleAnalyticsTracking-KNUPbQw3.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:33.788Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/GoogleAnalyticsTracking-KNUPbQw3.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/assets/index-By9i3a2L.js\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950253701; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=NdSncFHcyPYjnpwzwva4NRpUcbYsynrZi0zVvK_u154-1776950254.0545228-1.0.1.1-ibTZzidDm5DLDUWtgr.CSy3GX.7qiZjlkmFGNgkpxbqt5oDgoKSnkkEsOOe.gmTi.4hDCN57dhLIj9dFt9P5naFtLw1GdILkyLPSpEGXCNfy.E3PBGuphR4goiqW8P0c; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MI0jDeFCFcybymLFVPi5FcgJtOuYmTHaRoyEeFr9c8ZQg1dc2Nx%2FUJagi9x9cIJqe%2Fw6eka%2BzaiZBs6favnuaDAOOxilFYhp2cqFuVA5LYVG1vWMiCmtyFxAGBoE1k3TDBt4mg%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=3,i=?0\r\ncf-ray: 9f0d262e0a7d56b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":13706,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (10210)","md5":"55bab6325a5888c90cb320027d1f1674","sha1":"f4b5521240341ca8b7868c02ca44d6e52c4bfa01","sha256":"0e621617c4fad30c06041e2a9753a330e3afb517dc0121e2885ac32d6280f48b","sha512":"568e913d1d6e906d1e67c4c9fc922f7dc21af1761e839c4e0fcfc49baa2b3c88701169d96af31c89021f9c32e8fda6c2e60081c1995c7c2128aba5c71994957d","ssdeep":"192:QWYceR0SE+m/CTb3bHXCT76hYMGE0VK7D6L7kBNrnPsh52tJz2PM7mBE:xYcoE/CzClEP3BkS2PdBE","tlshash":"e552b55c32adb0b682df6054587f720bf1755910a458f480a275edf46ef8cae02abf36","first_seen":"2026-04-23T13:18:15.267749Z","last_seen":"2026-04-23T13:21:42.132957Z","times_seen":2,"resource_available":true,"data":null}},"time_used":362,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":362,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn./tracking.js","fqdn":"cdn.","domain":"cdn.","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.888Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /tracking.js HTTP/1.1\r\nHost: cdn.\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-23T18:09:27.649541Z","times_seen":14112422,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/fonts/default/Roboto-Regular.woff2?v=170","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:35.200Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /fonts/default/Roboto-Regular.woff2?v=170 HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/assets/index._m59fQOD.css\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950255167; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:35 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 72024\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:45 GMT\r\netag: \"69e7308d-11958\"\r\nexpires: Thu, 23 Apr 2026 13:47:02 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\naccept-ranges: bytes\r\nvia: 1.1 google\r\nage: 1833\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=YjnIz5SWhXX81FWIvUL.REEtJQboR1BKk3Bc6Rhd8yg-1776950255.2411351-1.0.1.1-UIQf.oJshyrxAPiW3k1EDPBmIN3TyCsjSo097_Zr7OjiyvyoYGq05CiYkFUQKLJjYEZBNFyZgtfyG0Xhok25s7gYSz.oEx5eyesTbDFfD78BuLe7w8_wtiTAwBPn9RxT; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:35 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GwVAuQL8q2DlSq9rL5MBDgBI2jgBHXA5R4J8daFxesXHFt21nyXCPkWYmTjJMtD8jQL4D0VLy0egMJ5SovSvxkyxWtHnt8MeyLJ1PAAXizEnezjNRP3I%2B7xA84PehdLingmM1Q%3D%3D\"}]}\r\nx-xss-protection: 1; mode=block\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\npriority: u=4,i=?0\r\ncf-ray: 9f0d2636fe4e56b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":72024,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 72024, version 1.0","md5":"30c281e94eab37286ff7770f3e51858b","sha1":"7a5cc673f005e9f384e322f8fde4795b0f750778","sha256":"c4a69a0b671392fe569ef74b4a59e0d2e769837ae59beb3944ac72ea240912c5","sha512":"d5b0686a2dce238f2c825169a19f0425fccdf6fe2d6d4e3704a02f618ea96bf1e0827c158b63b221dfd1f35094f4a420abab4ebf984f9993c6a080ea44b3d2a2","ssdeep":"1536:Y/pXAWA65c5JbaWR/9Al5ceizufFxY4lcWVZGDULZu8uqO1:apn54BREjCuvY4lRaK1uq8","tlshash":"3e6302c4ae4f1bccfd67d5add8859e6a1b8ef1b09320106de3119721ef4b403b3692a1","first_seen":"2026-04-05T07:31:10.87701Z","last_seen":"2026-04-23T13:40:26.067161Z","times_seen":22,"resource_available":false,"data":null}},"time_used":231,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":169,"receive":62,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/events-1g1c6Kmi.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:33.340Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/events-1g1c6Kmi.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.gallabet1075.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:33 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:23 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2050\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=4xVGlTETmlxjqdbtpGD5haze2S9Nc0wIMaGvimYu6AM-1776950253.5169282-1.0.1.1-Dv4l5_BHj8gplEhf9aUBWmDFv6PfXxpJN3W1i0.q1Pbynmsllr4kBMy9zcIju4RE1dN6vAS.RK73rpeQKlGdLsZ.6kuD0.H2Hh.1ozo8E5aNGULrN.Kox1LdmKzAgwVu; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:33 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vf9Ww96KZoT7btm7BtlMTUuNDA5nQRJ6ar6qN4wODL5efjJRyqkZ5xF%2FCdFzeemJ6BDjrJ7jskxlZgVLYl2OkXwN7D55LVWloPvJ7ZKydgFcFXcjc184hO0zBFeFDIRMwwTwTg%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\ncf-ray: 9f0d262b5ef056b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6141,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (6140)","md5":"36da527a5cac4a34d0db7d9918e99fc5","sha1":"988fbe6bd49724f3c91089eb7d83d308c4c17230","sha256":"4550eb4e481ccfdee74d71d76d9e2331e2130a517aaebc1390016833a135d95f","sha512":"82f8ef57a5a79e627ee3585fa432fdbbfc8a8519c454b30a2b3602e9eb4eb0a8bec36663b1bf75327e7af4cdb3d3f6b93d7c6b16bef2329b7769cafc00a76499","ssdeep":"96:rd9bkM29yWHs9qYfoJCOoRLRlqSpbDq6v3WZHbK3hMSNPaVqsVqH:r3IM2sWMtBq6n3PzH","tlshash":"b3c143ccb38574b013e7e3abb07f520bf134a598740c5108b61aecf9696bd9a4126f78","first_seen":"2026-04-21T12:24:49.042921Z","last_seen":"2026-04-23T13:21:42.135149Z","times_seen":4,"resource_available":true,"data":null}},"time_used":233,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":233,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/SportsGroup-B_tOjaA7.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.855Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/SportsGroup-B_tOjaA7.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/assets/LiveGamesWidget-iPe0Z4pg.js\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950254700; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2050\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=JDycb94VhGfnYYgCit7hzpdMUxCpo4XIujf1FtShH_A-1776950254.8798833-1.0.1.1-8dTvcyvMnNDaML8s4bIJ2215OcCGIk3uMmCY.xNpj2ayqP9vdzO3NmASkhoX.dTBbPZbD.WR2s7O7rZ2wOPyPpTa56b6qDmZ8B.IQWqTIHpZJqhdyFSTD5bwRIad_eAA; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=i5BOQLLH8QOsJY%2BLjwQdfgRiGlA6kYB8bGMEnW6K3SQWl0SXX0MuO3dFoXV25WpjMSxSNANyXXdMQKvq1OWypd2iGL%2Fdoqe3pDNvmtyLbdywoDiiova3yj0qUqS0BxzdSAAKXw%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=3,i=?0\r\ncf-ray: 9f0d2634bb6756b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":639,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (638)","md5":"b503b50fa0f771bc1dd1b8be6de93220","sha1":"af0d2d427f35c4fd11d6ccc32ad58fa113c84590","sha256":"753f8c285d79eeab5cf0a8feff56252e7dc57beb58b9bb0670c242b4e9b0fe91","sha512":"41d1a4f85c75421df1a00af94c477cf11967be5e8f48985ee33639765106afe7688246d7d358bd5a876eff97606ef43cc58284437662f7c33794bc2ecd9807a8","ssdeep":"","tlshash":"8ff07d04e034ebbcd53b09c1969e0418305e0a74eaae09e3d0fd193aba780d57a4efdd","first_seen":"2026-04-21T12:24:49.006572Z","last_seen":"2026-04-23T13:21:42.142013Z","times_seen":4,"resource_available":true,"data":null}},"time_used":109,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":109,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/Notifications-w2cxzdeU.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.861Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/Notifications-w2cxzdeU.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/assets/LiveGamesWidget-iPe0Z4pg.js\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950254700; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2050\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=nHCVnzWO71Qt90.GvplhJjkaWR06AlDTzUlC1jJ7oM0-1776950254.8854976-1.0.1.1-i6sqBnuVKQjZk8Ovbl1B0ebVgwCqGdEa9AkwcdH813gqW3J_2InlyNbb_g1SqVYcw.8X3mNA88zqiLPKNJxXjeoItFXIHtf.8F1wYgUrp7lN7O_V4Vp7_o44NURM6wl7; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=54l7VUy0Y3paYjAZBJfCwKzzIMoBnOVLYOmAB7lvEUM%2BsNKXmAd798eIz5hq12%2F0FgDdNSzxCoaE2XBL2oi410Jl9nQudSY1Z9Kr7M32yc%2BIDzSXyoWboaujBKPeMs2daeRIdQ%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=3,i=?0\r\ncf-ray: 9f0d2634bb7156b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1112,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (1111)","md5":"1daf003af42fec8d9b9896dcc6f6d3ce","sha1":"d4b08dd14ef567f8d8aaefa2416515655f18fd33","sha256":"327a7a6d6a1d59e3cc8e1687f32e8152027ea7b7a71f9c000a978e673ad988af","sha512":"fdfecf058159d80e76a6018f3172ddd0c46c47519a1163c01973e969d2c4ccc962ee1a68c6c0921150910f3b7a098f02e02f1314b53315e69b16cb9ecdc29dd9","ssdeep":"","tlshash":"652163df6082dafc292148f6432b2a32703708587939481602fb1d2036acb0ad65fe8d","first_seen":"2026-04-21T12:24:48.92823Z","last_seen":"2026-04-23T13:21:42.172413Z","times_seen":4,"resource_available":true,"data":null}},"time_used":106,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":106,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dataspot-bucket.gallabet1075.com/configs/d212f7f1f16e55d50593214ba05a0f99.js","fqdn":"dataspot-bucket.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:35.306Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /configs/d212f7f1f16e55d50593214ba05a0f99.js HTTP/1.1\r\nHost: dataspot-bucket.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 520 No Reason Phrase\r\ndate: Thu, 23 Apr 2026 13:17:35 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 7429\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\nx-frame-options: SAMEORIGIN\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\ncf-ray: 9f0d26379ef956b5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"520","status_text":"No Reason Phrase","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-23T18:09:27.649541Z","times_seen":14112422,"resource_available":true,"data":null}},"time_used":76,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":75,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"dataspot-bucket.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"dataspot-bucket.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"dataspot-bucket.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"dataspot-bucket.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"va.tawk.to/v1/session/start","fqdn":"va.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:35.723Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 06 Mar 2026 09:33:33 GMT","end":"Thu, 04 Jun 2026 10:33:27 GMT"},"fingerprint":{"sha1":"F0:6C:DC:32:63:CD:34:E3:15:CD:7F:77:F5:A3:64:E0:9B:36:95:83","sha256":"B6:7F:6E:A3:69:3E:0D:3B:04:3E:8B:65:86:7E:1D:5F:82:84:18:16:8D:AD:72:D5:51:E3:46:BC:BD:CD:BC:38"}}},"request":{"raw":"POST /v1/session/start HTTP/1.1\r\nHost: va.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.gallabet1075.com/\r\nContent-Type: application/json; charset=utf-8\r\nContent-Length: 180\r\nOrigin: https://m.gallabet1075.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":180,"data":"{\"p\":\"67f6eba3c3ea8019132be7be\",\"w\":\"1ioe8gtih\",\"platform\":\"desktop\",\"tzo\":0,\"url\":\"https://m.gallabet1075.com/\",\"vss\":\"\",\"consent\":false,\"wss\":\"min\",\"uik\":\"9AxeCG34XPE2PQUeWh0cX\"}"}},"response":{"raw":"HTTP/3 200 OK\r\nx-served-by: visitor-application-preemptive-05kz\r\naccess-control-allow-origin: https://m.gallabet1075.com\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 3600\r\naccess-control-allow-methods: POST,OPTIONS\r\naccess-control-allow-headers: content-type,x-tawk-token\r\ncontent-type: application/json\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ndate: Thu, 23 Apr 2026 13:17:41 GMT\r\npriority: u=4,i=?0\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\ncf-cache-status: DYNAMIC\r\nserver: cloudflare\r\ncf-ray: 9f0d263a4bc05685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1041,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"0063ecace499870c88699b1b6dcd58d0","sha1":"b75cfdf86354b71dd55b918ff9f6d6ff8874c805","sha256":"848a631074f6a494fa667ee900a4fdbd7688c5213f7061467bd87dd0bd7945f1","sha512":"3d5e46813337cd1f1dd98a16eed41f19d4c50fb596f2a20fd9074aa1b65a9c239e2d68b38d3bc8cc4bb082eacea43c521f2733a4cfb6484d6d9810a721053317","ssdeep":"","tlshash":"8a11a819299f2d5e2653556e0ed92e2813cc4be1b5d84c6cf4e2ce4d349476e2482cb1","first_seen":"2026-04-23T13:18:15.34104Z","last_seen":"2026-04-23T13:18:15.34104Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5492,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5437,"receive":55,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69e6f4c07ce/js/twk-chunk-2d224aff.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:41.242Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 06 Mar 2026 09:33:33 GMT","end":"Thu, 04 Jun 2026 10:33:27 GMT"},"fingerprint":{"sha1":"F0:6C:DC:32:63:CD:34:E3:15:CD:7F:77:F5:A3:64:E0:9B:36:95:83","sha256":"B6:7F:6E:A3:69:3E:0D:3B:04:3E:8B:65:86:7E:1D:5F:82:84:18:16:8D:AD:72:D5:51:E3:46:BC:BD:CD:BC:38"}}},"request":{"raw":"GET /_s/v4/app/69e6f4c07ce/js/twk-chunk-2d224aff.js HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 23 Apr 2026 13:17:41 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 21 Apr 2026 03:54:36 GMT\r\netag: W/\"4e42f0fadb3d2018d982139dbc5a9af2\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\nage: 206537\r\nvary: accept-encoding\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nx-content-type-options: nosniff\r\ncf-ray: 9f0d265cbcffb509-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":18392,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (18392), with no line terminators","md5":"4e42f0fadb3d2018d982139dbc5a9af2","sha1":"d12184ccaab5502bc156c188c297f86645558c01","sha256":"e161173c1acd3f82e0a41546fb7b2f376e79f8c27961f80d4461d62e95c079cf","sha512":"e90584ce35254420922b8419185fba82b84092230827ba7d5ce318b574ca4955d6088ab40101198b0e709f2eccf2856e276ac91ca2a63bf9e38f4fb6063dbb18","ssdeep":"384:jqiSR0nIa0kIrCQl2kL3kCRGN//h6LiJq:SzP2D3SLi8","tlshash":"f2822ba6f149311bc925c751605f2228b33b19a9fa1ece7df2745cf245a8cc2906af3d","first_seen":"2026-04-21T04:02:24.316925Z","last_seen":"2026-04-23T17:55:40.610669Z","times_seen":694,"resource_available":true,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/menus/header_menu_751_tur.json","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:33.354Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /menus/header_menu_751_tur.json HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950253281; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:33 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 14:17:33 GMT\r\ncache-control: max-age=3600\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=cQmvR86bJl5RG9f8WEjYfQoycspKobyCVRcgtg306qo-1776950253.402101-1.0.1.1-7vTvfYnOnsQkHVGztVFEn2HFuvWRgJVuPSCyFpYNoWfFLDcDqQas1c9NAKgvm6DzbRfwNQRFsbr1O4e6CHYEwXK7bckiA1fv1Nipouy.3dPnp74g4kHn_jPRbxVPuNv8; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:33 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TLmuReVKrYxrxqgNjl0oFnqDWuPMRpMy4bpkXw8cEI4rDmSymTx7ME01DWswnel3paWeaR27d4rklnbz49pZMrxUyHBmRV5mtZpWggwgpNKatNuJ9EuU99z%2BXU2a%2FJygo8W3Qw%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=3,i=?0\r\ncf-ray: 9f0d262b7f0a56b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":16361,"size_decoded":0,"mime_type":"application/json","magic":"Unicode text, UTF-8 text, with very long lines (16337), with no line terminators","md5":"1fcf1e2dc37eb2f467aa7fb24b0bd788","sha1":"17b4e8439c54d9c10e0724f0c2def028035f70e5","sha256":"8073685891167c0367af27c89676c4b9d3b2140aab4cb7219525adea8b8c78e2","sha512":"028f491dd4edfd2d4f3dd5fd7b3f3ba79dc31e65453ce5833d712d1c5d66420c7dcf42aade050d51a2894738e630c663ba8d866a482e07485f598a7b8f1a47df","ssdeep":"384:Mcw+PO9HzZS33bQgevgCnNTiAO2Ba3r0pm+x1A7TEN7VIE+jKeluWqc0F:Mcw+PO9HzZS33bQgAgCnoAO2Ba3r0pm8","tlshash":"73721702f01d59b6d3183e007cc7ad5b98cd509d6c9d4940ad4d8acecbd94af8eca6eb","first_seen":"2026-04-21T12:24:49.060798Z","last_seen":"2026-04-23T13:21:42.241959Z","times_seen":4,"resource_available":false,"data":null}},"time_used":148,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":148,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/SportsGroup-B_tOjaA7.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.183Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/SportsGroup-B_tOjaA7.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.gallabet1075.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=_TkqdhV4Qp6QS4V2HIdWdLRqQjPv3Xp4iiy9YRAs.sU-1776950254.2655168-1.0.1.1-rVzNJXXp7TTlaCmzDganK9oduPLkgYdcmZXdm6kDYb28ZLNwdJWFaaBMbDj.cJc_2rE9M.OdHEOmS0vrnsm8kS8LkPWof5I4zAMXBMhCh6_RftyLb1S8OoHMxQduHqM2; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Uiail6dJYBpRkOMVMFEVaLBIqtFiquvepaarFSF3rRXCa0rbrya2ITvxBBKOtcFl6EwKl%2FPeQcTlNV%2FCVhOvjwquq2270t5klFUaM9ByVq%2B8Lahd4uXIk6XspVk9532vd2OdbA%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\ncf-ray: 9f0d262ffd1156b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":639,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (638)","md5":"b503b50fa0f771bc1dd1b8be6de93220","sha1":"af0d2d427f35c4fd11d6ccc32ad58fa113c84590","sha256":"753f8c285d79eeab5cf0a8feff56252e7dc57beb58b9bb0670c242b4e9b0fe91","sha512":"41d1a4f85c75421df1a00af94c477cf11967be5e8f48985ee33639765106afe7688246d7d358bd5a876eff97606ef43cc58284437662f7c33794bc2ecd9807a8","ssdeep":"","tlshash":"8ff07d04e034ebbcd53b09c1969e0418305e0a74eaae09e3d0fd193aba780d57a4efdd","first_seen":"2026-04-21T12:24:49.006572Z","last_seen":"2026-04-23T13:21:42.142013Z","times_seen":4,"resource_available":true,"data":null}},"time_used":246,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":246,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/jackpot-jNbP6Duk.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.872Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/jackpot-jNbP6Duk.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/assets/JackpotPoolsWidgetContainer-DiFR-VGp.js\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950254700; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 503 Service Unavailable\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: BYPASS\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7%2BKnii10PAx6Y4JoouLIOe%2FPocoOHbq4DuSp8oWmhjGruUA6r6vaCmf7iWZZN5taErcsxEwE0WwwDedRWa2EgP2XAAmv5GhpTgaB80cjWN18pIHA%2FEnQ%2BM6UxCSnEkAviC20uYk%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f0d2634cb8b56b5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"503","status_text":"Service Unavailable","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-23T18:09:27.649541Z","times_seen":14112422,"resource_available":true,"data":null}},"time_used":76,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":76,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"explorer-api.walletconnect.com/w3m/v1/getWalletImage/3386dde1-8b24-48c8-4b81-16979e342000?projectId=45f4062f4f6427f9e6eab952d2452b3c\u0026sdkType=w3m\u0026sdkVersion=js-2.7.1","fqdn":"explorer-api.walletconnect.com","domain":"walletconnect.com","tld":"com"},"ip":{"addr":"104.20.35.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:35.017Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"walletconnect.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Apr 2026 19:35:08 GMT","end":"Sat, 04 Jul 2026 20:34:55 GMT"},"fingerprint":{"sha1":"29:D9:EC:AF:28:AB:86:B5:F5:38:A9:38:B4:CF:23:E6:E6:9C:63:04","sha256":"83:7C:8B:D4:F5:FB:85:02:A1:F8:37:D9:53:80:6B:8E:C0:ED:FA:F2:DE:40:56:27:B6:C1:31:C4:A7:8C:01:8D"}}},"request":{"raw":"GET /w3m/v1/getWalletImage/3386dde1-8b24-48c8-4b81-16979e342000?projectId=45f4062f4f6427f9e6eab952d2452b3c\u0026sdkType=w3m\u0026sdkVersion=js-2.7.1 HTTP/1.1\r\nHost: explorer-api.walletconnect.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m.gallabet1075.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:35 GMT\r\ncontent-type: image/webp\r\ncontent-length: 1688\r\ncf-ray: 9f0d2635df0b56aa-OSL\r\ncf-cache-status: HIT\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=86400\r\netag: \"cfEA-Bw7H9k1gZltgcL-Suew9FfmDcyauXnchu_YTSDQ\"\r\nserver: cloudflare\r\nvary: Accept\r\nx-wc-r2-status: HIT\r\ncf-bgj: imgq:86,h2pri\r\ncf-images: internal=ok/- q=0 n=690+4 c=0+4 v=2024.10.6 l=1688 f=false\r\ncontent-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'\r\nx-content-type-options: nosniff\r\nx-robots-tag: noindex\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1688,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"2bffc4df749e3b8f1d0890df22f4bc77","sha1":"ec3033a449dcff239808409c5d96d388a661ea37","sha256":"c7cc404018e711a83cdb04a08a5c5a12f54d1612b3d3cef12a0b7721fccd4465","sha512":"0ef53d6b15c58647ec9f81e562dbda560cd9f6287abf9d07b5e791db37b97879aa57c86637f7213ff127d4d10e4b8528ffc5368e085d8179d18524a4d506a649","ssdeep":"","tlshash":"cb311a52b99510c943825527eff4cd41971398270f3c61734161247349694b22df02d4","first_seen":"2025-01-28T05:59:32.01912Z","last_seen":"2026-04-23T13:21:42.173885Z","times_seen":1587,"resource_available":false,"data":null}},"time_used":464,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":461,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-23T13:17:29.466Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:29 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding, Accept-Encoding\r\nserver-timing: cfCacheStatus;desc=\"DYNAMIC\", cfEdge;dur=2,cfOrigin;dur=43\r\nexpires: Thu, 23 Apr 2026 14:17:29 GMT\r\ncache-control: max-age=3600\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ycH1x2Qnf5%2BjQX4nBV8F3gcwx8b9SrCMz0JoapzGHMDNL7EUMtPgMgruZhx1Ztv1QJU7NqO5Xcs3W4mrbUqA2behOrSj2qUEd%2B87rrBNNj6TuylzM5vBa%2FrB5SPot2BW3f%2FfWQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvia: 1.1 google\r\ncf-cache-status: DYNAMIC\r\nset-cookie: SERVERID=s2; path=/\n__cf_bm=q.hnkVRdyauaH4ki9e9Nkf_TbzvwjfEY.OdnXUwHaZs-1776950249.6728365-1.0.1.1-.jp38zdwRy5ncqp0yl9VYwQPvs3dM9pUs5bhaPe15zKE81Lz7BJtioWDNBvAS_HgAuW3KSn2AO_LFwJDmJfTHNlPvIQ6jQSVJJ6Sq.9ViT4eGKgieSdkVLW8HaQFCgD9; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:29 GMT\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-encoding: br\r\ncf-ray: 9f0d26136bd8c272-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":4437,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (636)","md5":"88eeeb832e386acfe2e7aa0b417a486d","sha1":"73c24347ea2069285f8e1a67b2a379b953a62753","sha256":"58dee0effb47c73fc0d756039c53dfa49c41c694880cd47182f72f2ecec7f697","sha512":"4b0163591bb8306aea0f2cb23c9e6dd9c9d04e99b497630055233544c8ee465f18cc21ba029f4c744a2952d8b4610c5c9b2e477415595f945b4a4d4fac7d0c25","ssdeep":"96:KV5FNiMDCfqDVMpKqpKNpK2+6RwLWKKqgq:KVrNi/ypO2hRUzPgq","tlshash":"e19175571910f82c122545b8b5d2f80ccf61b54bcb05ace174aea6ad2fc4bd58df346a","first_seen":"2026-04-23T13:18:15.344904Z","last_seen":"2026-04-23T13:21:42.094994Z","times_seen":2,"resource_available":true,"data":null}},"time_used":353,"timings":{"blocked":36,"dns":17,"connect":1,"send":0,"wait":281,"receive":0,"ssl":14},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/FacebookTracking-Di526DTV.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:33.757Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/FacebookTracking-Di526DTV.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.gallabet1075.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:33 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=1K8QmzVsK7RMuSTSK0.RtqW7pvQUruj8..XP3GjENbQ-1776950253.7856371-1.0.1.1-jnFE6h1XMQKj7An.zosyZj4HKsLwb5ETqGeWf3B_yBsqgtV6F.tU8zeT87BJYXtUBG4UfKx0v1CFiuyoH5YaMvnQ9uKxaYF5Vhl3Ero_qbyJUkmGGSnn2D4H4CuL2yqa; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:33 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xpcHIr4LCFfBKIf7jYIrw6udctNEkAFINLl3RyEP2resHNqW%2Fll0CZo4hcX8sQ7vF4cg862N04vP76tFbS3l0eLeiMHnPrGy8XzmRtZp1kioNucHXl%2B3DzFz4sykH1jyq9osxg%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\ncf-ray: 9f0d262dda3556b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":680,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (679)","md5":"1677c6d581eb780d31f16f54c87e7ef5","sha1":"cd18535059a569b9022672f896bb65a8079607c1","sha256":"c489bb95a03794f6e8af73883c3bad9f5a8095a9783421a209ca13ce31218da6","sha512":"66d41df0d890ca306b642c0b3f50c996aa4a562686627e35ce47c169dae512993f10ec0007c7ef2376b40d38b5b517a2b9c5119a5ceae2aaa82497c5a1fc8ec5","ssdeep":"","tlshash":"6401fe0f2c45b47d267c18b8d3bfd81426ba590e2a8b4595c6c789b9263454a40cef8d","first_seen":"2026-04-21T12:24:49.081384Z","last_seen":"2026-04-23T13:21:42.206901Z","times_seen":4,"resource_available":true,"data":null}},"time_used":122,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":122,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/SwipeableContainer.BGvxD8Ys.css","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:33.993Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/SwipeableContainer.BGvxD8Ys.css HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/tr/\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950253805; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nvary: Accept-Encoding, Accept-Encoding\r\nset-cookie: __cf_bm=KJEBKYn6EL.u_vz1dLiDJPd.367KLPh4ctM39XxN6Xw-1776950254.1579926-1.0.1.1-mJm2mjB1DAGpQvtcm6uzrwcOAT0hv9BI0y6X9qM86XKL5aEbuBAkJSOS67gnP3n0Qq6p4JluyfhApqesp0S2HkDdpRHfETRXa8_jLvzufumxQuHw76lieTFg_WDjRFoF; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=JY3jcUBwSyjUpFHaQ5yZjk4kVjxkNjb44ZSy%2FAIfPH2asilpZChpBHs4Lokt10XpyUIuOU08UtF8Dkrz4LHTMi%2BvUiUwDlDD2RQjLNrzF6Ap69z8r6MsPYizRSHnO%2FWB8n%2Fmhg%3D%3D\"}]}\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=2,i=?0\r\ncf-ray: 9f0d262f3c1956b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":1833,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1832)","md5":"639c15dfba86f88b79bd3270e784ab95","sha1":"98caf793faaca4ef94b39a65d315eadd89edc449","sha256":"881a88d3e934410159792afe20616ea9aa03fc6aebf7c3a29feda37a78b5fb93","sha512":"556b83ee5cd37491b0bf7ec6730d353b5abb3aabc670f1ace3e0b491064b3e0b83ff05ca29b42455b01fb0ddc33f4510d073ce780b7fb4f300c7a98ee54e2f29","ssdeep":"","tlshash":"2a312144cf450039bbe2223f99cc8df80a18d9b3ea314d8f76c59886c6e255937beb55","first_seen":"2026-02-22T15:27:55.467958Z","last_seen":"2026-04-23T13:21:42.113161Z","times_seen":50,"resource_available":false,"data":null}},"time_used":274,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":274,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/FeaturedGames-DWwns83P.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.142Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/FeaturedGames-DWwns83P.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.gallabet1075.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=WctVQt6LNHgzs3KSYhZWv70F0NcoXMXD4M_NYphLceE-1776950254.2380793-1.0.1.1-LU7R8yPcJuHjNwBPTsbbWWzJhqmTX90FLNQ25a_Mf9asqta1r.ih75CGmwLheP4DrCFzbzHr7kJQJJ0vCIVliddG0Y0BdXPnca_zlMJVl7zPr_Ztv9K66S2uKLCnM3Yc; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=W%2BZMfofla%2FuhLwqYEiRQAEOLUkoy4NU5coh%2FDUA%2Bp8Oe9pcdD0ST748gZUpuxohmzRzs2Rm02j%2FteMoKLyhs4Zq5Bxb3M7EBP3Tb5As1lUmvlyjPyCAZn2A0cZMldEeIMcxpsg%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\ncf-ray: 9f0d262fccbf56b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":7902,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (7901)","md5":"bcfddfb5689ff1c2391259b2f348992c","sha1":"ccb1572c067373494366fb079f2fd90fd898db07","sha256":"50b6bb1d3eb822aa4fc92de52882f9c26159a5376b6bbd24f54e76eff0551203","sha512":"776eb0edb6ce0b236714cf9b2d4153f65bde3c9fe57ead2163122cf7fbaf425b896bf2562c4d72750f762886b555d5eb3dee7a4ff03bd95cd4247b60ca87f302","ssdeep":"192://E3f6HZEUDkH92wlLcoWhCWOJmMwL4Bflg2yjTl:kyHZsH0wlLc/h6S2C5","tlshash":"40f1e90ae010b67de57b49e7b13f5508f47a0ad0e7190c90d0be2d2919e9246733ef8b","first_seen":"2026-04-21T12:24:48.910669Z","last_seen":"2026-04-23T13:21:42.12532Z","times_seen":4,"resource_available":true,"data":null}},"time_used":264,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":264,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.blocked-domain.invalid/gtag/js?id=G-MCEY36CK22","fqdn":"www.blocked-domain.invalid","domain":"www.blocked-domain.invalid","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.568Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /gtag/js?id=G-MCEY36CK22 HTTP/1.1\r\nHost: www.blocked-domain.invalid\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-23T18:09:27.649541Z","times_seen":14112422,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/index-Pd1BUwU6.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.889Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/index-Pd1BUwU6.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/assets/index-By9i3a2L.js\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950254700; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2050\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=YoAPZYtIWIfS4Fjm2enY.g0kbmsTT7W3xnTM7JBC.HI-1776950254.9235234-1.0.1.1-ZlFl9TPEpXjRbiXIyFpwLjDdr9CU_L6o18Mp5YXaCWHWJmQMQ5wrChP2pMKQQKVGvYrxw__0wxikynwvtDsDjg7IXLFCnGCA8kvYG7kS3.LIovgbVbFbhbqUc.qVkhEi; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wvI7cfCFSLl%2Fq5ZyglNfA2x5hzzhsDdCqImDXgvsHmz4rtSfeRESukxFK5EFC%2BzZGShC7VxTqosdZcFuLM%2FNjupmHj9OUqHtQgjFHu0GxNCYEH6ZvpiJSBNaLzU4ZImDgk7Ayg%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=3,i=?0\r\ncf-ray: 9f0d2634fbcb56b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":2923,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (2922)","md5":"47c51419dd5562f5792c0c7dc42e742e","sha1":"e204e73bc9976ac330b6eaf057843e350226728d","sha256":"4737ce990a50bb36d1cc20cace204ae3b3fc533c1d322dfbacba962c916b91a8","sha512":"331a871e9de89557ede808f0b73caa9342921b6c15421b8a413c0cc4433554e253d34dfa36e5eb7c780b3e4aa644263d8178d1ade25f9f3f4bc2248baf8e2fca","ssdeep":"","tlshash":"515132cba042e7f4bfe708e6819b10b074378d5cfe1b449092be58964958752e36bf4d","first_seen":"2026-04-21T12:24:49.051938Z","last_seen":"2026-04-23T13:21:42.230897Z","times_seen":4,"resource_available":true,"data":null}},"time_used":101,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":101,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69e6f4c07ce/js/twk-chunk-2d0d2b7c.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:41.236Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 06 Mar 2026 09:33:33 GMT","end":"Thu, 04 Jun 2026 10:33:27 GMT"},"fingerprint":{"sha1":"F0:6C:DC:32:63:CD:34:E3:15:CD:7F:77:F5:A3:64:E0:9B:36:95:83","sha256":"B6:7F:6E:A3:69:3E:0D:3B:04:3E:8B:65:86:7E:1D:5F:82:84:18:16:8D:AD:72:D5:51:E3:46:BC:BD:CD:BC:38"}}},"request":{"raw":"GET /_s/v4/app/69e6f4c07ce/js/twk-chunk-2d0d2b7c.js HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 23 Apr 2026 13:17:41 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 21 Apr 2026 03:54:36 GMT\r\netag: W/\"8c2091a992e4303600967e53388cb5c8\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\nage: 206537\r\nvary: accept-encoding\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nx-content-type-options: nosniff\r\ncf-ray: 9f0d265cbcfeb509-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":10918,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (10918), with no line terminators","md5":"8c2091a992e4303600967e53388cb5c8","sha1":"70cb06404a117829d3c53f5890077f5ff82957c9","sha256":"52edf640b5358d2e388d34d85bae2bf9973c26383165c4187da4e98b7703233a","sha512":"4d379fa96658dead5908f119d36ff91db8ec34d145fad5888370bd681ec575615351eaa0336fba48e4ad102b84e07881286bb1a958ec15ac36f86677de149d15","ssdeep":"192:0CFny7CpmYbZTxcwr40v0zSrj5D6/L6LvGokD36b4hwseQ:08mCTZTJr40v0GF/LvV4hwsR","tlshash":"9332a6b7e0a1107ea316871c106fa610f61f6c8ab2561da5ba7ab46f900ddcfc065f7c","first_seen":"2026-04-21T04:02:24.334927Z","last_seen":"2026-04-23T17:55:40.636265Z","times_seen":694,"resource_available":true,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69e6f4c07ce/js/twk-vendor.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:31.394Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 06 Mar 2026 09:33:33 GMT","end":"Thu, 04 Jun 2026 10:33:27 GMT"},"fingerprint":{"sha1":"F0:6C:DC:32:63:CD:34:E3:15:CD:7F:77:F5:A3:64:E0:9B:36:95:83","sha256":"B6:7F:6E:A3:69:3E:0D:3B:04:3E:8B:65:86:7E:1D:5F:82:84:18:16:8D:AD:72:D5:51:E3:46:BC:BD:CD:BC:38"}}},"request":{"raw":"GET /_s/v4/app/69e6f4c07ce/js/twk-vendor.js HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m.gallabet1075.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:31 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 03:54:36 GMT\r\netag: W/\"3b341e35b39f6195793ecaf5db7c1d63\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nx-content-type-options: nosniff\r\ncf-ray: 9f0d261f2bba32fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":82913,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65472)","md5":"3b341e35b39f6195793ecaf5db7c1d63","sha1":"3ef56ed9ac8bfbf5347dc4592653703f59763083","sha256":"548669d6434f5204dca25b9a6f8a02f63301b8c1b58a717b91fec8b6c2918305","sha512":"6b222121b74ffeabd4de7b69f354ad25283d0989376e8e3f6d97f829e28175291eab0a535ca77c22d3f65595250ad9ad3909525c2eb74bf9783f4955c3d7cde2","ssdeep":"768:kURUFvX9zXAfE4dm9+fuDosXRfMySUHM1ONdYO31hY6d/o6cyO4fefHvSAW64F:kURUZXGfzd1uU+8ODY6JORfHBWJF","tlshash":"b483e6dcb295b57117ab20b5417f050bf33a7815a80ac0a4f266f4da7c7848ea06bf7d","first_seen":"2024-03-08T05:46:53Z","last_seen":"2026-04-23T17:39:21.185574Z","times_seen":50981,"resource_available":true,"data":null}},"time_used":289,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":289,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/index-BiQikUyv.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:33.107Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/index-BiQikUyv.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/assets/WagmiConf-D709ykut.js\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950253080; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:33 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:22 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2050\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=aOG3rayzBCx4siD4.zwAoIg8i7wS.nMbUeVHetYeids-1776950253.1486301-1.0.1.1-34C1yijCRPbfRJ6VyIe78KGlN2SzCTLy8erYHZKMfpU78WP5ABxX6MdxUsCowxyz_tx5eLnhIvw5z8ZgGrGjgFPPgfSmrWrJsjm2pj3lQL2jYnpjo2RWGm5Tvj788MIy; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:33 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Ro%2F489HYHF9CdF5yBr8mTokEC8uCvXW9g4D7FUZqWRb7X%2FHOTrveDPmKzwU%2F3FZsA%2BS0flKqQOFD372NKkf2d%2FAovWxV2o0A75HxzxUNOoPBIQOJiGn9ewjOZBemLKoYGWwSLQ%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=3,i=?0\r\ncf-ray: 9f0d2629ed3b56b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":18027,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (17806)","md5":"deb2bc343aa9a8d846a7425f8c723fdc","sha1":"fa5405df41e25a937a2df828f36e23a4be4cec0a","sha256":"f59f3c1f99a2af0128f4abb905678beb0dc8ef050bf11842a92ab7b6c55af7d6","sha512":"9f325203abd96b66d92c6d748fcd9e1d0e89acc9c31b0486543c3fe5a4d62eb4c3e7b11e4ded953357f1c8d85f9c9c3803cf15a4c142923442293b470fb12f2c","ssdeep":"384:pMci40qXFFnJImIjE3QEuAOY2E0/JqNPR3OUFxmZ1d33PdEkBcxJW:pMci408FFnJrIjE3D/OY2E0xqpc1NKkD","tlshash":"0d820ad0e2b4f7a642e86add80392074f2258c28343dd0f1b6b6ede970664cac56dd37","first_seen":"2026-04-21T12:24:48.908249Z","last_seen":"2026-04-23T13:21:42.179333Z","times_seen":4,"resource_available":true,"data":null}},"time_used":98,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":98,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"go-cms.gallabet1075.com/api/public/v1/tur/partners/751/seo/page?platform=1\u0026country=NO","fqdn":"go-cms.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:33.634Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /api/public/v1/tur/partners/751/seo/page?platform=1\u0026country=NO HTTP/1.1\r\nHost: go-cms.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m.gallabet1075.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:33 GMT\r\ncontent-type: application/json\r\ncontent-length: 2659\r\nserver: cloudflare\r\ncontent-encoding: br\r\ncache-control: max-age=600\r\nvary: Accept-Encoding\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=cb2Sp0vQLUhUv3tfLfFCi6mCbgN_TCPZ9nBFyHXMKgM-1776950253.8742266-1.0.1.1-6hvvTrbdQbjtMsySxLNpCAjx.5s_Z2H1.jmbaDq2X3u_82F8SsksxID527pJzaFj8leV5HlS1VmnrEMNs8tnpe.EezsY1yGt1dRWsiamgm7T0AQMgnvC7MKo8gvcae0X; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:33 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=E71%2FSYSRLjaM6trnHmBpDZcz3HP8aKDhVp4gH4yr%2BggBa7ZH2b3tIy%2BvRBEchLbaH9bYFk4NJcvmiLWR4%2BBtK5zWueFgJmONS5MBeJO%2Bh1PrpYv%2Bi%2BcvVuP1CaL2%2Ff25qnrxdEp%2BsuvO\"}]}\r\naccess-control-expose-headers: Content-Length,Content-Range\r\nalt-svc: h3=\":443\"; ma=86400\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE\r\naccess-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization\r\ncf-ray: 9f0d262d6fb356b1-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":7671,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"0c3cb355e0745f8d403e214af1595e2e","sha1":"ed786d0ae61ad6adce28150c04a932c4e9bcd6da","sha256":"2b7c48aafa192476fcb639519893f40c28c1de98bd5e66b84769edc55b047be2","sha512":"1c1840626aba24469d43e66cef0893e9627c25afee6ab6a955e6cebf21946e2cf3514c9587cae3c5815a3b7b5ceabdb18cde0fc4b6d5cc52e798e14c7c456b62","ssdeep":"96:E2K/6TXWpoS1kKXplSunUVtRQl8bqOHEyj7fuSE3Ytvkeu5Jbrt:E1yTXENDplfnUtQyDjJE3ovy7bJ","tlshash":"76f10f0e37962d9f038a5fca29564d3c4fd55386fe41a91c8d63ce1e2bcd278d22ae01","first_seen":"2025-12-24T22:39:16.082152Z","last_seen":"2026-04-23T13:40:25.973799Z","times_seen":49,"resource_available":false,"data":null}},"time_used":336,"timings":{"blocked":29,"dns":0,"connect":0,"send":0,"wait":307,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"go-cms.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"go-cms.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"go-cms.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"go-cms.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/index-BiQikUyv.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:32.628Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/index-BiQikUyv.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.gallabet1075.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:32 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:22 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=ZB12dQS_0iAZeEFXpNvBgHphrodjc3cuMNVqFV25Ld8-1776950252.814653-1.0.1.1-cioxT7i_Ro.Nii72wdIFyghW_GKDsuX1JOJV1Pee_iLvnINrTDmpJMjauzvvmAANnHz8QFWIlUbz4GJ3OtX0IDDe7BbveoJwjEwl4wIWEWxgGtP9TsJUGhH1RwW06dkR; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:32 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=D7xHxc%2FLzr0eI9ygCisOALboKsGpxw163iXgyFielB8vDyEQvCIuPPhp8fkeYydFPQQJZvLLzTUuOczxonxYqHl%2FjEjhFCFdWiXWbiRVOvsSkSm0tytbk3hi60BFdYHFsEailQ%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\ncf-ray: 9f0d2626e9c656b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":18027,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (17806)","md5":"deb2bc343aa9a8d846a7425f8c723fdc","sha1":"fa5405df41e25a937a2df828f36e23a4be4cec0a","sha256":"f59f3c1f99a2af0128f4abb905678beb0dc8ef050bf11842a92ab7b6c55af7d6","sha512":"9f325203abd96b66d92c6d748fcd9e1d0e89acc9c31b0486543c3fe5a4d62eb4c3e7b11e4ded953357f1c8d85f9c9c3803cf15a4c142923442293b470fb12f2c","ssdeep":"384:pMci40qXFFnJImIjE3QEuAOY2E0/JqNPR3OUFxmZ1d33PdEkBcxJW:pMci408FFnJrIjE3D/OY2E0xqpc1NKkD","tlshash":"0d820ad0e2b4f7a642e86add80392074f2258c28343dd0f1b6b6ede970664cac56dd37","first_seen":"2026-04-21T12:24:48.908249Z","last_seen":"2026-04-23T13:21:42.179333Z","times_seen":4,"resource_available":true,"data":null}},"time_used":272,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":272,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/GameSuggestedEventsWidget.DT3sdmgt.css","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:33.576Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/GameSuggestedEventsWidget.DT3sdmgt.css HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950253481; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:33 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nvary: Accept-Encoding, Accept-Encoding\r\nset-cookie: __cf_bm=tnn.i9pF49CI21cs.lF00IvthsGxTU47WxUHYlqeZqg-1776950253.7814305-1.0.1.1-QtnsSGoHuKZ.1Qe_Tw92MMnb9gQ9JWprzPq3L0.r0sSCNQc43zdUZ3FuZECwh8jQTYuAs4g23E43d4JHrNChW12mSRJNIPRyIQ02QUop1utJep9u3zh2qtP.VpcaKFWf; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:33 GMT\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=aAJPSQ%2Bky28mLfj%2BI%2B0hLQCxzJo13RkdPYF8Y38pdoPZIBnB7YipTxgOr135DzkuL%2B97pGGt4uCYyvXkgnOSHJPREvn46u5%2BKPmetJje%2FyoP7iur5n87mpDEy%2F%2Bqk1vrPKy0nw%3D%3D\"}]}\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=2,i=?0\r\ncf-ray: 9f0d262cd8d556b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":514,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (513)","md5":"b01b938288fcf859a4a5ed01850187db","sha1":"9475b503164c6567f33db7a53919d8dcdb135fc8","sha256":"a4281a5b8b36d566538c2ce2426521cd8cbdc4e125163389344f051ce2d37a59","sha512":"311f141bf66b3227454c52f662427907081bb8b403f4e5ef33a75e1da919f589c5e95b329790dbb87148a16dafb44e5e460a3b33cf1482d0ed89914dad93b5ab","ssdeep":"","tlshash":"ccf02b218e21ac3564ac03ad2a77001a5710e195bc1039f82fa1bf058a047e50cd82cf","first_seen":"2026-04-03T20:51:16.025411Z","last_seen":"2026-04-23T13:40:26.057642Z","times_seen":18,"resource_available":false,"data":null}},"time_used":279,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":279,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/ExpressOfTheDay.BAhUD-ZS.css","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:33.987Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/ExpressOfTheDay.BAhUD-ZS.css HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/tr/\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950253805; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nvary: Accept-Encoding, Accept-Encoding\r\nset-cookie: __cf_bm=nrd7fKzI9nj4YOEqSos2Y6g5L.u8_ba4uUchrnHnun0-1776950254.1417787-1.0.1.1-Rn2fOAtuAk2t9hXZ6dzcTqgjbARismgk8_9I9Yv7EU6Eeo00WVghGjy1TWW7Cz8d_A6sRP1gX2kgT5.vtt2mrG3cGxw0q9maAvsk7pQmYS5qAl_7nLCzAd4zl.7Ipmg3; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=oV9rA2CyKztqX%2BWYkjRoiUKWvNMoqamI0fxzUDZMG3W5JEYwSCp8C7W6h624xIbJcZS51cuMxtimnzjgsCtAB%2Bx8CxXeKviYUR7G6F9W7a9PAigwI3284L2Wh35WdUT10mLyvw%3D%3D\"}]}\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=2,i=?0\r\ncf-ray: 9f0d262f3c1556b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":9580,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (9579)","md5":"087628fffe1a351e096b05c35725bc68","sha1":"607c5359239805a3af6e4b4fb84a0e7a114b89d8","sha256":"25ec060d1f4cb4068260cb4755ee3470f9944fa93190d2270835098cfd78635f","sha512":"5e5c66f27d94845ecc92df8b63d055a21ce29722f338ffba51896c97c2ca837f714941f802ad293dcf4c6d000d8960f9b7a1911ce01f1765016612f04f89137e","ssdeep":"96:IcAXFD6FgOx6Djjr+f5mdASqRd5Rr2+3xcFl3jRasjeS8O09YUGx5m:IcGFD6FgOYj+zRdHrb+GFBlYUGG","tlshash":"3c121d37760e203fb63f8a2fb290478f6018501aca52164aef5c22fac7c79d19d657d8","first_seen":"2026-04-21T12:24:49.091774Z","last_seen":"2026-04-23T13:21:42.186035Z","times_seen":4,"resource_available":false,"data":null}},"time_used":241,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":241,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/Notifications-w2cxzdeU.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.179Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/Notifications-w2cxzdeU.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.gallabet1075.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=4NJn7iakaaTpb1O8obLG30w73vHapI_HnHc3wQivvkU-1776950254.2744942-1.0.1.1-HKEtXD282T429ay_.nlCdJmJsKvraG393fNirtT19Ev0lPmZJ4aa9Mtn_hBPNneV_rjrwdjQ7aT3YCGPdLyhaMjNBr1SronSw6m1j7B3rtRmD6hoi_oGc6r0RKvfBd7b; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FLc6PxL2fw792x7tOhGCnYsGlxeOuVk%2B3KzMeDQ1VRqxJcXJJialScb6Jdc7iWYaiwWmnxtbxN5ychhDhBfGhGEbmboYf%2F%2Fwcg01vvYgIBZjG4KQmIrDBxzacmd1WY4wF5PH5w%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\ncf-ray: 9f0d262ffd0656b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":1112,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (1111)","md5":"1daf003af42fec8d9b9896dcc6f6d3ce","sha1":"d4b08dd14ef567f8d8aaefa2416515655f18fd33","sha256":"327a7a6d6a1d59e3cc8e1687f32e8152027ea7b7a71f9c000a978e673ad988af","sha512":"fdfecf058159d80e76a6018f3172ddd0c46c47519a1163c01973e969d2c4ccc962ee1a68c6c0921150910f3b7a098f02e02f1314b53315e69b16cb9ecdc29dd9","ssdeep":"","tlshash":"652163df6082dafc292148f6432b2a32703708587939481602fb1d2036acb0ad65fe8d","first_seen":"2026-04-21T12:24:48.92823Z","last_seen":"2026-04-23T13:21:42.172413Z","times_seen":4,"resource_available":true,"data":null}},"time_used":256,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":256,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/GameListItem-DPOBSFUA.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.184Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/GameListItem-DPOBSFUA.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.gallabet1075.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=i80tulWDgkhEH5sQhXITFl0y.W3U6rousAJStGvYC7U-1776950254.48822-1.0.1.1-pDJBJoEaoopjdKQ5uw_fvt2yzl339jTQAPev4Kg3d.pNe00CkcuzIR9bVuNm68lc.WqM_c3MfvIaqCtDC2nAgw.OH3b9bdM9GwIGqY9hJjijMfT4FkuxuKnNaqBZ2zCx; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4e1B1AY7rd1Xa8jsxut2LJzhWvS%2FeeVkfT6HGOf0V%2FnXGBZRbkt%2BxG6LW3X53cl%2FfzGWnknON2dA6Sk6LYvJTOHRqFGjdK7HZs1l6zXabAeKhGlOIb4A5ZIWK8lst5Lgz80C6Q%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\ncf-ray: 9f0d262ffd1556b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":4660,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (4659)","md5":"c4b5a33034c11189d13a58c3b2a71535","sha1":"925b05f37c74a4ea1f10ca78f28a492d8a508316","sha256":"f24fe06384d2908838e215020b324be57569e56d317e0cb799f4ca6fea3bb8b3","sha512":"56d3b2b94a6f87191af553b91d5f4d9ebc79d4f4cf03719d2f00d3ba0bb45160f180669a9e3d0b758b191efa1ae09f8560b6b9e8b96cd07b9fe3c3d1546f7379","ssdeep":"96:6yzRl44W0nOtWyDHDjl2rfLE5jYhpzHXzoodwd:BzDfI9d2T7X5q","tlshash":"efa1a546d024b738f83bddff75a69a18b4310add87964be2e25d17290242290737afc7","first_seen":"2026-04-21T12:24:49.05959Z","last_seen":"2026-04-23T13:21:42.200893Z","times_seen":4,"resource_available":true,"data":null}},"time_used":456,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":456,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/useNotificationsProvider-CDjHBCPZ.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.876Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/useNotificationsProvider-CDjHBCPZ.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/assets/FeaturedGames-DWwns83P.js\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950254700; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 503 Service Unavailable\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: BYPASS\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HBoEtimJEje%2BbXvm3GcDzO1JYxqoZU0iukXEHHSKIV0WJgEavi15o55NyZtSE8ELGsEJysVj2k%2F6aPsN%2BcdR%2Bf6MNKOKp5IMObc5Fka9k4FEZ4dd59W2K2hJmUDrU%2FntP5eTSnw%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f0d2634db9656b5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"503","status_text":"Service Unavailable","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-23T18:09:27.649541Z","times_seen":14112422,"resource_available":true,"data":null}},"time_used":64,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":64,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets.json?v=1776950100000","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:31.350Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets.json?v=1776950100000 HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/\r\nCookie: SERVERID=s2\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:31 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 14:17:31 GMT\r\ncache-control: max-age=3600\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=ZXkNGG4MHcxVV6h7ngFxdz1jLFomlisasT5cB0V0B3M-1776950251.5332537-1.0.1.1-gJqVxTfFAPtwp.C.UDQMYVYFzAiHkfy0TIWjAM2OD8mIr9BghZ1SEGPrrsuq7vEqAm8D6imi9eROW9z7U3NH1y7yKweqA._73riK6d.wVbs332GC3U0DpkVCk7ZpP8T8; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:31 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xuQLAeDEZRwFXVJ6UbTKkVFATrP8rgi%2FHcMwaUEuSFBcz%2BdLLesKd8qruhzk7z7quuizcXjj%2BLEaKMgduHmb8XGG4FyBIKyEIbernhFxkWsblO60Fygx5%2F0DvlGhaArJHiTBgw%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=3,i=?0\r\ncf-ray: 9f0d261effff56b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":108,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"4ee89984d6fb4aad941e7cf6cc639d8b","sha1":"acba0d60920c61a2499c425d0fa8d6fcd06b53e1","sha256":"adc12bf71cfc37b9889de5d878c36ef74224dd986fcbec05656adb2d12016e22","sha512":"998b96b1f3fd723a177521a6a54616931aa2e0fce8dc23940f0fa573b14a711d210dc1dccc67e69db74abd89413badacfb21edfc081f3fbcb642c1a20ca98b9e","ssdeep":"","tlshash":"95b092885a6dc80033c0e08822856b04f304f1ce8ea7025e201701a88af0b268ae080e","first_seen":"2026-03-21T17:26:39.627607Z","last_seen":"2026-04-23T13:40:26.069174Z","times_seen":26,"resource_available":false,"data":null}},"time_used":280,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":280,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/WagmiConf-D709ykut.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:32.630Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/WagmiConf-D709ykut.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/assets/index-By9i3a2L.js\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950252580; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:33 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:38:43 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2329\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=k_6BzR29y4tAnIkP3eh0.6HX16oZNGSnXlC8s1RgON8-1776950253.0101473-1.0.1.1-HQ6G5o_EOXOLI1_Bfj9xB5ueT2pAX_t3MR3NGRY0Urj6cepSfdDUcWTqy8CXC1bGSp7PSQNZgDxBcfIrzieGJP47C114xjM0omT2HAtnKdBDmKW3VQ.kFyq_t7.UFPXg; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:33 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Wm6tBL5XeHKGDRIfO9oeZUJZ%2F9hQhc1lUF5%2FGNmRKFkPYxv8EcDI8HnfaaH6YwmgRgWQCkdzdseEM7FBPRocq9znByQC3uwZPLnLBDrYmXG7Wpqgef2pM8lk8TONHedbHOjLMA%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=3,i=?0\r\ncf-ray: 9f0d2626e9c956b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":100979,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (48215)","md5":"2bc1cff1b4a88fcb7d6d511ae355aa96","sha1":"563de1fda53d30945b4e8745cb90e639ec4ee8e4","sha256":"4eff938056fa9f0de8c26d57aa0ab88a57c0855dcaf7c7369a0ff21a2e960fc6","sha512":"357be7810700745a6117be7eaa66f2439f05e435cefd3c7bb812a17f40816a600494b4f8dafa95ea9a844a6b2729d6f29bf2c035878ac6f0079801a690259df1","ssdeep":"1536:o2Caz/SCdwD7ZajZlO7jMMDWOx6uxG7k8UhVxSuS7XUF3waGBfGYBgEytq2bPfAV:ZCaSlx5xG7NU+WEy1bP4v1K/XGd","tlshash":"39a34ad07196b46103a74ae008bf440bf239ac34200e565cf269ecde79b96e99277f7d","first_seen":"2026-04-21T12:24:49.089926Z","last_seen":"2026-04-23T13:21:42.232076Z","times_seen":4,"resource_available":true,"data":null}},"time_used":452,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":452,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/BetslipPossibleWinInfo-BODkpSVE.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.881Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/BetslipPossibleWinInfo-BODkpSVE.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/assets/ExpressOfTheDay-43DWSrHP.js\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950254700; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 503 Service Unavailable\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: BYPASS\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=eDghS2Gz96GB9dgLPgnygBUT4QMWtFJucz8xQXY8kCEvh%2B%2F0EUrU7ZW3X0BgsGkeHTgSK4WImaWYFd9d1lPDfIfvr6pMNr6MQqmQW8%2B4aR9L52KX5hZCZTSGG%2FsAy%2BFTp1iE1%2FQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f0d2634dba656b5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"503","status_text":"Service Unavailable","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-23T18:09:27.649541Z","times_seen":14112422,"resource_available":true,"data":null}},"time_used":82,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":82,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/favicon.ico?version=1776758850673","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:35.804Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /favicon.ico?version=1776758850673 HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950255713; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:35 GMT\r\ncontent-type: image/x-icon\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nlast-modified: Tue, 21 Apr 2026 08:08:45 GMT\r\netag: W/\"69e7308d-1b67\"\r\nexpires: Thu, 23 Apr 2026 13:42:21 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2114\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=3rSqRpi8sR9VbBvzTGMIbd0_qVtTgv7knJro7F_jKYQ-1776950255.869355-1.0.1.1-aDk1RmZb9qrCLXJmTnM4wfcYH6.BVg91W9bXiLIYmhcD1zDeFzp0BWIIDSAcD5NbqPLl.KtzJi6Ru6rSA5TwXMY5IE.BZOwGCwnGegNsOZIb8AM5FFcSW4oIOY0CM7Z4; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:35 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3b4v93PvS058pR7D8KLXkG2xyO8hGHofh41Df6jzmxqu5IYojr6cVX8unYwoeJ0GSj7Qo3%2FSJKxp03Ln%2BnyJhjBPRDLiaOBOhq16NNR6hnPKjzq8kC%2FkAsdL14isF1MVTDsvKA%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=6,i=?0\r\ncf-ray: 9f0d263acb4456b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7015,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel","md5":"96a66de67adef28337580739eab71404","sha1":"2b93f9d9f5ccb809e454e812f9dfa7ce9ab02b0a","sha256":"1b029ff1969f7f867742ed30370ab8f76f58f3a00c102b51740cee61a5bae6ca","sha512":"efd763159644683e2aedb05be3a541cc4792938d3755e0b0a1e8850c6240e04c3ce03e465ac5160ebea03b7ba0e9a948bff584fb163ab1db1677453bcb13a7fc","ssdeep":"192:AA9risdBVS6QwidYsQ6ujzwAzxyKjuDqc:AA9pORYsKIAz0KjYqc","tlshash":"40e19fc31979540617e9f2df05c4386ab74ca88793a2a4f927b931343ff19cda613229","first_seen":"2025-12-24T22:39:15.963833Z","last_seen":"2026-04-23T13:40:26.075572Z","times_seen":74,"resource_available":false,"data":null}},"time_used":122,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":122,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/payments.json?v=04/21/2026-12:07","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:31.701Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /payments.json?v=04/21/2026-12:07 HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/\r\nCookie: SERVERID=s2\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:31 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 14:17:31 GMT\r\ncache-control: max-age=3600\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=mdEE_rBIdD_qCVDztgf1Y.Zrw54kYFlWH6A53cboMRc-1776950251.7419207-1.0.1.1-bxsv_9dVeu0K2ZGbGqfgOYdUF2NLQYY7fRXVNRw0yRysP633n_wFZ1EQ2zAVLqAcBRC0fcncasYUh4kwpT8Bmvh.SO5jait0Z6hUK3tSHkzoaGVlyvyIUie0KMUhVIvw; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:31 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0gR55G7ZWgoxtQVm7wKNgLKSPFq13hHg2J53rHlfOtzVffNgQe%2FdQuxqUj9xRbpm7yq86zXpD9KoriPfnaMWeLW80z%2FSPd4wCWiVhUOzv3elNJAXKglOLLRj1j1Hm6N%2FIJZL%2Fw%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=3,i=?0\r\ncf-ray: 9f0d26212ad056b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":96235,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"3ddd30afc164bb68545c14549c99e060","sha1":"81715dc8995950495ced9576c0003e78f7cded45","sha256":"a09207f3037c9ee0c360776c721f6d3dfd6cc5f1ba39dd0c8fea3e8285b9bfff","sha512":"37494dd24a88619d62442a12f7d0edf4fa7af73f467bf205c4cee2a778c84839a222e6fe41e278cac8650f05fc02aaaddf4bb34996d2adf86a98763e8fa5abfa","ssdeep":"384:SuQirsZJGtBM29V/6QhiEL9ztQX3tS7cf7t5tJirHIxiqaUiox4n7qbaci8Y6unV:zrp6zELrtfNsP/R6b","tlshash":"0f93f1a4d8690ce7198572e468bf9207766046478e2dbd4eb75cc82d0fdec0fadb426c","first_seen":"2026-04-23T13:18:15.351757Z","last_seen":"2026-04-23T13:40:26.094478Z","times_seen":3,"resource_available":false,"data":null}},"time_used":150,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":150,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/Odometer.Dtmtuu8d.css","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:33.954Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/Odometer.Dtmtuu8d.css HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/tr/\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950253805; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nvary: Accept-Encoding, Accept-Encoding\r\nset-cookie: __cf_bm=3e938o5biIlH3wkY5sdEgWMNAj4R_Jl7ktPtkZxObDQ-1776950254.0532622-1.0.1.1-6tQK.07BlKBq0XKQCIXn._2EgrEtXevcos0bHpKKhnzdJZk50hypNyQHRueNVgM5cNZUBTeJfbqbX3htOdC3m_vOXRXRA6CUuVANTERyugv8yj0teL04Z0pHgLXsgl4y; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=D3B4kUFIPZKdrTstx3rDl26P1Ltk79Jd7ant7woiA7%2BNBMgJZo5BWxC6CWplnmMb6o39aFIxL0YkFpVnO%2F6sBBQKqjFrT%2FAHEuuK%2BIVj35M%2FzfqFnvvnSSj0PUvavoA1jF5MRA%3D%3D\"}]}\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=2,i=?0\r\ncf-ray: 9f0d262eab4756b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":2758,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2757)","md5":"e60bd0b6b84d162ff84ef731b11ed036","sha1":"09af532026627df2629f1a98a049ee8c50194631","sha256":"8d2a9d2617a60055e91c6b16f4cabd14851836edec7bf90fc8760e1d31a39df3","sha512":"a85638b5f89d49c50da5f9dc0cfaceec033c45f524a51bbf266fe9cf67f9ce63ef157745964b9ab7c1811f8e2f2d2c5d6348efebe6818d6fa5beb8291e36c725","ssdeep":"","tlshash":"2451e1154f910364633a7906b5c81b51bfece5415223c58e7329a447cf83db9e398e1b","first_seen":"2025-05-18T15:21:59.195484Z","last_seen":"2026-04-23T13:40:26.003912Z","times_seen":193,"resource_available":false,"data":null}},"time_used":233,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":233,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/SystemBetCalculatorContainer-DtyOsLF2.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:33.774Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/SystemBetCalculatorContainer-DtyOsLF2.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/assets/index-By9i3a2L.js\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950253701; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:33 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=0kEVwVkW5QvDBkZj1ApaFr2I..vYx4WLVEBcNxdXCHU-1776950253.926486-1.0.1.1-6Urw0NxUxkFoW2Wo5fqKYddC1wj95CAGlvnCfkUh3T2MJNbFGAPjs_Ewt7kEy6JAHvvO5IULTIQaIaUa37bAKhpvQzpXemMFy.ltbqFA74lwTLEErgdYY5YpI_BG4QyA; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:33 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=O6KjqopvqU%2FjFCpFe7IgVyb9XDps7Mp1c7Gg715b7a%2BR%2B8sYAEZD%2BcUVZP9y%2BXXv%2FVZpd4ktutL70dJIB3hSPWTEIVhAeojri8SfML3ET4Mub96eOM1siVu1OYfMJI4SOTJUSQ%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=3,i=?0\r\ncf-ray: 9f0d262dea5e56b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":968,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (548)","md5":"ee02509bc8771a663f7b3ccab6d13c33","sha1":"0fdde3e73867ec0f9289a463a5e0884d6d9731d3","sha256":"8ce1bd8828cd63aa0fc068abfd854b9c11a3c2938f9285a3dfcc823f932900c7","sha512":"b81178082f60d68ecc5565dc1bcd32a011086f33e2e50403c0cc7a71f8c5a81d6c912be2c3543b0e0b5d525c633cee39faea29f246b850f93971d36b91c0756f","ssdeep":"","tlshash":"b111bd575368de74859e0eb24989a4640df5430a5a0cfa28b9b54c3cf12949243efffb","first_seen":"2026-04-21T12:24:48.901741Z","last_seen":"2026-04-23T13:21:42.221848Z","times_seen":4,"resource_available":true,"data":null}},"time_used":230,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":230,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69e6f4c07ce/js/twk-runtime.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:31.402Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 06 Mar 2026 09:33:33 GMT","end":"Thu, 04 Jun 2026 10:33:27 GMT"},"fingerprint":{"sha1":"F0:6C:DC:32:63:CD:34:E3:15:CD:7F:77:F5:A3:64:E0:9B:36:95:83","sha256":"B6:7F:6E:A3:69:3E:0D:3B:04:3E:8B:65:86:7E:1D:5F:82:84:18:16:8D:AD:72:D5:51:E3:46:BC:BD:CD:BC:38"}}},"request":{"raw":"GET /_s/v4/app/69e6f4c07ce/js/twk-runtime.js HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m.gallabet1075.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:31 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 03:54:36 GMT\r\netag: W/\"0c199dd28c0210b90a43b358644fe9f6\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nx-content-type-options: nosniff\r\ncf-ray: 9f0d261f3be932fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2306,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (2306), with no line terminators","md5":"0c199dd28c0210b90a43b358644fe9f6","sha1":"54dd8bc2265fb1a30b18deed37b2041318ff6b92","sha256":"66ace4797cb7c73a99420a2763471f4bd182cab38f0ca27635c7fc5000a03188","sha512":"6b9dc20d585dcccff465f66b76f465bb7dc5547943b1676070c3f22b0e38fc6925b2c826876a22964b0b7ae16045d7a3d3b891a5b6c5f708f1c2485dacd82279","ssdeep":"","tlshash":"374195d936e4f9b6834318e1043fa016b6353976497be8c0531dd8f5bc79c45811afb6","first_seen":"2026-04-21T04:02:24.302032Z","last_seen":"2026-04-23T17:55:40.665392Z","times_seen":772,"resource_available":true,"data":null}},"time_used":148,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":148,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/Tooltip-BxyEk8_4.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.135Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/Tooltip-BxyEk8_4.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.gallabet1075.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=Z6zLUYscP2.Q6pySgSuGsjnptdnKNaLdR6OmktTLE7I-1776950254.0808794-1.0.1.1-SFvweT.Nfw2vtrSEQlC0fsVG8F55h1T5OJ5LCMIjrJR2huvTq.bEGstWZEdsSMez8f_H6CgaDieuLETPTaeHiM3wZPUveIfGYJ3Ah7iedUGauJqPN_nE7j5e5cai61af; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bDGSqdTxF7sis5ERsFpCAUvnwah31KJ7OV8DhDFSrN%2BXHLdzhGZxkJVmpEyXt7yj02SZnO83a181OipNoeBRiMJ9zql5A4IjWihBZRkynv8ctKy73XQqJh09BKUGhKVIML5HKQ%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\ncf-ray: 9f0d262fbca556b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":819,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (818)","md5":"1bc8d21796179e001b4a17878a32af96","sha1":"09ad98308811505e38b2708695aa4637a517b411","sha256":"abce98c3d30f7ae4c36377777ebc8f059710382987c75131d66ee1b1f6e69428","sha512":"a8edddb8ed281a34f1b29f3d4f75e6252f85f350f26c5888d420b7e86b3a9dd54b6ac77afd8884e9b6334bd49bb7758fe0af8131e4d3c90b5ffc8e6f6b37f487","ssdeep":"","tlshash":"a001ce46e022fbf8e276549a142d866d72632a6c7e2f59f16038018e0aa4984d317b8a","first_seen":"2026-04-21T12:24:48.930431Z","last_seen":"2026-04-23T13:21:42.211627Z","times_seen":4,"resource_available":true,"data":null}},"time_used":111,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":111,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"go-cms.gallabet1075.com/api/public/v1/tur/partners/751/components/4273/contents?use_webp=1\u0026platform=1\u0026country=NO","fqdn":"go-cms.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.462Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /api/public/v1/tur/partners/751/components/4273/contents?use_webp=1\u0026platform=1\u0026country=NO HTTP/1.1\r\nHost: go-cms.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m.gallabet1075.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/json\r\ncontent-length: 668\r\nserver: cloudflare\r\ncontent-encoding: br\r\ncache-control: no-cache\r\npragma: no-cache\r\nvary: Accept-Encoding\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=6D9l43qJnF1RfvUsM0htPDV_OPdxyB3KGq.TrYHucqc-1776950254.429995-1.0.1.1-IJ0MZpfStZzr4u7KWGM6dLNpYlfog.NU2MJsrqH6U_QSehP.MWH0pxMQleYWCS_D3lna9k.Ffx9Epq.K0IFFCvnWOTby32uZt6Sh42doyU1cr2kcz6E7slgF3cn5f5iC; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gzRX21xaG1aYsYftweCQ1ldqde5DgBVcOnVqsjm%2FXAUQboceJ37klJB9CWFTORhlPt4N2MY3y3tnp3goO88dXztQ9l7fC97s9uCSmKatweiszNjSkDLNdlX4e6AyoarrSarwHvEyvGal\"}]}\r\naccess-control-expose-headers: Content-Length,Content-Range\r\nalt-svc: h3=\":443\"; ma=86400\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE\r\naccess-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization\r\npriority: u=3,i=?0\r\ncf-ray: 9f0d2631bf1156b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2178,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"80e36b13f42bc25d4d6d155cbdeef0eb","sha1":"412b570458bbe7b0cb9dbe39a3ec05c4ffed0583","sha256":"7ac2b940c65a1babbceb939b03ab3c75cbee36ba441648deb3335d68021b4944","sha512":"3a8990ca492f72f9669d66b4838944c03c0056682521dc4e39b14a7fb476c9af26ab1e42be56f3d30d994ab25220750d5033aaa71236d6728b12edb6d01b79e1","ssdeep":"","tlshash":"9641bb13b42c9cba5b543b40a0d3394ad9ad5847ec0f9570cd498f8d92ea62ec6d33d7","first_seen":"2026-04-21T12:24:49.032925Z","last_seen":"2026-04-23T13:21:42.092482Z","times_seen":4,"resource_available":false,"data":null}},"time_used":228,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":228,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"go-cms.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"go-cms.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"go-cms.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"go-cms.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/DisabledMarketEvent-D3Rzd1b4.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.863Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/DisabledMarketEvent-D3Rzd1b4.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/assets/LiveGamesWidget-iPe0Z4pg.js\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950254700; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 503 Service Unavailable\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: BYPASS\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EwA8drEafFd3csERnoTzCkHlGW53JZEr1EcESzSFIltj4%2F95zPwl56ELVgDi02G76dpGN3HPh1t4zfJEv8KOr8DSSctvgcr%2Fz8U1AQ3z%2BB6p%2BMmQiCE4mdllie9%2BRpAvICcz6JU%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f0d2634bb7656b5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"503","status_text":"Service Unavailable","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-23T18:09:27.649541Z","times_seen":14112422,"resource_available":true,"data":null}},"time_used":80,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":80,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/expressOfTheDay-DphuSM7z.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.879Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/expressOfTheDay-DphuSM7z.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/assets/ExpressOfTheDay-43DWSrHP.js\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950254700; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 503 Service Unavailable\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: BYPASS\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hwdtwjqmEqBBQnZN3CHbbrJCPjjgo0dupEMx6hXQhayyoEDOzks%2FmkBC1sq0wyLuifLku8s%2FPP53B7jDjBy1BiwUQLQEH6%2BANl8ROD6c1wt348vdG9D%2BSUW7sL2CVQB5N4ovsPA%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f0d2634dba356b5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"503","status_text":"Service Unavailable","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-23T18:09:27.649541Z","times_seen":14112422,"resource_available":true,"data":null}},"time_used":71,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":71,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69e6f4c07ce/languages/en_dev.json","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:32.092Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 06 Mar 2026 09:33:33 GMT","end":"Thu, 04 Jun 2026 10:33:27 GMT"},"fingerprint":{"sha1":"F0:6C:DC:32:63:CD:34:E3:15:CD:7F:77:F5:A3:64:E0:9B:36:95:83","sha256":"B6:7F:6E:A3:69:3E:0D:3B:04:3E:8B:65:86:7E:1D:5F:82:84:18:16:8D:AD:72:D5:51:E3:46:BC:BD:CD:BC:38"}}},"request":{"raw":"GET /_s/v4/app/69e6f4c07ce/languages/en_dev.json HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.gallabet1075.com/\r\nOrigin: https://m.gallabet1075.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 23 Apr 2026 13:17:32 GMT\r\ncontent-type: application/json\r\nlast-modified: Tue, 21 Apr 2026 03:54:36 GMT\r\netag: W/\"73eea1de9215521cb137b51419ba55a9\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\nvary: accept-encoding\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nx-content-type-options: nosniff\r\ncf-ray: 9f0d26238ab55685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":10839,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"73eea1de9215521cb137b51419ba55a9","sha1":"a8876b573146cd5450adc92a5450febea8d33f22","sha256":"df1d970dbd95be40780e8c006102fa7892bfe26bc989ee0c9222b089038542ee","sha512":"277849fa8a9d59430663b5c1aac29a198436731ab59bc5968ed9fcfb839f00a31e6e278c3c78547f6e1c20d94847963375de011be6493af268a7bac25cd15257","ssdeep":"192:ImwHq/LrnzPLEgIE1iN+xiDgGOy+HpVHnKWyay8V1K5Av+cE:s6LrnzCE1iN+xkDOy+Hp8/5Avy","tlshash":"c7224269ce504ea702c29647399f35437624429b1f54382eb78891ac0f8ec6f71f779e","first_seen":"2026-02-18T09:54:55.751197Z","last_seen":"2026-04-23T17:21:01.267288Z","times_seen":13502,"resource_available":false,"data":null}},"time_used":152,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":151,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/GoogleTagManagerTracking-CdCbiusO.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:33.789Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/GoogleTagManagerTracking-CdCbiusO.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/assets/index-By9i3a2L.js\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950253701; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:33 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=BrQZxIIOapqa2lz3.fdUrFUksio3m4Adem_VlOZbeSQ-1776950253.9339547-1.0.1.1-Ms296iqTLA5urP7p7CUAUN0abhhTfYhXv_E2EZKvtQawMivL9w6iQrTfE32pfq5byT1eimIBEM_0xcUqRy87TFbJLoiyzwK3CrVAslR8FBXyYoMrwwuCcADkj0nxXWYq; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:33 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9RUDxnECGC%2Fp%2Bx01%2BhPAxXdhckabeMLoDkU0har8R6RsA%2B3MTMcN5ZUtWVTjfok5aX6y%2BW2ae8dUSNCOpZzFHWxGtyHBhnz9sVJGiacBIl7JNGKH36sBxnMkvuV3MSomJixOSQ%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=3,i=?0\r\ncf-ray: 9f0d262e0a8056b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":21773,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (20471)","md5":"5d9e93426ec57249fd88745e9754c532","sha1":"529a3ec4a06dca386a2993fef6d4cebac1491cb7","sha256":"9e37d98b3fb5dc90d44ad81bb553aca186d59be34d2517a3991be1595feafcee","sha512":"14b18f8a2e347b10614046f90e1b5b3c8c76c4f2faabbd918ec2c2ff7ac7a177776ada8f413921475991ddee5179b971df31b6aade5a4d3d2f2374fdbea1e53e","ssdeep":"384:wbiHYqBlsFPDVPoZVe5mze5IiWVyoxJUJF+FOndK3pqyuQNJg1F0TQOmJNwizwTr:oi4yKtoZVeo66iWVyov8MFOndKqyuQN3","tlshash":"12a2bac7f9a548a0b5bd1fe81fc2528635b1b69af49144707c9e7c0c223cc4ef2b5a69","first_seen":"2026-04-23T13:18:15.323347Z","last_seen":"2026-04-23T13:21:42.153679Z","times_seen":2,"resource_available":true,"data":null}},"time_used":235,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":235,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"crm-lib.fasttrack-solutions.com/loader/fasttrack-crm.js","fqdn":"crm-lib.fasttrack-solutions.com","domain":"fasttrack-solutions.com","tld":"com"},"ip":{"addr":"104.26.4.72","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.887Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fasttrack-solutions.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 25 Mar 2026 06:34:08 GMT","end":"Tue, 23 Jun 2026 07:34:07 GMT"},"fingerprint":{"sha1":"6A:FF:CB:88:7D:2C:21:DB:DF:9C:CE:23:37:4F:33:97:B2:66:83:F9","sha256":"D6:89:30:57:7F:09:DC:DF:2F:F6:56:BD:C5:FA:DD:99:4A:6D:A6:D6:C0:95:94:F2:71:EA:ED:8B:67:DB:6D:46"}}},"request":{"raw":"GET /loader/fasttrack-crm.js HTTP/1.1\r\nHost: crm-lib.fasttrack-solutions.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: text/javascript\r\nlast-modified: Tue, 14 Apr 2026 15:08:56 GMT\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: 6O.0HUoXLOwOEnwCtcVk0GNsJ3GjijfF\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=SKklgsgI%2FFWN44JMuaGXArLd6nL0PPr2zxbU42rDiHKNWZufLAzmWXx5%2F%2FriZ%2FoSH7qX9AJUgbsjTDvd4NHMV3Ui6pAi8ZQ9NAMOryS3nZu3BC%2FQ8RN48E6BZLaPL6VvWC7t77uCF9aBQKVgJgOAjRQ%3D\"}]}\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 8c3a87d110aff35fe17513b9a9ad30cc.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: E0oOj1-Y1VstTbOi0EsF18r4Dkaq8BUmy7PqNqXA_qRgCwZIJE8HEA==\r\nage: 195\r\ncache-control: max-age=31536000\r\ncf-cache-status: HIT\r\netag: W/\"0a3e94e19b384b80fd4132b3735bfc8f\"\r\ncontent-encoding: br\r\ncf-ray: 9f0d26353a83723c-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":6791,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text","md5":"0a3e94e19b384b80fd4132b3735bfc8f","sha1":"ec1475a09eda97a5622d7c5bc2d650c86314eb2b","sha256":"5c5fdf18e27f2ac8aa2ffbef0573c2280601802831df99d50ad86c51b57ef402","sha512":"84eefe0c0c2ac4755fbda71d622b0ee74447b5c1ffd35e740c1710d27b110167b2692ded7c311d5b8bef5360d24ad5f03382580eede0d9b6a58ef239b71fff2f","ssdeep":"192:/XKuPlMK5EbbbCWuUD7Z4ac2tMOx5YemndU25i5ObHwxaf6pedviiA:vKEiw8n1xDt4atx5Ye4ymr//A","tlshash":"9ee10e5c39f394610a93351f033be115f3b6e533221eec41b9dc8968af54667caa7d88","first_seen":"2026-04-17T00:47:10.117791Z","last_seen":"2026-04-23T13:40:25.954125Z","times_seen":16,"resource_available":true,"data":null}},"time_used":81,"timings":{"blocked":24,"dns":22,"connect":3,"send":0,"wait":14,"receive":0,"ssl":17},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"galabet.winwingames.io/anjou-js-proxy?seal=02503637-3458-4264-a556-a663e82c28cb\u0026domain=m.gallabet1075.com\u0026t=1776950255182","fqdn":"galabet.winwingames.io","domain":"winwingames.io","tld":"io"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://galabet.winwingames.io/","date":"2026-04-23T13:17:35.185Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"winwingames.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 08 Apr 2026 22:12:39 GMT","end":"Tue, 07 Jul 2026 23:11:19 GMT"},"fingerprint":{"sha1":"90:7E:2C:27:B0:AE:B2:70:1C:09:CA:A5:EB:B0:ED:3C:FB:33:60:E6","sha256":"D1:CE:FA:9D:79:3B:F6:79:1D:CD:A2:97:87:52:B4:4C:7F:63:B5:FB:4A:22:66:FE:29:5F:38:F5:74:60:9E:46"}}},"request":{"raw":"GET /anjou-js-proxy?seal=02503637-3458-4264-a556-a663e82c28cb\u0026domain=m.gallabet1075.com\u0026t=1776950255182 HTTP/1.1\r\nHost: galabet.winwingames.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://galabet.winwingames.io/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:35 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=300\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=k6vlqlXhxKkuP7C8vTyU3V32ZvnsavqccTBysxy4%2FSXMNJKIRi1CwFiOENaewfwrugxq6RhN6%2BK%2FjCOMTPG%2BJIqzEn3o31D8A4oNTeevDlT0%2FNW%2B27Es4kaqJ5DsC6EZJeE30zEYufC8\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 9f0d2636f9cfdfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2929,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (2929), with no line terminators","md5":"007c145028306eabb4a2555a0a82c1fa","sha1":"8bdfff8161632ad451ff7240a5f33570f00dc09c","sha256":"cf8aeb24cdb79c796c17f32df387a0c5bd67eb77f7cae228529b434105c2e1a2","sha512":"ab45a927a69b94ff8caa3fb8297c157cdf7c94b5929011cf682b76db8f60d3d1ad66d2eaff9ea1b4d36837a21400250f538ba8bb0f0a534ed798a0da1cdd3d22","ssdeep":"","tlshash":"5d5188ca7ee441e933bbf5ab696b20ecd23b64c737d14899773444a07b00e34ea96135","first_seen":"2026-04-23T13:18:15.355847Z","last_seen":"2026-04-23T13:21:42.210368Z","times_seen":2,"resource_available":true,"data":null}},"time_used":250,"timings":{"blocked":11,"dns":0,"connect":0,"send":0,"wait":239,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/BetslipButton-kdf82NBZ.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:33.736Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/BetslipButton-kdf82NBZ.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.gallabet1075.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:33 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=gvUXR6CdiPBmmuPznbAsEkAKyB9d_AlX0cKI_UJ8B4k-1776950253.79485-1.0.1.1-VlGUDguXE_TnHNlRPaUq3Pk91olRdSzPyo9kxI.s3EVx3mOUIkbWBbsLoz9UvYPfsl4G9wqfZv10.Zd0dG4dJQhZ.1ILZRyrzYDOmvr06iHz010mD109iC_8J.aXlGTc; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:33 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=99r8qF06r1kPYL%2Bsy9IjaxqK4bqrpdQaRzJzWx87gGnd6IyRCa1a0e%2BCjZkbH08YnuIl5LQc9PXDfSoVswsZ7uObuQf7UPnhDlPU5K9TCrVm0q3lhaPSbj3pbjVtCyeew8M7lw%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\ncf-ray: 9f0d262dba1856b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":418,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (417)","md5":"4b8d21182d8c4b955630a1c97c1378bd","sha1":"7e8954c2467d6ea9892e1b4af8d48791da08b9c4","sha256":"53476b4d35bfdf0b19098ca1197216bfe0a8ff916b22208bcfb475f4e713657e","sha512":"cf38dba2382349c9bd2aae9cda8ede2399b559f3284ec65b4822cfe7613e4fc89803312e1fb079212afa7d617dfe9ae57ade0e750348e3edeaf3ae1e3a89c35e","ssdeep":"","tlshash":"68e0ab87c508c2fa07421d92200bc121382755bca340f98180ad28613b34999845ee2f","first_seen":"2026-04-21T12:24:48.880755Z","last_seen":"2026-04-23T13:21:42.113809Z","times_seen":4,"resource_available":true,"data":null}},"time_used":126,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":126,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/jackpot-jNbP6Duk.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.101Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/jackpot-jNbP6Duk.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.gallabet1075.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=6Gs1ejO6tZnWO_pSJWhQdI4HOfiZg9OYLzcv2llj9sg-1776950254.191511-1.0.1.1-KKSrDggjbT7NTQ2gmoVs4k4Mrc4kTJuX7swt12ri.Y4btefGGNUQXu24UR6tAcgmD1qDyCXyMh0gCkGfzJPEvl6Ux6D3B9mP8WFc04_xZK28Ax449tq_aastHx5Ft23D; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0JrppIyF5Bq8ro3Yt8GNAR%2FZJ5U35HdUx8iCtpMo6eo9vhcp1bwBJRGYSiOorrosiWO%2BU8MH0Zs%2BmbQdwu1JX1raevVGNMS4l03nr7%2BWvtmpJh%2F7cc1YeXbnmu9eng3Vtj5zvQ%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\ncf-ray: 9f0d262f8c6956b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":376,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (375)","md5":"c4e89512f1192d8bdeb452c2cce992bc","sha1":"1d30070e7d0ed0838dbae22c81c41430fb3d0d45","sha256":"4a7f2a8747580d38cb522b361b5cc73a8ebcdb6690f3f8d92d7dded5be8a36fd","sha512":"b548c62816c00d3df156b43a8e608d5d7de55931f121ecfda4e7296e5cd65208ffaf60871ba3b035cd43b5e2aae82b0965329a8c9b5a0821de5a23fbdbc12626","ssdeep":"","tlshash":"00e068eed8c08dfb967007552bb018840e2416ca101ec9e4be2672611800b8828f8239","first_seen":"2026-02-24T14:23:51.255604Z","last_seen":"2026-04-23T13:40:25.968605Z","times_seen":47,"resource_available":true,"data":null}},"time_used":247,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":247,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/getLiveGameAdditionalInfo-Bn5y1a93.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.858Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/getLiveGameAdditionalInfo-Bn5y1a93.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/assets/LiveGamesWidget-iPe0Z4pg.js\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950254700; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2050\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=r5G3gCdTB.cID9ixCQxSfx2y.ZvKfxKQ2AxwK7tZLMg-1776950254.8944092-1.0.1.1-g1G4RWA5jxbZvPVJTEY9IgKjvrAPZ5vnla1Ovc61xfpS42Si1bRT7GsH0WSOa02MU54Zku1BJ5p5hY3pLv_yfj6jJJ6ghEwgG4a49sqEcWuKUzCjdAtsxRmL5eZ1Bxg_; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vei%2F%2B%2FHH%2BykwkrIDsLn%2BJYWExcJflJbKqnrgwMFalOOyXmgyLw9UXqWikr0Ka%2F8fXFKJ9mOy0ZFV%2FadxgF0eyTWiJ0onxIcroN2vj2pbYqou87hBENOxsQC1hOSDIPMc%2BU624Q%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=3,i=?0\r\ncf-ray: 9f0d2634bb6c56b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":1150,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, Unicode text, UTF-8 text, with very long lines (1148)","md5":"8b743c5d72844c3db6164a2a1f684358","sha1":"e2b4e8733e2d176b5e0f2b2b3189221f475c421b","sha256":"dfa7b4b99866043001b4c7d477256cedac63f2e95dcf2308cde374d13111915f","sha512":"d78cfc2f29330f3f33bfcac2be9a20e7b9a0b56054ac138d2642499694c9a8db4595fba66f2a20cf63ffc93129110474f6c7926dcc35dc20fe332f78cee67654","ssdeep":"","tlshash":"e82114b6606e92bfb5da4d945ab01b31a2b5ba09394445ccbb3cc9091977484a7e203a","first_seen":"2026-04-21T12:24:48.897175Z","last_seen":"2026-04-23T13:21:42.164014Z","times_seen":4,"resource_available":true,"data":null}},"time_used":116,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":116,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"va.tawk.to/v1/widget-settings?propertyId=67f6eba3c3ea8019132be7be\u0026widgetId=1ioe8gtih\u0026sv=null","fqdn":"va.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:32.088Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 06 Mar 2026 09:33:33 GMT","end":"Thu, 04 Jun 2026 10:33:27 GMT"},"fingerprint":{"sha1":"F0:6C:DC:32:63:CD:34:E3:15:CD:7F:77:F5:A3:64:E0:9B:36:95:83","sha256":"B6:7F:6E:A3:69:3E:0D:3B:04:3E:8B:65:86:7E:1D:5F:82:84:18:16:8D:AD:72:D5:51:E3:46:BC:BD:CD:BC:38"}}},"request":{"raw":"GET /v1/widget-settings?propertyId=67f6eba3c3ea8019132be7be\u0026widgetId=1ioe8gtih\u0026sv=null HTTP/1.1\r\nHost: va.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.gallabet1075.com/\r\nOrigin: https://m.gallabet1075.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nx-served-by: visitor-application-preemptive-7glp\r\naccess-control-allow-origin: *\r\naccess-control-max-age: 3600\r\naccess-control-allow-methods: GET,OPTIONS\r\naccess-control-allow-headers: content-type,x-tawk-token\r\ncache-control: public, max-age=7200, s-maxage=1800\r\netag: W/\"2-113-0\"\r\ncontent-type: application/json\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ndate: Thu, 23 Apr 2026 13:17:33 GMT\r\npriority: u=4,i=?0\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\ncf-ray: 9f0d2623aab65685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2871,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"5e1359a206b558eb9e7027c81c83345d","sha1":"90b03fe068ea35af971f2360280fc81f9c5dab43","sha256":"26ea49882fb44aaee9d63f14b95cdf4f740a65868ec99f0821d8003751f3478a","sha512":"105fe102940ca1d63ce50db4641b269ba67de79efc7ac48857c03228d51fe796c239fc388b33887a6d580a1f66389af46af781c46f9fa4922d961ac981778f4d","ssdeep":"","tlshash":"7d5131244a15ac7ca3cd81d371de7b23a93de022e3886d1df1a85d3993eb68d216171f","first_seen":"2026-04-23T13:18:15.358061Z","last_seen":"2026-04-23T13:40:26.099658Z","times_seen":3,"resource_available":false,"data":null}},"time_used":1848,"timings":{"blocked":19,"dns":0,"connect":0,"send":0,"wait":1477,"receive":352,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/ButtonWithAction-DSAfkmWo.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:33.733Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/ButtonWithAction-DSAfkmWo.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.gallabet1075.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:33 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=TUtGB7CbdKjAq2cxCMeKkFNbC5ci4KlMTrUMtYcYFEw-1776950253.9161484-1.0.1.1-Foe0OIVEWaNKzUrBFYR3gEcei5kv6uSNXIYPTwoetr89ruejBRhu8trfm7kONm6CdFIffFECnmulTf3Y2edKASwj1rWCZxe0ZOZ55ia3uraMSrjB.Q9NkDhDaaa3RzQt; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:33 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7x12%2B2CphR5vC7JDkrM9WtY3xRj1JrbdeGyxSxdTPANhXA9OouW81Fv9qB5NGEbAk1gpcbLgajMyJoLMiV%2BQitYqD%2BbbKBF%2F9NEAtr3OfBe4SpDy6prFSF7RwAOSFDzdRKjeUg%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\ncf-ray: 9f0d262dba0a56b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":267,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text","md5":"c4f4b4cf0623482ad6e165220287590a","sha1":"b6a866f3afbabcfadee5aa2e02f3f7886ee4a8fa","sha256":"5388b7316d931812f63ee58ecf67a9fd397a30258736f961919fa686a91a8aa2","sha512":"fe0f37dbc2aeb4281152419dd6962702fa59beb4a63fed2f8efff7c35f135bc6fa706ced3318313bb55a80ae282004208043ee64720cfcb0fb2f660e3f025498","ssdeep":"","tlshash":"72d0954f5441d3f903d37db0a12fc1212a155d64e7d48941804c1450373195d805ff2f","first_seen":"2026-04-21T12:24:49.021237Z","last_seen":"2026-04-23T13:21:42.109803Z","times_seen":4,"resource_available":true,"data":null}},"time_used":264,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":264,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/CasinoTopWinnersWidget-V5-R6cR2.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.136Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/CasinoTopWinnersWidget-V5-R6cR2.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.gallabet1075.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=4z49K817XcUJR68gf55ACzfjUcgM8MI6zkFIn3NiOrQ-1776950254.217383-1.0.1.1-d0RSvleUeNJeUbHgx.XZoHbJWKtyS8.9iTZsM2S3QkeJeM1sHPRuJ.PQxBpWfv.LfZW.Ib8VSwkBzR5Gr3CgN2FhgeGBNKX9vhwzYIE2ALQX32mbrZLtGTjwvZkraBng; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FAWrqpU0Udwz0n42uCfXiCtHDE22RusYj1v4ECLkqo1RklBhuciAUsWQoaEl2aO%2BIJfyvJE3%2BeWeDUnXhaEtazE8ldWNnh5AHm%2BQXM3aKmpDEEvLGP%2BYlU8jzlegteXdd%2BQ9OA%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\ncf-ray: 9f0d262fbca856b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":2702,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (2701)","md5":"bea6b670a780fc65e39f0a0ebe6e565b","sha1":"41e427cc4127c97ed09232444fdaf0767cf32b95","sha256":"d6412710f818cd5d46a5f268811a25c01b710078086407999b40d08d5b93d3ba","sha512":"b2bbb5298ed420d48e04efb70e13a2d4e70c19673629296ac53ec5f38fb93fb75bfa9af74cc76d93457a84df84464d452c5790bdee0bc9a0b9cde984d0b2e3ce","ssdeep":"","tlshash":"49513606d0008e7cc3578dd67c654019aaa50aabd5307fe0e5bc1a118f345cdb58e7ce","first_seen":"2026-04-21T12:24:48.88207Z","last_seen":"2026-04-23T13:21:42.157792Z","times_seen":4,"resource_available":true,"data":null}},"time_used":239,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":239,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69e6f4c07ce/js/twk-chunk-3ea2c7ce.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:41.245Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 06 Mar 2026 09:33:33 GMT","end":"Thu, 04 Jun 2026 10:33:27 GMT"},"fingerprint":{"sha1":"F0:6C:DC:32:63:CD:34:E3:15:CD:7F:77:F5:A3:64:E0:9B:36:95:83","sha256":"B6:7F:6E:A3:69:3E:0D:3B:04:3E:8B:65:86:7E:1D:5F:82:84:18:16:8D:AD:72:D5:51:E3:46:BC:BD:CD:BC:38"}}},"request":{"raw":"GET /_s/v4/app/69e6f4c07ce/js/twk-chunk-3ea2c7ce.js HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 23 Apr 2026 13:17:41 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 21 Apr 2026 03:54:36 GMT\r\netag: W/\"52698c6dc96b5f2bd13e8f921334e398\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\nage: 206537\r\nvary: accept-encoding\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nx-content-type-options: nosniff\r\ncf-ray: 9f0d265ccd04b509-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5504,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (5496), with no line terminators","md5":"52698c6dc96b5f2bd13e8f921334e398","sha1":"eb0adbc44ebc73775c5cca0a3851e8a6510d360c","sha256":"37527b07ac54a4567d7e23bde1edfde8ed74c4f30402c96fb56f4c0020c6af42","sha512":"032e41ececcfc651f34c235d15953baacb81e7cfaf492dd919c7fca2a7c49d507ae4a60710064c5419df70eb581254058dffbf1d0d4c53ef47d87bce4e036524","ssdeep":"96:60WlCWYW5rugkENQdx0hZUASzpqrcHZ73abT3Qlgjm6i5cCEsK7oGuyGwDf/2/5N:XBTW5qgNQdAR7c573abF8cCEsK72/5N","tlshash":"b5b11982b251b4668ab5380045cf6f07b07baf4f5d09cd50d783e4a3b230c5a9667e8c","first_seen":"2025-11-13T12:40:48.559139Z","last_seen":"2026-04-23T18:11:58.674847Z","times_seen":28972,"resource_available":true,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/pageBuilder/homepage.json?v=04/21/2026-12:07","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:33.627Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /pageBuilder/homepage.json?v=04/21/2026-12:07 HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/tr/\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950253481; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:33 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 14:17:33 GMT\r\ncache-control: max-age=3600\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=uRfR6UaYbmAHb55h7psC8QzYaa44mqSS51GQgMs_pEA-1776950253.6848934-1.0.1.1-DtuEF867mAFoQ9kenlzdEK2xmwg8cqkh8Ehp4gYO_5wnpRiMeMF8TlVQek2nG1vQ7K7k1NJtpZKCr75NFoAN0QetU54unYOnkKUJV00VaPizFwxlUK85zyKn.gTY5EQu; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:33 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=T4QVEmxxfn20F%2B8Ship7tEJ%2BiApUZJPLWljH4RRneEehv5FzzgYj7%2FZ7kgs7n4KyXthjr3pcqa6gToDpwqZlkmQUp7cEtbIiqTb8Ht11R7DYIQA688OSd40Lf0WnTHEDxsCJQg%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=3,i=?0\r\ncf-ray: 9f0d262d294a56b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":3356,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"4cd2a54635ad9be3d812895fc7014677","sha1":"03468bdeb0c2ca9899f03ede3a039d0c9a541d13","sha256":"f73d43e247fd37d6b3aab89e1a2f0f33d4fbf58eed33fffbcc40622243117d4c","sha512":"0b1c9cbd0f9aff25596856b51c3a3f80de1736ac76bd65f475f39ac96d348f93f93546b4f9501ebe1c402806fcc5b6df091af75861ed21c414a3ee913d561113","ssdeep":"","tlshash":"ea61ce3d5800eef8b3a08a33d28227815655c879d788485c5cedda68d3fe2de1594fbb","first_seen":"2026-04-21T12:24:49.100076Z","last_seen":"2026-04-23T13:21:42.225312Z","times_seen":4,"resource_available":false,"data":null}},"time_used":162,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":162,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/FastTrackTracking-C80GL_Ah.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:33.786Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/FastTrackTracking-C80GL_Ah.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/assets/index-By9i3a2L.js\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950253701; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=Y.R_n9HmXcwPdstkUsWsjPgTxJEwJLpgLoJI2BzZ6Ik-1776950254.0260968-1.0.1.1-GVoe_tuBGnphkCPvi8LPhWNUmwmVUJPBt.GrcEaP.uArWtV4UWdp6miKV7hjhUa0.30n3RqbpHTxdvabiDtTl7.9Fm1BjAbyQGztkOFtlD.Lr5ZVXueZ5IAMk8dfpABu; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=92edMgFP8JkAFmVs0pr25xqmSE6YzGe6fNFziuCjgcKpcLpPYXQ9oCFAoneKGzG1%2Fzteehi%2Bkgdq0gJlR%2Fhn%2B6WNsF9ZHJ4KdB6%2BPOPosMvmACFahLUSdGzUQykmP5qTLuPPFQ%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=3,i=?0\r\ncf-ray: 9f0d262dfa7956b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1385,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (1384)","md5":"44402e6c809f993a91be813f29131dc4","sha1":"0671bbefcca323b5a50859522d160175bbe76ba3","sha256":"1d295d131e759ef01fed7c13a6c9c25b30a03064b0b29952ff8f0bd1c6c5257f","sha512":"c9dee0cdde4cc36a00231a4e2e5f5719d5263ee852a5b7c14884a31fa15d1e0e2d297395c45f6cc45ed61cc3edd1c1b039f26721354694350db91356b2e84945","ssdeep":"","tlshash":"5421410f40f482f93c800e4ea2e7e2a0967e5539702dd4a3b17a0bb82b1c245d3dac93","first_seen":"2026-04-21T12:24:49.030129Z","last_seen":"2026-04-23T13:21:42.195985Z","times_seen":4,"resource_available":true,"data":null}},"time_used":325,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":325,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/LiveChatInc-xfcbsjSt.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:33.793Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/LiveChatInc-xfcbsjSt.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/assets/index-By9i3a2L.js\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950253701; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=zWSIf8G6OwQ63TwZiW_45Yt7vYJZR9UBwmxyPldNdK8-1776950254.0382419-1.0.1.1-uRgDRCSaqpYWDJry90.zqTWTY72WIqk942lq3pvW73LRoVKhatoYuKGIpWFwgeWZuLjTeAIzFBLKdCdugVVJsHAyyMtmHb3nrkH0N1pzHk0scXuVf0x1ojN.YzZPEprX; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZotuTbi13y6me5rnN760Np0WXKiU9z7xno5jZwiYo1pmYLBozeCM7kGzqmeHSIBW5q9OEAM9ZqClreUEIuiy0%2FDGCnCtOj8T6huWDKc34GjyC3vaDopUssasskIWp0F6zvK1Fg%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=3,i=?0\r\ncf-ray: 9f0d262e0a8756b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3140,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (3139)","md5":"4a23a3152595007dee34bdb1ab005e38","sha1":"6f9e4dd1d3ac1c2c7a25b3dc3cffb4facc178676","sha256":"636431594cccbdcad77265ee3c2031bdc1bfae03b70859d5a69e99e01a6d07c8","sha512":"cf1e244c74669b5ec1e9f22edbf6b702f72fa5c4774dd4ff68538430d661cb332fa6ce03f8715c2443710d29bd8d443e6231f2322aa76e8ba02619b327fb1c02","ssdeep":"","tlshash":"1b51979de03874b4a37967e6323b771f32165a14a4484cb0357c4f166a0b58b8076eda","first_seen":"2026-04-23T13:18:15.362972Z","last_seen":"2026-04-23T13:21:42.203253Z","times_seen":2,"resource_available":true,"data":null}},"time_used":342,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":342,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/CasinoTopWinnersWidget-V5-R6cR2.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.588Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/CasinoTopWinnersWidget-V5-R6cR2.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/assets/index-By9i3a2L.js\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950254443; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=RuVFx6dZNrUbDmq23vAN3VaAZORsPFeUihiEOH4wckk-1776950254.6284072-1.0.1.1-03CbheevqfPbRLPE_PG34LWSltZ_9nPU2Ba3Mc.WfXMMZMxKt8v2q6dLqblAyghZcwkowXbK.Oa6_XjEVWKmKkqaTu4JqavEzfl7bgW3JBxNlZBRoDuHm04CQ4KqBIkb; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dCnt%2FUjDCJiDUshbPluShfg3nLZH9u6tl%2FTY1WVzpoTGIPUryRbn1Tp87USYxMxk6NwvAOb%2ByNktiV3n%2FqZTEYabpLaFvYjbrdiZhP%2B7bFSNUgALjuONW4Lo7SY4YDRuTkee7A%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=3,i=?0\r\ncf-ray: 9f0d2633192e56b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":2702,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (2701)","md5":"bea6b670a780fc65e39f0a0ebe6e565b","sha1":"41e427cc4127c97ed09232444fdaf0767cf32b95","sha256":"d6412710f818cd5d46a5f268811a25c01b710078086407999b40d08d5b93d3ba","sha512":"b2bbb5298ed420d48e04efb70e13a2d4e70c19673629296ac53ec5f38fb93fb75bfa9af74cc76d93457a84df84464d452c5790bdee0bc9a0b9cde984d0b2e3ce","ssdeep":"","tlshash":"49513606d0008e7cc3578dd67c654019aaa50aabd5307fe0e5bc1a118f345cdb58e7ce","first_seen":"2026-04-21T12:24:48.88207Z","last_seen":"2026-04-23T13:21:42.157792Z","times_seen":4,"resource_available":true,"data":null}},"time_used":114,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":114,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/useJackpot-BgMStqQ-.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.873Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/useJackpot-BgMStqQ-.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/assets/JackpotPoolsWidgetContainer-DiFR-VGp.js\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950254700; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 503 Service Unavailable\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: BYPASS\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=cjLW59rrfLicOu5zXtmj%2BlUD8pj2G0iOUBnmhkKCXmCSkN4Ezbgj3MsorJmTXG7jcoZm5qSdqpjdfrzUzbrr5s6vxB1gWRQoG1pj1MAU%2BhP7iAn9Bj%2FT3FSroBzTkNVrI2UqMJE%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f0d2634cb9156b5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"503","status_text":"Service Unavailable","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-23T18:09:27.649541Z","times_seen":14112422,"resource_available":true,"data":null}},"time_used":73,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":73,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"explorer-api.walletconnect.com/w3m/v1/getWalletImage/e30d09fe-c0dd-4b61-81e2-d6dc09eb9700?projectId=45f4062f4f6427f9e6eab952d2452b3c\u0026sdkType=w3m\u0026sdkVersion=js-2.7.1","fqdn":"explorer-api.walletconnect.com","domain":"walletconnect.com","tld":"com"},"ip":{"addr":"104.20.35.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:35.013Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"walletconnect.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Apr 2026 19:35:08 GMT","end":"Sat, 04 Jul 2026 20:34:55 GMT"},"fingerprint":{"sha1":"29:D9:EC:AF:28:AB:86:B5:F5:38:A9:38:B4:CF:23:E6:E6:9C:63:04","sha256":"83:7C:8B:D4:F5:FB:85:02:A1:F8:37:D9:53:80:6B:8E:C0:ED:FA:F2:DE:40:56:27:B6:C1:31:C4:A7:8C:01:8D"}}},"request":{"raw":"GET /w3m/v1/getWalletImage/e30d09fe-c0dd-4b61-81e2-d6dc09eb9700?projectId=45f4062f4f6427f9e6eab952d2452b3c\u0026sdkType=w3m\u0026sdkVersion=js-2.7.1 HTTP/1.1\r\nHost: explorer-api.walletconnect.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m.gallabet1075.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:35 GMT\r\ncontent-type: image/webp\r\ncontent-length: 2472\r\ncf-ray: 9f0d2635df0656aa-OSL\r\ncf-cache-status: HIT\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=86400\r\netag: \"cfSFghIByqO-qpSeiAGASfCVErfmDcyauXnchu_YTSDQ\"\r\nserver: cloudflare\r\nvary: Accept\r\nx-wc-r2-status: HIT\r\ncf-bgj: imgq:86,h2pri\r\ncf-images: internal=ok/- q=0 n=17+5 c=0+4 v=2025.5.1 l=2472 f=false c2=0\r\ncontent-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'\r\nx-content-type-options: nosniff\r\nx-robots-tag: noindex\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2472,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 120x120, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"c9bbc32ce28fd80253987f2e1f0be287","sha1":"ac50a6c9aaaa9a3fd32f610e9858fecee25be6dc","sha256":"9b9632ed8ef4f6d25483053b956d22184ee488efd3f8c22e0ef2626b974475cd","sha512":"5863d7231d17d3edf58896ef5332bb631d9a5c27d06fb934be7653a6847b8918e92ccb66090e97c8b96f5bd51b3c9ae112d2c4eb9407cfe8f617da98ea3d3dd0","ssdeep":"","tlshash":"f8513b2e28bac5e8bedcb4ce2f90883a3283b7511ad4c45552d80854e35fb41a1db0d8","first_seen":"2025-03-01T08:57:15.902828Z","last_seen":"2026-04-23T15:12:40.119732Z","times_seen":2496,"resource_available":false,"data":null}},"time_used":466,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":462,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/index.769yoiwx2cdm.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:29.948Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/index.769yoiwx2cdm.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/\r\nCookie: SERVERID=s2\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:30 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Wed, 22 Apr 2026 18:40:22 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69e91616-1d69\"\r\nexpires: Fri, 23 Apr 2027 13:17:30 GMT\r\ncache-control: public, max-age=31536000, immutable\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=JE6RldTXCYqGuG910jlxR5aSVb%2BKsvbc7A7QM2qUn0PWLhpQLrQO4Y3htFRFNH%2FUQBzfy7vyAPQkluZiZn%2FmJtBBkL2yEtv3fl2b34G2jMc5sXjFIYu1QFmHwwdloopIypPADJ4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f0d26162c5856b5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7529,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (7529), with no line terminators","md5":"b91c8b135f17b3670718a017fcdb3c90","sha1":"14bf0d508e6bc0f79a09e645be9e75a88c39e66a","sha256":"bdd852c0015c888ee1109a9d941e1678fcb4a86ccbb3972e8b667f11c6a1ba93","sha512":"4aaa6df6b29bf82325ac3ec103c4f3304ee8b1de4ca29a5ef0a64c1f73e1fd9a8f4f32b0acdf42698fd8fedb0453134496543d1c5dcc9dceb8f430f284da634a","ssdeep":"192:gtqC7TOEkpEIjIcteLw9RND+J653Qzo+FG11/gvz/g4UciIV:gtqC7bctR9RNW7grgzQciIV","tlshash":"ddf1d7a0f6b188fc13e6338531fe8f4074e9211a780e0455a93c8fb42be5ccb2552b72","first_seen":"2026-04-23T13:18:15.364876Z","last_seen":"2026-04-23T13:40:26.036238Z","times_seen":3,"resource_available":true,"data":null}},"time_used":226,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":226,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"galabet.winwingames.io/","fqdn":"galabet.winwingames.io","domain":"winwingames.io","tld":"io"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:33.607Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"winwingames.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 08 Apr 2026 22:12:39 GMT","end":"Tue, 07 Jul 2026 23:11:19 GMT"},"fingerprint":{"sha1":"90:7E:2C:27:B0:AE:B2:70:1C:09:CA:A5:EB:B0:ED:3C:FB:33:60:E6","sha256":"D1:CE:FA:9D:79:3B:F6:79:1D:CD:A2:97:87:52:B4:4C:7F:63:B5:FB:4A:22:66:FE:29:5F:38:F5:74:60:9E:46"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: galabet.winwingames.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:33 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KuY6LvXXHllwR%2BbIOVl8gXLYya2nFMVS8po7M9lz6f0yGJAPe6XEl2j%2Byz6%2FOP3%2FbO8Eg2B4lpg3QW6z%2BbIF1RGyuPXxw0rq02eIJJHdTwOqDE%2FDw98vYAGxVypyGulZLCP5emtKFNUE\"}]}\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 9f0d262d8e96712a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2821,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"ed84599d293d187c97aa6f88754332ce","sha1":"f950f5294b5fa13bd1c3950e5cb28b1a2ee241fc","sha256":"599500c94c302ac02594dd87a6652eb51a9f45042f0fc5fc2bd2f3935f8fab81","sha512":"d94fbe4938b707b2595582d942cfd27ada4874b5be459851f77dc5371f705af81eada3ddc170697813c2657a8404f1303b8777279f716eef4ebe08fdce284cd7","ssdeep":"","tlshash":"71514f3646b21421436710683babf31ab23ad2433689e9447edd93005f85f68d9b3bde","first_seen":"2026-02-24T14:23:51.260409Z","last_seen":"2026-04-23T13:40:26.028952Z","times_seen":37,"resource_available":false,"data":null}},"time_used":415,"timings":{"blocked":78,"dns":50,"connect":1,"send":0,"wait":253,"receive":0,"ssl":30},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/RunningLine-CH7nI64D.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.870Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/RunningLine-CH7nI64D.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/assets/CasinoTopWinnersWidget-V5-R6cR2.js\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950254700; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2050\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=dCnMgYWDGKfPNFVZCDRnYL_0PhTYioQrCNETVJjiZ3s-1776950254.901148-1.0.1.1-oIOqYSTMD7fb9jndYNOpRcaXXdD.LXmtQrNAzsck8Uv2ZArM5b8bZ_rhDXAvdyrsyAAbkFULcBD70W_uHXh51thHrIv10Y2bGM_OOZsr2XsuD17nixEiEsP96uZxmnZo; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LW0o%2BzvokmwG4arxMeDFywHrKZZ1AwfA4BJEdbfapAdPYpguRvnTPRwVUr6xpMI00NmefxPpCvqmtSjMboymJyPODLVR8JVwrGyrblmXSijA1nxPLoF1xiug%2FsqzRppDhiwhmw%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=3,i=?0\r\ncf-ray: 9f0d2634cb8556b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":995,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (994)","md5":"6bcdb91f80d37da6a2e4a7bb6f6e3ef2","sha1":"bba04b041ba9ae72e22e24a501c5ec69d5fef686","sha256":"2af1a90f48dc3ca8cc3ec86abfbbcd85ec472a3de25b8bffd271952f5a8ecf4d","sha512":"1d9bc593e2faa93f543a3cc084d1c0e8cbb9d6b0c50894dd8ba196bb395c255048b902e60178488dbf6fdcb288b165eb30bd308e6b6a9171fec01b82edd4f06e","ssdeep":"","tlshash":"ed11c2569015f6fccaab06d6b53e040c299701a5fe175d90e47e18562a29180bf37fb8","first_seen":"2026-04-21T12:24:49.009967Z","last_seen":"2026-04-23T13:21:42.084828Z","times_seen":4,"resource_available":true,"data":null}},"time_used":112,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":112,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/index-DNoJruNH.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:33.749Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/index-DNoJruNH.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.gallabet1075.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:33 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=qm1PhJWKYf8jzHAhSYpkBarPBl8C8Fl3dHqJv63YoWk-1776950253.7951145-1.0.1.1-gYpt.EzerIwEk8b.MFezG6BIgdBxMbK4bDHCvR.zKgXPuNky_CYggWbxj8MghLTNSkn90t8h6f0toHAOW7dJhvI_ANCy0faCmQkQ3m6GtjP6Bxd0337CSI9MofsgX___; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:33 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zLBiM%2FuyD64d4H5tQsZ6pRmRDnVt0qNwiiyOZKwNoUDNGdfX3x4vJ%2BRoLtKkx4PX%2BExeizAYt3hX2t%2B0o0DC3SpzZwN3rNuPzNp17wns0Zl4uLo%2Ft5QDb0S7dlOG3hqRfHYGIg%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\ncf-ray: 9f0d262dca2f56b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":5948,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (3085)","md5":"7dcd3c17ffec3af71ab56d113ac4c8ba","sha1":"8091491c5770791fa28e7aef0aeda85aec3a387a","sha256":"7acab49a2e3d824dc194d2eee3402945bddcbf42026240627ca8d9ddd108bc23","sha512":"c01ccf0217c328b24597c1092795b3bc4730b84cc7fb72d2779cf10fbf90b5510d4c0ee622ef7009a10b4dbf7b185450b9e45bf6af4399a77a07e64fda5658d2","ssdeep":"96:z1SftCFV7h7FHpokS73s91v2InwLRiTCHUgAaQKFu0FdWpA6u6PEDdxrOq+IHv2E:2+kiOHva0FdIuSEDdxP+Y2j8Eu","tlshash":"56c1b75631906530c6d344a6914f42aeef3e6638f00f50a0b23f9c6d3ba1515d6a3ebd","first_seen":"2026-04-21T12:24:49.074623Z","last_seen":"2026-04-23T13:21:42.22463Z","times_seen":4,"resource_available":true,"data":null}},"time_used":185,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":182,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/CasinoJackpotPools-KN1b5yYb.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.135Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/CasinoJackpotPools-KN1b5yYb.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.gallabet1075.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=O88YGIxy5eXDqyZefTJ9qrhF4eKlnLm_g1ZMlrZVJDE-1776950254.204297-1.0.1.1-DTeYuH8o6dD7ajKPqKkdgF7mxiEPvHT_CIyQyx2gQU9Ptof3.ol0NYaR4LiJt3C_ZzLIAns1ULM6ji_UJxZz7zmySyD5KWJZOxlU2OtLAfTeDG2gwfuwdfOFYaJiEs_N; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KauTE8GLU%2BHMeB196X1C%2FS6FQX1K1oM6YukfVPQyEVnuXBxMIKC2cYgWp0ljKVdeZ6PvZ1VFrtTV4wm5aWfkn9nRppIPENHYsm%2BFRew6gCTSpK6OgUBTBCt61BGe%2FvpVtGaYHA%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\ncf-ray: 9f0d262fbca656b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":951,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (950)","md5":"c7641e21acb04ca46b3240c69bc0e9e9","sha1":"15289450c67bbb58ad7ceeca1e758eeac307c743","sha256":"9dcbf02b33d6d52cd8b80aa0a37ef006775470184050e9385851111bb20f7803","sha512":"e51b1bfd88a1e4fa3545da0668d0c33e405af695569a3807a1783879002671e2fb0a84a2ee9c8eecb5679f1e92d6d97633d0eec6d61196508c734cd377c1b886","ssdeep":"","tlshash":"001121cb706fe2f8d59c18e180a4521e033c2f39f61092c0505c0b3897a1457f579bc2","first_seen":"2026-04-21T12:24:48.87158Z","last_seen":"2026-04-23T13:21:42.121531Z","times_seen":4,"resource_available":true,"data":null}},"time_used":219,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":219,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/HorizontalNavigationListItem-CWrC71fV.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.154Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/HorizontalNavigationListItem-CWrC71fV.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.gallabet1075.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=vVjfwL513zuRxjEWdiRTtwgavK2FkHhpHFOorFNG.ng-1776950254.1208448-1.0.1.1-Pkk3PWOx7fcxYyYVllvAhcElSVWRNXNgJFNGTuuIL22nF2oAsybJEjHcSZw48lheOqgigOwkx8yLmDzarUUXEVJmjdmHPJdDmskdFFHLMZM_r7z0RjtalDl7l5ztlpOM; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bCYENHLyjG1IGTYTIWJJbvi3XfM3GGgI5pl5vSf3F9dqHkyNDQ2wlsEQsD4MPIZQ3pDIGTo%2Fx7%2F2vm48l2gUOPYRRkHCxU5iV1BXU2FJwPK0XYNILZt5qz89VLFCsqqdIKLQYQ%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\ncf-ray: 9f0d262fece556b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":835,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (834)","md5":"af8a8f32218fa186710b4c346897f119","sha1":"28bdcb466974248e4fdad615090d10e8178db51a","sha256":"94c5a4406442328428ce239ae79e35a17048122e28695857983f126a1c4f142d","sha512":"cfca7922b2bf931f048f826ddfa2513986322801af3eaf667dfb09f7f1629865b81e5cf5f5af9e7aa672f10d478ddef3c080777fbb71f236f224c8bd4da23073","ssdeep":"","tlshash":"0301ce16f004dbbc9a2b48dc9b4e1045b2964affdf382cf1a4f4a0011a384467947fcd","first_seen":"2026-04-21T12:24:48.981785Z","last_seen":"2026-04-23T13:21:42.166531Z","times_seen":4,"resource_available":true,"data":null}},"time_used":117,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":117,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/BetslipControlsNumpad-CAXDjwGA.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.178Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/BetslipControlsNumpad-CAXDjwGA.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.gallabet1075.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=fA..MteM_HOhGdDj_VPeyc.WYt9RSNtsh7aYq71Yzpk-1776950254.1397-1.0.1.1-TEsYjidYprbs9q4rwglJzFpeYLpAY0GAyHm7Lqrg1D_jMvvRLoAex72sQm0B4KBgRJ2Uqu6wUYC3E7Kqwp2UNNnLQcBWXPjunsP39UvRwxIFlQn_Nlkj3o7whc_myEDF; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RnQxI9UJS1xfbSVLQICv0JqKwUhWz9jw%2FE%2FEbvdhfVP1guBZRczDbg7XvVA2NpaebmskN58z6kqHCMLw285yp%2FEKtswlqCRuPtl2asGRzQwTb5Biy%2B4D6oABhG56zYUad7QJng%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\ncf-ray: 9f0d262ffd0556b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":2607,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (2606)","md5":"afbb768c0fa9bbf5976fa3307a1fef58","sha1":"02db4f7af2328930f9a45486c6729248e4b0f88e","sha256":"890a2650543c557f657c8b7e22ffb5a358fe1e418ffd255f364d849d093bec97","sha512":"0a543d0f22bc3f173d758d569d31f97bda8de35bdacaaf0de6e1d5113695575a5de2117690cfe4cc9373ecd90c1d518823323f9b46aa526a2f9b5159336a57c4","ssdeep":"","tlshash":"5551dc51b001ab7de6778aceb53e0020b00f2ba8d66811d7e47dac64bf6966570436df","first_seen":"2026-04-21T12:24:48.913998Z","last_seen":"2026-04-23T13:21:42.246458Z","times_seen":4,"resource_available":true,"data":null}},"time_used":124,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":124,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"go-cms.gallabet1075.com/api/public/v1/tur/casino/partners/751/platforms/1/games?category=28\u0026limit=12","fqdn":"go-cms.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.464Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /api/public/v1/tur/casino/partners/751/platforms/1/games?category=28\u0026limit=12 HTTP/1.1\r\nHost: go-cms.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m.gallabet1075.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/json\r\ncontent-length: 1282\r\nserver: cloudflare\r\ncontent-encoding: br\r\ncache-control: max-age=600\r\nvary: Accept-Encoding\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=PPHoZXToE68xBCpVvpyGe2rPMMw1kDbJ2I4xl57JZOQ-1776950254.429943-1.0.1.1-3TfC4bYLWCwSGbQm3RQ4_bp9DnjmhYjpQRSk5dkcqtI3dH1sMcyr9tgSs7mOCDj8WxHSNCtVomALDTa2hRPO9A4cFK3HTF.qsLkL7It_TPrKeYcMRs2XmOVRIV.erOIQ; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=uLd7AckrAHDLCZbakyekl41848VhgkcUseKzM%2BnmTLfGGYmOBugfv%2BCJS3pjRlsNZHRIEuYwwfxSKEg8hoF4gFE8ZyaHi2Vce1tEAkgxkVgADoBwX3eBtlZ9%2FdxkXJZMQjCoM0iJmRwH\"}]}\r\naccess-control-expose-headers: Content-Length,Content-Range\r\nalt-svc: h3=\":443\"; ma=86400\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE\r\naccess-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization\r\npriority: u=3,i=?0\r\ncf-ray: 9f0d2631bf1456b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6313,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"81cef0fcfc9f6204c1bb9618e43e337a","sha1":"6c823bea85f709522723fd581fb49eb1a3e48a38","sha256":"dd800e67b8cb4c4f0320a5c7ea5d407ea614f7103a5bcb6bbf9e676e6b6c42ef","sha512":"3a5bedd1c3459c50a22a0ec947b7b64f891b992b17f10baba4e1fc596f70d5cfac80ef377d5078d606cb19de1066b1ee2d8c74b997077e061525695765982e43","ssdeep":"192:EpSpFvUQpFCPXXpFC9iqnhhFCdaFCF/FZOBUBupFCOgSqn9NXp4t5qnkLe4/g2/G:UGt0Z0jTkoUtRf8fG","tlshash":"bed1f0894924fadfbb5a0948b4423c4cd97e13c2778d7d50cd968a5f60da0e512336ef","first_seen":"2026-04-21T12:24:48.963566Z","last_seen":"2026-04-23T13:21:42.24595Z","times_seen":4,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"go-cms.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"go-cms.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"go-cms.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"go-cms.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/gameDataProcessing-DhO6G1u-.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.854Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/gameDataProcessing-DhO6G1u-.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/assets/LiveGamesWidget-iPe0Z4pg.js\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950254700; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2050\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=66HF2eHql2kaC5wlsvIkner5R_LiCXxr6p94fvkZWCo-1776950254.8771229-1.0.1.1-E18kVlqNpMtGdeVl_0ccXkwknacOvSI7RMu0prwooLk_eqqDNInf3Poo2wtskK3RE3STjqSihQlWQR09p6RKh8Aqn4Bw1G85POIhjd4cshDUTSHSdLF5nbi_Ke0Z8S9a; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=njE3OzaWYwjTlgpbPUkPoKXUNSkOkK6RZV5X0S%2BLBtt6OXa8pf0gbKakC7xgo%2FD3FJX2mfdfzh3rwxSR2Xo9Wz0KzrwWa4cCF8mUQS%2F5kswtk8OyJZA6MdwtN05ZAQiVm8OGhA%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=3,i=?0\r\ncf-ray: 9f0d2634bb6456b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":17258,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (17257)","md5":"7d92add8b657e8ffc36532ff4e0b20c4","sha1":"ea6fa4217eca2597ce402372cf1a9c46d02f8258","sha256":"0f58f99cedf29a7eb280f7965407701e051623228442c7c65cdd239fa5697536","sha512":"01c712a4594347b2506e51f0ae0703c892fbc95b5577941162783a1351f62d19c10663715fae7ffe17a3903efe1bbe02ec93a7704db0071e323e7654d0357c42","ssdeep":"384:9wphrrZxhxlVz12awqhvTXDsB4Pzenac0aoK4A1n1:9CptXDe8Q5X1n1","tlshash":"a572750b8a024c12c97e4639c0ae15f1b9781b32e8b8cdd11a555c7afb5fa5b31e1738","first_seen":"2026-04-21T12:24:49.004569Z","last_seen":"2026-04-23T13:21:42.126028Z","times_seen":4,"resource_available":true,"data":null}},"time_used":117,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":117,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/fonts/default/Roboto-Bold.woff2?v=170","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:35.202Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /fonts/default/Roboto-Bold.woff2?v=170 HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/assets/index._m59fQOD.css\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950255167; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:35 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 74184\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:45 GMT\r\netag: \"69e7308d-121c8\"\r\nexpires: Thu, 23 Apr 2026 13:47:02 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\naccept-ranges: bytes\r\nvia: 1.1 google\r\nage: 1832\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=p5G8Ruw6PRtgb1QCW8D8gg6eldTi25a6DPPqWEbzJyE-1776950255.2369986-1.0.1.1-TdVewECgMnavfEW11Lhoo66NY4.QS.JbISQPtUCdkQEE_izbSHP99qS4p1_Od45OeJVuOqxONZAUVXI71Q6XRPrYtlhw0_l5abzSrQErFkvddAPrLImn7_MGckKV6viz; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:35 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lqZpLBVBwh%2B%2FjozNJ6nUEpsTL2IcYXRT0DZpAQDhB%2B8g8jHN3d5GVS1UE6MSxm8NqNb%2FpqNfXT1KGZPDJzmOHUealDQpUYkM%2FwyUqbzgPIvXWogfBgLpsWm7F1ZnMM9KNAVEKg%3D%3D\"}]}\r\nx-xss-protection: 1; mode=block\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\npriority: u=4,i=?0\r\ncf-ray: 9f0d2636fe5356b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":74184,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 74184, version 1.0","md5":"b270a087c3e5691e8dcd9c65c47146d8","sha1":"eca2667e8e4bde8fcfb4f7bf60bbb173b253f012","sha256":"a263682614bc107fe67de6eed6bd2e02a7225cba494c307732bb237bd5fe2e5e","sha512":"7377ab397d9ad4f74c194429c95372d83899fdb831cc2d63b80d84898be9b14e6b43889470ac2b5ef017989e5ab1d3d24b74dd461c9781c83e14dc9ad37b7b67","ssdeep":"1536:0VL7PKKoeF5SBEVL8FqoDceu/+6ab00LtFbsCbE7pr:IL7PZnqvasb0EtFbc71","tlshash":"3a73017c44e03055ecfded5b329f20a3ca3863e258d59e88fe79099d1cb6bb8118b449","first_seen":"2026-04-05T07:31:10.868394Z","last_seen":"2026-04-23T13:40:25.938517Z","times_seen":21,"resource_available":false,"data":null}},"time_used":319,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":152,"receive":167,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69e6f4c07ce/css/branding-widget.css","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:41.385Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 06 Mar 2026 09:33:33 GMT","end":"Thu, 04 Jun 2026 10:33:27 GMT"},"fingerprint":{"sha1":"F0:6C:DC:32:63:CD:34:E3:15:CD:7F:77:F5:A3:64:E0:9B:36:95:83","sha256":"B6:7F:6E:A3:69:3E:0D:3B:04:3E:8B:65:86:7E:1D:5F:82:84:18:16:8D:AD:72:D5:51:E3:46:BC:BD:CD:BC:38"}}},"request":{"raw":"GET /_s/v4/app/69e6f4c07ce/css/branding-widget.css HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 23 Apr 2026 13:17:41 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 21 Apr 2026 03:54:35 GMT\r\netag: W/\"fe979c92a5ad992510e5629b84a23526\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\nage: 206480\r\nvary: accept-encoding\r\ncf-cache-status: HIT\r\npriority: u=2,i=?0\r\nx-content-type-options: nosniff\r\ncf-ray: 9f0d265dad16b509-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":19329,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (19281)","md5":"fe979c92a5ad992510e5629b84a23526","sha1":"4fee6cd9de53fa82feef4042aa83202f4cd194a5","sha256":"de84306c96c98314e1a796f26df99a70f20590c535a678215d89560007b4dacf","sha512":"633913cef35247da29e85dde7c279353761606e6c508690d4d5924aa89f563354e44c51b053f785800fd3b599feb8fd2d69a2fe55162b4ccab95c84f8ed8739d","ssdeep":"192:XeI2u2acuBLZNgxYe4fbfYLFFDw25lYVRgtUramxi71NZcFRKV7:uTTacuVZNgxYe4fbgL3w23U3xi7vD1","tlshash":"af92dca3b9e310dcd557c632c0d1f67ca82f9a24c357c6e3a9037bb986827d7264198c","first_seen":"2025-05-21T12:18:34.239407Z","last_seen":"2026-04-23T18:02:33.570647Z","times_seen":29385,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/RunningLine.DYr_M994.css","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:33.963Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/RunningLine.DYr_M994.css HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/tr/\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950253805; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nvary: Accept-Encoding, Accept-Encoding\r\nset-cookie: __cf_bm=xtf6TpGBAHJgBQl.dwP0eLbID3Wj9gyk4u5ArmOB_NI-1776950254.1506233-1.0.1.1-hnhPWv3ryXZLLU7QuFnw88CkgaBikH4KkY5W.wY2yeaJIgXFL.HSZZnptn.iW0nw1dDN88VRJQjtrtRz8pWD0cvsbEbl5pQAc9vxkuWm1o1TvaBqmJhmhSYKSujHk4w2; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mvOv%2FKU7zILX0qEj6xfEgjEc8OWCpyZjOZVlnbhwRKgBNaSKq5qiE1ALVCisCLwK3Czaz%2BkqtaqIXSu79fbrRrA7rxAkwZQU2LzYyq91D1Fc44YeMPRLDoq9Pe597rZNZhUzww%3D%3D\"}]}\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=2,i=?0\r\ncf-ray: 9f0d262f3c0856b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":2968,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (2965)","md5":"6821e39dcc86863c6a566780d4517c28","sha1":"d2b04c9643ecea6a6f888c197c8614865d3d1ad8","sha256":"5e60af9525776da8e3f7dac0aa0bfa478a5a4043273f00413a06df4c15469cdd","sha512":"44cda4942b5ca915669fe30d2a0430f090cc05ba2611c77764b072efda5942fcc20533069848d525a8da0495513d60c1e1b5fdc89df7d60a28eb44a9ed581fe8","ssdeep":"","tlshash":"4251eb02843624a457f3af2b7fe0935c9c2051bbce111e5ee89f166f03626d42a777b8","first_seen":"2025-10-03T22:46:16.696159Z","last_seen":"2026-04-23T13:40:26.046576Z","times_seen":56,"resource_available":false,"data":null}},"time_used":256,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":256,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/GameDetails__platform.D2S0gxBF.css","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:33.991Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/GameDetails__platform.D2S0gxBF.css HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/tr/\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950253805; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nvary: Accept-Encoding, Accept-Encoding\r\nset-cookie: __cf_bm=.sMHa4R3csQzmOr6K0UCJ2V7t6u3Ono1qobZOOCcxs0-1776950254.1332655-1.0.1.1-ifse4X0WNMrwFTZVIVHk6k0h4InTXWrdNTKlK.R4MZSm2A7oWjQX8VZkHBUC6r2QtoJm8RMG.88KufR4S5YrDZjPCPZsh4xKzbI_3kBdKUcxWFrNdRc6hJdaatIX.ZE_; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Kfw%2FohuLpaouyZMKmjaZaLivOnXCj8u2LLFktjLFnRxSbROmsG1B0IM45H59ogh6Rn2Oq7QUO9eTxYbCYyEVoMjb6heueLTA8TmG0njCERKKHC%2BIYtqOUIy4vk8t9inu1BCZjw%3D%3D\"}]}\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=2,i=?0\r\ncf-ray: 9f0d262f3c1756b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":47023,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (47022)","md5":"89f043e42887006b424788d51ec090b7","sha1":"d4d50584c7b2079e5960f5d48728da3098cb233d","sha256":"88dc821b38c13a603f1feaaa9177fff429f10f4322a0b40e6b3ce2acd213bd89","sha512":"73c4e9190e0a20fca7ef717db1be40da03ad4906faa296534b789ea6f9162fbe3c0a09f4ca7c51b87a7ac117b7b4180890c79230e78b936a593f5dbaa612af8d","ssdeep":"384:e41xmWxMkf/UPcM0S4Huj6Yo7lCRoAgFWhwBbHg6zpNS64cqCatJqJU2oAHP2KG:5NxFsPcMQuj6BCR76zpmJqJU2tOKG","tlshash":"3823432be69d4a9eb03b9427236c7a8e5344e28bee206d3c7ad2af7d74447041431e75","first_seen":"2026-04-21T12:24:49.097401Z","last_seen":"2026-04-23T13:21:42.222579Z","times_seen":4,"resource_available":false,"data":null}},"time_used":261,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":260,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/MarketSlider-BVrbva_v.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.200Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/MarketSlider-BVrbva_v.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.gallabet1075.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=sB1lvNLjZ4kiC5msfSIYpkwA6QWgWw67sYK6CQnTimw-1776950254.3116045-1.0.1.1-d26IkSRUDJmL2OkBjC52LpnN2e0YklO.03Z03M_xT9kl6zja8dL7Ce6TOy_n7wDdA_8mDmpMHzJYE757EOj3Hr4pzmmgkEbhYIdATzVI4LSB92wbw88zrX1ATtzbZFSg; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=g8H19xPmLCHf0PYfyhGvg5ks8KBiuxFzsmRI67stRgeq18%2BpIfcD2%2F3%2FiUrG%2FLdqyHmyjvet5%2Fii1gpPfEYxq637j0qb%2BjmvR30BqvPS983bRkHEtyppUq4S0QpYKfSJT80fyA%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\ncf-ray: 9f0d26302d3f56b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":699,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (698)","md5":"4e46f6f2adb9e911987e05d839d0789e","sha1":"258094b1669b4c50fb6c694fca472ef42cf28306","sha256":"0926899db74002bb6a8a6ebfe890d69d802b2c6a0022f09f517fba863940c2af","sha512":"6e47510400dc885c5a0f2a654ade997cc9cb93f4cdf6ae5ef955d3bc69fac22fcd375a6340cf80dc03a17270b7a3ff7edf00867b3bbfbd3e8c004d51f8c821cb","ssdeep":"","tlshash":"7c01c0cef400c67982a5058ab2b5ad4017382595b71091f0b07a0ed55d60c8dd2defdb","first_seen":"2026-04-21T12:24:49.011851Z","last_seen":"2026-04-23T13:21:42.189142Z","times_seen":4,"resource_available":true,"data":null}},"time_used":273,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":272,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"geoapi.30btcoservice.com/?type=json","fqdn":"geoapi.30btcoservice.com","domain":"30btcoservice.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:31.861Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"30btcoservice.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 26 Mar 2026 09:12:29 GMT","end":"Wed, 24 Jun 2026 10:12:27 GMT"},"fingerprint":{"sha1":"B9:1F:75:76:BC:B9:7B:E9:F6:0F:E1:CF:47:1E:70:58:3D:CE:72:DA","sha256":"98:10:14:28:C2:C0:43:49:EF:BB:28:85:FD:58:58:F1:2F:F9:10:20:89:24:83:E2:40:E7:73:03:FC:A4:08:D4"}}},"request":{"raw":"GET /?type=json HTTP/1.1\r\nHost: geoapi.30btcoservice.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m.gallabet1075.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:32 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\nx-powered-by: PHP/7.3.33\r\naccess-control-allow-origin: *\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MPNg4e%2B7gTXRAqiwHkC%2F1Yd8BQCM%2FjoAaNDCFqnmehCqxfJnaJz5ZE%2FhxaEx6P8qPZhZe6gbsFbIu%2FnxCbkNqG%2FcT3rNDJjQUU9nRsUdrKvTagbu0GR43yaJF0c5pL7U404mP2moyQuK4iE%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\nset-cookie: __cf_bm=vSgB0HW5LGgOnNc62CE4.nLhirJT68bQ.ds9SnH.FpY-1776950251.9410284-1.0.1.1-tWdwGfkKFebEnRN4dUDkYGvKgBKM_yZpEoyNnZ1nwspGwHB4K_53ZyS236Z.EZvJGfy0T2FGtyaSTqCuBS.2ZwMkjnuaffKCzjtEtxWFMLhS7SlNuPPpJ_V.DoW97ROr; HttpOnly; Secure; Path=/; Domain=30btcoservice.com; Expires=Thu, 23 Apr 2026 13:47:32 GMT\r\ncontent-encoding: br\r\ncf-ray: 9f0d2622a94fc272-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP:7.3.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":201,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"JSON text data","md5":"ae0c7b15f7b07d5287f4f56fc107254a","sha1":"dec4cfb67f23a362cf007e3414411a871f42f8b4","sha256":"e64d2e0a65cac499cbd1024efbfdd31a982c7a1d825de1b2bdcd6e4001e7854b","sha512":"74b1f188e6f60f077ee12e4556f5d70f415e2e0f89f8c513a50df271545efc9d30f25d65a4ff4acd1cf25c60d0a70fd5664bfd72608ac1b75237a02981991b8b","ssdeep":"","tlshash":"c0d02218184d8d8aae34c2882a4fa9331ab220ccc28f40c4828aae31c3d86ec3288840","first_seen":"2023-05-08T13:32:10Z","last_seen":"2026-04-23T13:40:25.923253Z","times_seen":133,"resource_available":false,"data":null}},"time_used":237,"timings":{"blocked":78,"dns":40,"connect":1,"send":0,"wait":81,"receive":0,"ssl":33},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"icons.gallabet1075.com/svg/Promotion2.json","fqdn":"icons.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:33.615Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /svg/Promotion2.json HTTP/1.1\r\nHost: icons.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m.gallabet1075.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:33 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nlast-modified: Mon, 30 Jun 2025 11:14:12 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=AodGA5SsIKKdRu3pBVVS6YHYOyoD552SYW54OrjS6as-1776950253.8584323-1.0.1.1-LrjHUP_4Y5cKtGLlk86qfjnKbJ3QQhtp0l6AtMnA2FpgXA5WuTqzOfRZzU9qJYcKPbxItkQAEJKDfy9udUkRjUyblD6oW0WVOq.d.glK682WDY5Vn2l0OkVBOZsfJkjJ; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:33 GMT\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=x8YDoklwOdtFtjL5agiRY4%2FAGBGPszEaeTAro6tpSHEcjc1G8ME0msWp%2BM%2F%2F2ho7VeruTmPMm7aCbMzV%2Fye9BX7A8wYKn9qOicbXn26BLY7H5uK5KbE%2FU1zE4%2FvLbMgETh78QUHFulk%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\netag: W/\"68627184-382\"\r\ncontent-encoding: br\r\naccess-control-expose-headers: Content-Length,Content-Range\r\nalt-svc: h3=\":443\"; ma=86400\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE\r\naccess-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization\r\nvary: accept-encoding\r\ncf-ray: 9f0d262d5f9f56b1-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":898,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"31cbecb2c7e793078b4a8e43100c2e33","sha1":"e073b0e09fcd4244f6c86b8f22206a46c4af9f3c","sha256":"a7ec0feda0f0f44aecb09628876438cf31a3d33de7393d25fc1b39d6251bf104","sha512":"6762313ddd6985ca71ea5e90b3a05664d0d1a3cebfafa6da07ebff76f62a3c9634d17ac226a4fabdc606ddc5c7c7adbb4628f3e0c8a30d5e5f96e574266d2242","ssdeep":"","tlshash":"7a11cce88739e7b438cd1f4f9a3d4dcf3614261a683de034e73eb9c4a61391c652119a","first_seen":"2025-07-08T23:44:04.701479Z","last_seen":"2026-04-23T13:40:26.044893Z","times_seen":139,"resource_available":false,"data":null}},"time_used":387,"timings":{"blocked":41,"dns":28,"connect":1,"send":0,"wait":301,"receive":0,"ssl":14},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"icons.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"icons.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"icons.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"icons.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69e6f4c07ce/js/twk-chunk-common.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:31.400Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 06 Mar 2026 09:33:33 GMT","end":"Thu, 04 Jun 2026 10:33:27 GMT"},"fingerprint":{"sha1":"F0:6C:DC:32:63:CD:34:E3:15:CD:7F:77:F5:A3:64:E0:9B:36:95:83","sha256":"B6:7F:6E:A3:69:3E:0D:3B:04:3E:8B:65:86:7E:1D:5F:82:84:18:16:8D:AD:72:D5:51:E3:46:BC:BD:CD:BC:38"}}},"request":{"raw":"GET /_s/v4/app/69e6f4c07ce/js/twk-chunk-common.js HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m.gallabet1075.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:31 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 03:54:36 GMT\r\netag: W/\"ef55c2917fa4b612d40fa52cb9b37853\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nx-content-type-options: nosniff\r\ncf-ray: 9f0d261f3bd532fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":241661,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65458)","md5":"ef55c2917fa4b612d40fa52cb9b37853","sha1":"548208300127646c9b1c4fdbd48f339529085cc8","sha256":"c98465427daa15ca6b0fd2babd8a0589f0e572a919ca414e6feed77469db117e","sha512":"085155ed16045df9fc364d150b803ee63ebf9e50a4f0c7a26ed9b8fd0588702237320fe15a0fd4ec0bac12307303872abb39f089e0da4648979517beb0a75d00","ssdeep":"3072:tiEIYgAYqhzhT9dyWFW1WfifM4AOqMxzjQi4IzxLMz9YZ15:tXyWFW1WKfM4A0xvZLMz9615","tlshash":"c634c69df186b47606a37130501f320af23a685ab45ac4d4f636d8e1bd789cea133f79","first_seen":"2026-04-21T04:02:24.315761Z","last_seen":"2026-04-23T17:55:40.617896Z","times_seen":772,"resource_available":true,"data":null}},"time_used":305,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":305,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/index-BJ21FeBp.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:33.360Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/index-BJ21FeBp.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.gallabet1075.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:33 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:23 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=YEfzJYbWQsz5_dfLYA1tPWTqtnGOFmlNxZ85sPYXBTQ-1776950253.4007826-1.0.1.1-fhgHF.Vn9XqY9BFcT2j7ISCs41yVEtkhVYMv8dY55c9VweCNPs8VHdG7eqHdNLgplVHqLq1ynfbotLDkwZz7rFlRSVsj7KwdfwvsZ2bVR6bQXdvGsF9AXv4WSQJ_qon_; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:33 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=BNNijFvZSrzPf81Qg6Ch0YYXaQ%2B6dS04rA9AF8knwRXqQaPU%2BpjE6p2x0CwgcFStRxMH5oOlZuJxHjak7%2BXrboKrhxBWj0wVMf6HhyT1PGdiOg2t5cRRgzzOPuRMzxJ2AnWQow%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\ncf-ray: 9f0d262b8f1d56b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":157556,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"9d93ecfbc55243109c8742160b35e284","sha1":"5cc1c573dbdd97cd1d0e239ee4a3003a49f64094","sha256":"aab1b4236679b9462c2c99e800555e4f4bf526bedcae296c4b33af62be729000","sha512":"59545f5311a35a7aaffdf5a0d5c6a78740b3f08484da0e1f2bc38d6ff1c03bb7f92e04d2d7289a5278286fad774947b5aa9656cbe2c3bd6294dd5646f75a5d31","ssdeep":"3072:mQwaIFmmU4Hxsu9jbgkqJFHSWotoOwhWBx9/F1FV:VwhFHU4HNwFH7MoOWexZFHV","tlshash":"01f34ce063b4e17db603836e97e605e0e21cb444f729c0f4b6ed87f540c3599deaa629","first_seen":"2026-04-21T12:24:48.87453Z","last_seen":"2026-04-23T13:21:42.219852Z","times_seen":4,"resource_available":true,"data":null}},"time_used":364,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":305,"receive":59,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/ExpressOfTheDay-43DWSrHP.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.584Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/ExpressOfTheDay-43DWSrHP.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/assets/index-By9i3a2L.js\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950254443; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=0m3LfrySGuxOPh9hZqSm2zI6i54jy0HVhH8CkQkFBpM-1776950254.6058896-1.0.1.1-ryZge8c8W5nDEU0kouEGUycbnDggitKtw4LvSNN_3lrClJKQL5cheBIQBxRojTWBHa4AMEUL9cDh1Mt2TesvZPEHHtXGU6XGuBspTil8nIF7alujIujcc5e3Nd9m8YN.; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mwxMXr9TE3cxVQykV1hM57uRL5%2FLrnSvPJbtVWEwsfIisuzjy0Ka5sD0ncOy78IGDH%2FpElJt%2BLHytmtnmuhrYLykIDi95Po2QyHZMFuY8klsqaZPQSD5Rycu9pTdEFJunWX4tw%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=3,i=?0\r\ncf-ray: 9f0d2632f8fe56b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":17705,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (17704)","md5":"29a4feba57dc978d4cacc40dd9c4484a","sha1":"9c5bc3381940ebb51fc21dcb34599bb7b3b44330","sha256":"2d0b096bfb50494d69b04b8dee99ca90e503795ad31e571a9c0bf43eb5c1e4c9","sha512":"56d290b4472b91cfaec323eedd93d2f80a711daa22a76009501f6e760f75ec0a3df4313e63416edff564e0253cad818a58745211be27e43e44c523d7e93697e5","ssdeep":"384:GzgLUxzpiANNygg/aazRObFUSczDwLhg8fTddMKnLLyHC4EK3CH:GGUxViAKgg/aazRGF3g8fTPdyHC4JQ","tlshash":"6982f856e009d67dda3e04ebbabe600530250ed8c26106e1a57f1c2817dc45636effed","first_seen":"2026-04-21T12:24:48.902861Z","last_seen":"2026-04-23T13:21:42.116675Z","times_seen":4,"resource_available":true,"data":null}},"time_used":121,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":121,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"galabet.winwingames.io/check-auth","fqdn":"galabet.winwingames.io","domain":"winwingames.io","tld":"io"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://galabet.winwingames.io/","date":"2026-04-23T13:17:34.601Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"winwingames.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 08 Apr 2026 22:12:39 GMT","end":"Tue, 07 Jul 2026 23:11:19 GMT"},"fingerprint":{"sha1":"90:7E:2C:27:B0:AE:B2:70:1C:09:CA:A5:EB:B0:ED:3C:FB:33:60:E6","sha256":"D1:CE:FA:9D:79:3B:F6:79:1D:CD:A2:97:87:52:B4:4C:7F:63:B5:FB:4A:22:66:FE:29:5F:38:F5:74:60:9E:46"}}},"request":{"raw":"GET /check-auth HTTP/1.1\r\nHost: galabet.winwingames.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://galabet.winwingames.io/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/json\r\naccess-control-allow-origin: *\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Lk1e%2B5rHtk%2FdYjwgGFQOzE%2FeOJ2sfVwRPS5mJzuE9sr0bIQASo1kX8rMTgrLk7SWN5ps%2Bw0Ed%2FtkKhZWElGojOhGLaFC1QZN3r12QYrqyHzcf7vb6RQapr3DBkp0HUD4kUtnD2mFnu7d\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 9f0d26332f5cdfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":19,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"0d0ef894fa1c5fc383cce96e2d857de6","sha1":"fe19a48e71f224e79f27804ed7d5632c065e5de3","sha256":"0b3443a9377c829f10dc4dbc281475c7bf89f141d56af637ad5c59b74d00b2ca","sha512":"988a2be034f9f80c25a7cdcbd2659e4310baea3e590b0f9fe75ac9d0d7b1d90a8e8b07f33fde07627f3f61eae405d36f9afd6cbd20061b3088ab844a0821abf7","ssdeep":"","tlshash":"4c70000202000222ea80000803002a3388008838832020200008a02000230880002802","first_seen":"2025-09-21T05:18:37.922942Z","last_seen":"2026-04-23T13:40:25.978603Z","times_seen":64,"resource_available":false,"data":null}},"time_used":244,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":244,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.blocked-domain.invalid/gtm.js?id=GTM-WL4QZ2GQ\u0026gtm_auth=\u0026gtm_preview=\u0026gtm_cookies_win=x","fqdn":"www.blocked-domain.invalid","domain":"www.blocked-domain.invalid","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:37.143Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /gtm.js?id=GTM-WL4QZ2GQ\u0026gtm_auth=\u0026gtm_preview=\u0026gtm_cookies_win=x HTTP/1.1\r\nHost: www.blocked-domain.invalid\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-23T18:09:27.649541Z","times_seen":14112422,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/translations/tur.json?v=1776950100000","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:32.228Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /translations/tur.json?v=1776950100000 HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/\r\nCookie: SERVERID=s2; TawkConnectionTime=0\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:32 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 14:17:32 GMT\r\ncache-control: max-age=3600\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=GTs6XlnrXdZyjn98rr0hXelaN4TCKKEaRe5UQQU2lk8-1776950252.272077-1.0.1.1-FJUtlvahzXp_4vjg93a6xy4py0O4BvduhX9bm4pElx58JxiuKJdKkmdwnG.E1Pw_qXjSH06M0DpLpl2gl6KJ8menGu0J4dBPw1lsp3hseMUkluNFfjmNRDm.OM2fAAqV; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:32 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RG8rrAtsjZNU5Ng9D2UK8C%2B0cStMSaPnKcC2VgjPOe2BMV%2B8Rlv%2FqYtqkJOb8g01gFF4h6wMyzA0qi2Hs2FJ625G8Viu7Kp2lrmnVgT99HpPH141JYcSckwNT0bnaDoJXtP5GQ%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=3,i=?0\r\ncf-ray: 9f0d26246ee056b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":200253,"size_decoded":0,"mime_type":"application/json","magic":"Unicode text, UTF-8 text, with very long lines (63448), with no line terminators","md5":"db5c3b6f15f6fbccb5fa32b4c3268ae9","sha1":"7980f1c916e76ab4866508836cd3c57ad2f1e72a","sha256":"f733996a548fa2f8eebce32c00ba4a60916d96c4a453b5289615d75c1a466f33","sha512":"7b264235717da947178cb9a241fa34dced88a241d301b1a0dd745617f86b3895847888ee6d1aed37100050657175fed34ed3d79ee94dfdcfbaa940c9da1c2e86","ssdeep":"6144:JeTHS79o2MYbsxplewkbxjQ5kZnHtjxuvy0ITxvw0jQ:JeT2KoJlQ5kBHtjxuvyX1q","tlshash":"8d144c05586e3cfd97a207ce74de9e66b0fa0283d150e416ed9dd63a238c767d22b90c","first_seen":"2026-04-21T12:24:49.077177Z","last_seen":"2026-04-23T13:21:42.177442Z","times_seen":4,"resource_available":false,"data":null}},"time_used":296,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":232,"receive":64,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/BetslipMessage-BNH9Z4__.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.167Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/BetslipMessage-BNH9Z4__.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.gallabet1075.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=p2YuruRbL1vby4_m1Thj5bXDG2kIGk93t7G8R8jKhls-1776950254.261554-1.0.1.1-MIhWVcy25gzHl2yaGnN7fN6dLDQSz5V_.O.UCyXZNjqsfAtst.m4jJFs2QAznQ6evnQo6jKevM9JjE5kNeXLMckuDr8OZajHkfkUS9pNW2ZzTcGB3ZZNDUPQ7FXkoqGR; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=AAX5CxBu6Xp5qJfBPQcEg0f%2FgrGqGjPSg1s2PQiXgN%2FHCeuIP00lhDzCCBON26Eh7ueNqdKWpNbpUOs2Ve9aZfrFzjfGYdrhs6gCQHqa5NrF8Mz3fpzRCDXkrVU7GtZWW%2BRxhQ%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\ncf-ray: 9f0d262ffcfb56b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1268,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (1267)","md5":"9a788dd065734b8baaadbcb7d1bdb747","sha1":"1b4695f19daf85ac64a2efbe2235f7e44d2b7e9f","sha256":"b88acc559e4c6f949219c87afb55a6efd8ccbd70d0c1e713d6b4808ec1039486","sha512":"28dc616aa6a8625492ae8d7397895884faa8bb4a9c72969c67ea4aab10eb60ebb980b0cd7d11bea3f9ab5163d9f064288e1c556752bf0dabf5ef668287d808e0","ssdeep":"","tlshash":"7421b747f2a0db2c87a3096df2583042625401e5bddc7920c5fc394f2f9068e462bfba","first_seen":"2026-04-21T12:24:49.063573Z","last_seen":"2026-04-23T13:21:42.127353Z","times_seen":4,"resource_available":true,"data":null}},"time_used":250,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":250,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/userJWE-CerqSAJV.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.551Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/userJWE-CerqSAJV.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/assets/FastTrackTracking-C80GL_Ah.js\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950254343; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2050\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=zgOpZZ9HbU9Ai2bMaM19AHqkzhYdFnwtUfG2qAG122E-1776950254.5823247-1.0.1.1-aXkxHFk.6zkAqb8Zcxp_0Mn2ku27DhLAXgiE3Ev6XU9vhS_mqrfokjdeKySYypBSCYnsxHE3b4PpipCyq67MsVqGoXsn6v35DTseocuiAQE.6_FeMWg12QLF.tyHcSpr; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dKLjjKmun7xpM7vw10gvnK3lYjcPpTXjXeSbk8qvRhMwKTjj2nLwboJnzDRxQgieXln%2FWymWS6qwKy3CGoIK%2FigFGM2mHgUcPJF1c2AUXbDP38PURgDy084%2Fptw02Q%2FzAX81%2Bg%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=3,i=?0\r\ncf-ray: 9f0d2632b88256b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":193,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text","md5":"6bfddb48b2778d704fd45ab163c323d0","sha1":"c7076e4f86f6f67894ace0e0d52089ca2688bf50","sha256":"b2bcbb09422f18e8c1958ba892073a808a3a1d889f77ccca9839773ce2396d21","sha512":"dcfe4a77850260272afba1cd0d9ff1115f6f12b414f7a2c447dd8ae08541eb6fea5abee46983f8c7fe0e5fc5b0ae25682f8dbbb8ac77e8ac1fd71f438aa6f061","ssdeep":"","tlshash":"0bc022db088411f785582c501005dc52827039146298d3415a1883aa6a6100bb10ce14","first_seen":"2026-04-21T12:24:48.900566Z","last_seen":"2026-04-23T13:21:42.181921Z","times_seen":4,"resource_available":true,"data":null}},"time_used":119,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":119,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"crm-lib.fasttrack-solutions.com/lib/css/fasttrack-crm-app.css?v=bc48296","fqdn":"crm-lib.fasttrack-solutions.com","domain":"fasttrack-solutions.com","tld":"com"},"ip":{"addr":"104.26.4.72","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:35.132Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fasttrack-solutions.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 25 Mar 2026 06:34:08 GMT","end":"Tue, 23 Jun 2026 07:34:07 GMT"},"fingerprint":{"sha1":"6A:FF:CB:88:7D:2C:21:DB:DF:9C:CE:23:37:4F:33:97:B2:66:83:F9","sha256":"D6:89:30:57:7F:09:DC:DF:2F:F6:56:BD:C5:FA:DD:99:4A:6D:A6:D6:C0:95:94:F2:71:EA:ED:8B:67:DB:6D:46"}}},"request":{"raw":"GET /lib/css/fasttrack-crm-app.css?v=bc48296 HTTP/1.1\r\nHost: crm-lib.fasttrack-solutions.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m.gallabet1075.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:35 GMT\r\ncontent-type: text/css\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET\r\naccess-control-expose-headers: ETag\r\naccess-control-max-age: 3000\r\nlast-modified: Tue, 14 Apr 2026 15:09:36 GMT\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: KYO5WRDjjhiTCKDvpfQiocpWlm6aZ2Pd\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LH13fg0OpyIu492pjYe3RehzAUr1cMi5GZhigymZZ%2F0jAErAJKxgpcjTyO8lO1cjXvxxpufmsKp0b5czf%2BjpIoNPAYYxsIAiEUIojeTXQQ1TKB18maZcFcAXBLpDwPzHNRhO0mnEaYNoIS7kCAYsKfk%3D\"}]}\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method\r\nx-cache: RefreshHit from cloudfront\r\nvia: 1.1 419f3eb3d74bedebbef6fc91b3f54a36.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P1\r\nx-amz-cf-id: 3igfga-Kd0NV23xGFgs8-R7Dsz9wWfMn0iA1evaalIBE2tUeO1KnGw==\r\ncache-control: max-age=31536000\r\ncf-cache-status: MISS\r\netag: W/\"7906aada543698dba1005a917ffae2a7\"\r\ncontent-encoding: br\r\ncf-ray: 9f0d2636dc47b500-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":27953,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (27953), with no line terminators","md5":"7906aada543698dba1005a917ffae2a7","sha1":"7f00d6655894909587fe280ebf09bf57f66b4100","sha256":"5e2a69854668603fcd556f0b8a3da306e3de6d5ad4dee7a9e9a57ca998269d76","sha512":"262f19709cde3e7abb7bb6d9724437b042fe626636083b80376e35a91d1ea9b39aec82463626711cb60a8c516a1b909d53aac644f056e77929e736fed6d1706b","ssdeep":"384:cFukqharVUf5rKbHWkAB1MG4TmpcHyH3XHZw/XNPalHfI:ckkqharVUf5rKbHWkAB1MG4Tmpc+J6aO","tlshash":"78c2442302c02288ac2b892b73d50599d93ec836651b6dedd7433955c7cb77e3a6b34e","first_seen":"2025-10-24T22:03:16.572036Z","last_seen":"2026-04-23T13:40:26.039248Z","times_seen":104,"resource_available":false,"data":null}},"time_used":306,"timings":{"blocked":44,"dns":19,"connect":1,"send":0,"wait":211,"receive":0,"ssl":28},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/FavoriteGamesButton-Bt6bZ8ts.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:33.716Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/FavoriteGamesButton-Bt6bZ8ts.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.gallabet1075.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:33 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=xQMJ8pGmVbuge1FCL8y2x3aaN3LP_l5Pc762RPpC2K4-1776950253.907906-1.0.1.1-ydPUefiCcmgozF6V7taLjTLj6qbAyn.qbIXNHOaknDMpUNP46y4dqaTzuJpH2GoAlO2mUG4xXUCQrC2BU_vKyPfq_aVoP1sThjUvp9qo.9_QdSUu3uAecOog99UBr1al; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:33 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=VKWchZeS5LlQBWogyk7M07ZQqtt6gqLFxQZvvJfOQPJW%2Fc9KNGBluMgEuqCIGf7CSq4rjnxlR3ec68iyRKPbaIc9y4KAGRZAyn%2FntbR2yaX3gB%2BKZewgXQZ2xYLa%2Fn7MruoAkw%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\ncf-ray: 9f0d262d99dd56b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":427,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (426)","md5":"aeb81ac9f4671bd1d0a591aab0baaa5b","sha1":"f2056b313243905dbc9f28e6abc82a26651cb55b","sha256":"91dff9e0118d29a63161b6cf594b615ef2cae5aae3c81301d5c0a669cb1cdf48","sha512":"7beb316d344587f55f7f855735a549295f1863371fb579fd4c6eba64a34488731cef2ac850bca53dfc3bdf9c23f8c19c482f97be437c9bfa952d02f5cce415a2","ssdeep":"","tlshash":"cfe0a34ad049d2f927431ea05517c4242426a47cd758e590409e04643a71466854ee6f","first_seen":"2026-04-21T12:24:48.868475Z","last_seen":"2026-04-23T13:21:42.082172Z","times_seen":4,"resource_available":true,"data":null}},"time_used":267,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":267,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"geoapi.30btcoservice.com/?type=json","fqdn":"geoapi.30btcoservice.com","domain":"30btcoservice.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:32.276Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"30btcoservice.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 26 Mar 2026 09:12:29 GMT","end":"Wed, 24 Jun 2026 10:12:27 GMT"},"fingerprint":{"sha1":"B9:1F:75:76:BC:B9:7B:E9:F6:0F:E1:CF:47:1E:70:58:3D:CE:72:DA","sha256":"98:10:14:28:C2:C0:43:49:EF:BB:28:85:FD:58:58:F1:2F:F9:10:20:89:24:83:E2:40:E7:73:03:FC:A4:08:D4"}}},"request":{"raw":"GET /?type=json HTTP/1.1\r\nHost: geoapi.30btcoservice.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.gallabet1075.com/\r\nOrigin: https://m.gallabet1075.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:32 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\nx-powered-by: PHP/7.3.33\r\naccess-control-allow-origin: *\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=AHjJ9%2FLgckNnGdHHlv23BjUT4sA4FC4%2Fr2QYjBw4lPPzEQa6SHHLOvwe%2BM%2BZui7GEvVYeLdEUhOt8VB02j5XofkNT2HBSvRxJvMVL3RRitmkgRFq2AabrEezzEWtutRZ0Ytd0i20H7UMJNk%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\nset-cookie: __cf_bm=O5YjBYnmt7hYfvAIlpgYg5zF.QIDEE6lCtA3O3W3FwQ-1776950252.2797363-1.0.1.1-tspCQ9tMp7hSfaN6auME51in22ZSpF3dhasaMl3S9LirLYApDxT3JnvCV4SrZ6itsEAXvPcePI5Y08OrDN.vj8JhtNgRsq8vevFtY0ZM_gMARjUZ8IiLOZafX_5ozmOh; HttpOnly; Secure; Path=/; Domain=30btcoservice.com; Expires=Thu, 23 Apr 2026 13:47:32 GMT\r\ncontent-encoding: br\r\ncf-ray: 9f0d2624b8c5c272-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"PHP:7.3.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":201,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"JSON text data","md5":"ae0c7b15f7b07d5287f4f56fc107254a","sha1":"dec4cfb67f23a362cf007e3414411a871f42f8b4","sha256":"e64d2e0a65cac499cbd1024efbfdd31a982c7a1d825de1b2bdcd6e4001e7854b","sha512":"74b1f188e6f60f077ee12e4556f5d70f415e2e0f89f8c513a50df271545efc9d30f25d65a4ff4acd1cf25c60d0a70fd5664bfd72608ac1b75237a02981991b8b","ssdeep":"","tlshash":"c0d02218184d8d8aae34c2882a4fa9331ab220ccc28f40c4828aae31c3d86ec3288840","first_seen":"2023-05-08T13:32:10Z","last_seen":"2026-04-23T13:40:25.923253Z","times_seen":133,"resource_available":false,"data":null}},"time_used":99,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":97,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/BetslipControlsNumpad.P1RjW1Db.css","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:33.975Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/BetslipControlsNumpad.P1RjW1Db.css HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/tr/\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950253805; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nvary: Accept-Encoding, Accept-Encoding\r\nset-cookie: __cf_bm=if2j5rXRmhGX._4MIKEnvqlIByY8kuTye3pdPVmVrgI-1776950253.997033-1.0.1.1-UAYG3JB8WaocwQQ4PuMzRVdcXofgDzkYHaK9CNk3WupDAyz_jU5DRV1N.C20AU25RuMaj69.U3pusqqTYFjLDaPwl.oNkmioGkxK6RBvv_eI7Xbn9RhEpNmOfZMsYtbq; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:33 GMT\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ET6iEQDd37b82zt%2B%2FyvlY0A8FQ%2FrTeMrgIYwy792SzYbRTtWkAGm31gOVrOhtcnEMo5hXHoIWPwO1f1y79U5vWWrvp1VK2ZdptibJefGYOxLU6YvhJUY9jT11WTopVu1LuFNzA%3D%3D\"}]}\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=2,i=?0\r\ncf-ray: 9f0d262f3c1256b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2945,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2944)","md5":"f1b06021c6f0e7bca8cfa1a372a6acf2","sha1":"c8ec376a610de93a1bc0da1db1e48d87e8597746","sha256":"66c8d53991bd2e654604955300c09184c5cfba652b64e32ef5a0ef144b31513b","sha512":"dea5e4674c6542bf855c9002e9a233c47d991f684499475fbe9dced9db249eb7ae5fefd52c4e94d3314c3e245301a3fded1242629efd9053af2b8a6b6dd025b5","ssdeep":"","tlshash":"82519ca3d804223ca732a78e82e1c3cd71259a8add11336f787192b187d31da356643f","first_seen":"2026-02-22T15:45:37.931001Z","last_seen":"2026-04-23T13:21:42.124584Z","times_seen":24,"resource_available":false,"data":null}},"time_used":113,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":113,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"go-cms.gallabet1075.com/api/public/v1/tur/casino/partners/751/platforms/1/games?category=406\u0026limit=12","fqdn":"go-cms.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.472Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /api/public/v1/tur/casino/partners/751/platforms/1/games?category=406\u0026limit=12 HTTP/1.1\r\nHost: go-cms.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m.gallabet1075.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/json\r\ncontent-length: 1239\r\nserver: cloudflare\r\ncontent-encoding: br\r\ncache-control: max-age=600\r\nvary: Accept-Encoding\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=KzNBUtIB45dsDJtOiYUTQdRHp53u9CynUjKX0EyLMbE-1776950254.413801-1.0.1.1-MEg9W7exjkTW6lNVGfcGg__i7ra0cWaKReOg8cDsYLyN4j6_dSnKUz._per_cAvwUsSIHMr_0AwQipesp5rtTus5z5pVNo18lQfwAqrjXLUZfsAkPT3D_mhfPpBKiUlX; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HI6g0tLmn7yWEH5gEeHqX6nJhV1Ks1lW5SZOuO9eq9WASsNzgJ2h8bjBAmoF8oiQhgPC4yx6iF3dO4zlXZoJM52y8CpKzyiJwpsjxhGfXtXHj0%2BEyMdTvWdcij5Qwg7VmINgcrri%2BVO3\"}]}\r\naccess-control-expose-headers: Content-Length,Content-Range\r\nalt-svc: h3=\":443\"; ma=86400\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE\r\naccess-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization\r\npriority: u=3,i=?0\r\ncf-ray: 9f0d2631bf2156b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":5899,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"6f5a6103fe6ba5082e5b09c0d93d741b","sha1":"40bb7611e204e050075588eadf986fb930378368","sha256":"0f0c63ac612362ba234683c53c2185d147d95398e135bb02cfca01a4c17d2c6c","sha512":"f48bcc331d0ca5cea36242b6db340724b003d8f387ad6c9761d203c7b21ff102a81f6256cf5eb239cc87fcfd080affca2302442bf024f9961f5d6acc16b5e607","ssdeep":"96:EF1yJo11O1b1M2M31ccd1hi1NXN317mYYvHG1CgC4YYCxOQYYvfUYYvUC:EF1yS1Ed19k1cq1hi1pB17mFvHG1CgCg","tlshash":"4ec1ef4a4d24fadefb9d0a8074423d0d987d53d2aa8dbd50cc5a9e4e60e50f126336ef","first_seen":"2026-04-23T13:18:15.383973Z","last_seen":"2026-04-23T13:21:42.207397Z","times_seen":2,"resource_available":false,"data":null}},"time_used":153,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":152,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"go-cms.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"go-cms.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"go-cms.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"go-cms.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/CasinoJackpotPools-KN1b5yYb.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.875Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/CasinoJackpotPools-KN1b5yYb.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/assets/JackpotPoolsWidgetContainer-DiFR-VGp.js\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950254700; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 503 Service Unavailable\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: BYPASS\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=I9Ssmh23SiK%2FyKDlzVSmFjlm9CyHBZHYTST1cOCOoHEV19LjkSXQyGr2Zj1qUwn1j68eOdKmhc1%2BcOObdRZFkH5Lf4d5EYn0rPs9WzqI3k5WcLKCZMcyf6ERnYDhRbKiZeBZBq4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f0d2634cb9456b5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"503","status_text":"Service Unavailable","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-23T18:09:27.649541Z","times_seen":14112422,"resource_available":true,"data":null}},"time_used":77,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":77,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/67f6eba3c3ea8019132be7be/1ioe8gtih","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:30.564Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 06 Mar 2026 09:33:33 GMT","end":"Thu, 04 Jun 2026 10:33:27 GMT"},"fingerprint":{"sha1":"F0:6C:DC:32:63:CD:34:E3:15:CD:7F:77:F5:A3:64:E0:9B:36:95:83","sha256":"B6:7F:6E:A3:69:3E:0D:3B:04:3E:8B:65:86:7E:1D:5F:82:84:18:16:8D:AD:72:D5:51:E3:46:BC:BD:CD:BC:38"}}},"request":{"raw":"GET /67f6eba3c3ea8019132be7be/1ioe8gtih HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m.gallabet1075.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:31 GMT\r\ncontent-type: application/x-javascript\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=7200, s-maxage=3600\r\netag: W/\"stable-v4-69e6f4c07ce\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\ncf-cache-status: MISS\r\nx-content-type-options: nosniff\r\nserver: cloudflare\r\ncf-ray: 9f0d261a5be732fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2123,"size_decoded":0,"mime_type":"application/x-javascript","magic":"JavaScript source, ASCII text","md5":"3653212a9a168e28e23f7a0ff982e6e9","sha1":"3c886b5155bba5096d5b7b08e368e6efd7fa6e64","sha256":"9f36dd77f4bb4fbe3b56979cae0b0357c113512c3dc73c58987d2a597cb8a163","sha512":"a123769ab073b6d06d72b4593c7becd151cb13b5aaecbfc593910b87ef284a1ce16fa1808cc0db425bb631e96427d6fa3b8c12637ca6df5e5e11672de676197f","ssdeep":"","tlshash":"9c41dfe35b4f1c56926410e90ebfbd4fb87a60da46e8ec924708081277596ad2b8dd28","first_seen":"2026-04-23T13:18:15.3848Z","last_seen":"2026-04-23T13:40:25.967697Z","times_seen":3,"resource_available":true,"data":null}},"time_used":516,"timings":{"blocked":48,"dns":22,"connect":1,"send":0,"wait":420,"receive":0,"ssl":21},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dataspot-bucket.gallabet1075.com/configs/d212f7f1f16e55d50593214ba05a0f99.js","fqdn":"dataspot-bucket.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:35.022Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /configs/d212f7f1f16e55d50593214ba05a0f99.js HTTP/1.1\r\nHost: dataspot-bucket.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 520 No Reason Phrase\r\ndate: Thu, 23 Apr 2026 13:17:35 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 7429\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\nx-frame-options: SAMEORIGIN\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\ncf-ray: 9f0d26361d0956b5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"520","status_text":"No Reason Phrase","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-23T18:09:27.649541Z","times_seen":14112422,"resource_available":true,"data":null}},"time_used":256,"timings":{"blocked":31,"dns":0,"connect":0,"send":0,"wait":225,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"dataspot-bucket.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"dataspot-bucket.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"dataspot-bucket.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"dataspot-bucket.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/pageBuilder/pageBuilderHeaderInfo.json?v=04/21/2026-12:07","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:33.614Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /pageBuilder/pageBuilderHeaderInfo.json?v=04/21/2026-12:07 HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/tr/\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950253481; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:33 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 14:17:33 GMT\r\ncache-control: max-age=3600\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=xyEjEFRhARPXXwJhE3SWjRI9.WJpQWE0VFt.lt_1nI4-1776950253.6522555-1.0.1.1-hbVoB1RSI2RFFtf2VQuNzMgrvHXiZivnXABeIOucKwVkvPYwdQsgD8DENX7Y6DvvSKTjB9EmDrgAhxKRJyUgWbkcN2kRrcBCdY.Yi4NmhL18kQoQkVASkEMsax1Qj5Gu; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:33 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NFURd0GT3GIEZ8FOmvm56ZPRoOiRFCFxLZbBM6HDYnj3fEWP0PHu9cwu7x7g4h%2F7TQXNzUVf567nUt5n5R8qI7QyEsb231EQTUQWd%2BZvOthI4GYJfE0MJjEYroc6NDiu2SSt6Q%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=3,i=?0\r\ncf-ray: 9f0d262d192356b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":283,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"a073ab68d03cc285a2ea057683b697bd","sha1":"85214b84cecf1dcad366f847f29f079e47fa4f6b","sha256":"22f8711fa180f3491a16949412c0f771411db6102c183564c592ae3bcc59dac9","sha512":"526285a76199b4a6719d986101a3ebc29b0ba3457af765836b38ce24ec8170528f62c647e3b7acc85f323b23634f3ee1dd05032de06798ec969cd0c7c4dbcc1b","ssdeep":"","tlshash":"26d02b3aac00ed7473d4d413d29067802040a409d744485c9cdd9f6fd3ed3851091b57","first_seen":"2026-03-07T12:53:25.048544Z","last_seen":"2026-04-23T13:40:26.061871Z","times_seen":29,"resource_available":false,"data":null}},"time_used":151,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":151,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/CasinoWinners.D6wkh6MK.css","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:33.964Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/CasinoWinners.D6wkh6MK.css HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/tr/\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950253805; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nvary: Accept-Encoding, Accept-Encoding\r\nset-cookie: __cf_bm=SUNXZIo6FWfWPVC9etV7Hgmfa1nNNwVN8_VpN2fOwIY-1776950254.1527512-1.0.1.1-Gy_AYL6SlvwNpm0NH1oIjRIEy0Z_70401k67a3Ai7dTVKL5tLrXa0XHzMldh0nO7rq2SsUN_SVy4BIVT_AxWDa4oLwxdKfY1NmhEKB3BokCBV8T7tGCkOS5LiEz3OqW9; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=w5cIIeAGcFHcrVesYgN6UL2ceBot9Obr1DwTPLzAzszO%2BZQhcu9jEKSHJWH7UhbCfSzHhloySvEvjwMnckTifWTItThvSQnoQ26gu8XGFOsyIONH2xKq%2FJNtV2585JVY3wPwfw%3D%3D\"}]}\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=2,i=?0\r\ncf-ray: 9f0d262f3c0b56b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":5943,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (5942)","md5":"4fed55af4cda2614fb46b15dd85952a6","sha1":"ed43ab46820bed88680ab9d5e889d9eaf10eccfa","sha256":"f77f3d4a79a0ed579bbc51093ca6df8895e4cd1798ba890143fea4686b3d94ec","sha512":"92f32d01ab9bcffe13f7972d6dbbff390185c62389fd388bf62f8439a676944116475998648f1194b2458831b54a84ee7d46067d3d323f99844ffb5e38564040","ssdeep":"96:dNC/PAiELUuMyH/KEwlyUUYm6wl6llLlDlulNAGBc1h8FtmlTFtHjWeBwlEXkqWb:q/PAiELPxqyk4FcVFlBkqWAc","tlshash":"c7c13243564a2b7ab3f7ca872520435c79195c9ecb232b48ada81129c3b36df11387bc","first_seen":"2026-04-10T06:10:39.526453Z","last_seen":"2026-04-23T13:40:26.009249Z","times_seen":16,"resource_available":false,"data":null}},"time_used":267,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":267,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/BetslipStakeInputSection-vslSA2K8.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.177Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/BetslipStakeInputSection-vslSA2K8.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.gallabet1075.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=vqoA1I8h.q.ZfU2hXJNolQS_oAUHstko7UFYgfGChz8-1776950254.2610154-1.0.1.1-sm.7Ook6VGniMRL5bPdcQnHysqmWmzhj8QZP9psRojEpT0VUZpywuZ2jNPTS5QdeLomlEyiJ34cghLEsshaBJMbsa8ELr86PU5Z0sACOOiPwtkxthgSJxle0N38ac2uZ; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LxdAavb1rmED9HiwcB7vCM9Io7iLJAlLhzoks94KuwlX3pKZC0ImjfaB0R6rmfVyP84f50SydchhCXQL1yjLjVfI0ImfO7XIxPVq9UWkPz7mhgoGsRW7YCEw6W2OPrflhgGROg%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\ncf-ray: 9f0d262ffd0156b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":1014,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (1013)","md5":"2bdf3c60539e60c464e11faa9ea8bc23","sha1":"e88c9abab73614069ae6b029942b38eef21f4b45","sha256":"e08613c552098f27f960847d5ae657f97ac9c7ef3fdf37ce8432f0f3c57f734e","sha512":"f9a3640470ee81f9d7d312c0fe10e7c27689764ff6398b12dd42371c693087a2d482c719102cc1215614e77788af280d76dbdb8e029b87a182d36ddcec78157e","ssdeep":"","tlshash":"8c11650ef8262afe900209d855af5014603d0c76e1990760c4fe2d7e1ed5459724bfcf","first_seen":"2026-04-21T12:24:48.864448Z","last_seen":"2026-04-23T13:21:42.217408Z","times_seen":4,"resource_available":true,"data":null}},"time_used":256,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":256,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/AppSettingsButton-VpAExZZO.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:33.719Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/AppSettingsButton-VpAExZZO.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.gallabet1075.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:33 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=elOm8fGqHc195MjsYJS_yN2WqxCRgvUhdfDBEAcw9NY-1776950253.9033158-1.0.1.1-Bkne0KKXHXBdp1GZmTjMYhAI9yhOwjOQ9zgVseDQI2ergtoJbFn6EOwin2c9_gbXLRFUsFeSMCCdIpcwBE6Whakszo52bx3uoYTtXT3WjKRoYtms8HsrQ3ELhUnPMbka; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:33 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZCuM2m7yXjN8rokDJwJOzk%2Ficmstw%2FmSz3ihhTXfmJ4t%2Bwq5WkTua1QTsmSaQPQ4c4bAsgLc1y6rg4IfwL8Ai5f%2BNGR1Xh8YGdeQ%2F1y6NWm0G1gWupLcZ2r1Ura6thJzO%2BjS9Q%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\ncf-ray: 9f0d262d99ef56b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":385,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (384)","md5":"2b10a9d03e1e17e641edf61e60ea544d","sha1":"21b9c8821975babf963be8d0f702debaeb5e5209","sha256":"aac5cdff48e2bb77a4163e864d943dca18c8a1d3c9415d6f94e1f97baa73f860","sha512":"9ec0a37867716d6efe94a08e7b9034157730ffda234ddfa64318b8ed73e741baca6c71aa48b0cbe524150f58cead6d70b9a60ae3b10e7fc3f88b29f4f2a78418","ssdeep":"","tlshash":"c3e0c08b9192d3fe13e22ee2c51fc6057e566c38c7459a4140bc50a137b4196818ff6f","first_seen":"2026-04-21T12:24:48.935309Z","last_seen":"2026-04-23T13:21:42.10783Z","times_seen":4,"resource_available":true,"data":null}},"time_used":264,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":264,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/LiveChatInc-xfcbsjSt.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:33.763Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/LiveChatInc-xfcbsjSt.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.gallabet1075.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:33 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=2R0AZMsTq4FNBnTH7Vy_YiAUETtcXIkQ_T31F88PJt8-1776950253.9284804-1.0.1.1-SDhVS_vxDLMlm.ybftMsg.7nIhldcDZzHv7TrZdX5eeU9vlUHx_Wz8MG6F6VvrHW99z7a0FQoI2X8TADu63vCNEqExok8PAkjrkh6VJRtsJxA2befVBFy_egIPKVn5us; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:33 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XWsIUJi7Z5DyR9xzsbaeZV5CzWuME9ZMTunDd51UGDkSGFrAu0ak6T4J0FcpNowskL1Xhx%2BDpVI6ExKCc%2FYGPSL6rFZlJ9KUC%2B4gn6mwUJDKHL9XtHEaKz8Z1VFcoNvKY3glPA%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\ncf-ray: 9f0d262dea5156b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3140,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (3139)","md5":"4a23a3152595007dee34bdb1ab005e38","sha1":"6f9e4dd1d3ac1c2c7a25b3dc3cffb4facc178676","sha256":"636431594cccbdcad77265ee3c2031bdc1bfae03b70859d5a69e99e01a6d07c8","sha512":"cf1e244c74669b5ec1e9f22edbf6b702f72fa5c4774dd4ff68538430d661cb332fa6ce03f8715c2443710d29bd8d443e6231f2322aa76e8ba02619b327fb1c02","ssdeep":"","tlshash":"1b51979de03874b4a37967e6323b771f32165a14a4484cb0357c4f166a0b58b8076eda","first_seen":"2026-04-23T13:18:15.362972Z","last_seen":"2026-04-23T13:21:42.203253Z","times_seen":2,"resource_available":true,"data":null}},"time_used":246,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":246,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/gameDataProcessing-DhO6G1u-.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.143Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/gameDataProcessing-DhO6G1u-.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.gallabet1075.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=NPCve3otC4e6lHNgB8iofSZqm0V8k8_iH9f.Y6pszTE-1776950254.108098-1.0.1.1-QHcPGL9ehVLvzGljUW6ZT0ljcWwrFzDTcF_n89Z_yaewHevlh.5gozd0aO1kGNkg0gnq9vr6oIDQpMbLc_Jlu6Mvsyfaok33Dl_vKSQsOBTXBxScTxlhjh6nyqVeC6AT; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2F%2BmU6cksn2Uakq7zZ1gPCY0WXj6nXL7cUFUHTXWmUW%2B53tEk%2BHjcTdlXZj5Kdb76QwsXzGyJY4rn%2BXJgQ2EWILwTu5UX8Cq8CSyAFftgkt9I4acLu8deayW9cV0KnoGtLqbAjg%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\ncf-ray: 9f0d262fdcca56b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":17258,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (17257)","md5":"7d92add8b657e8ffc36532ff4e0b20c4","sha1":"ea6fa4217eca2597ce402372cf1a9c46d02f8258","sha256":"0f58f99cedf29a7eb280f7965407701e051623228442c7c65cdd239fa5697536","sha512":"01c712a4594347b2506e51f0ae0703c892fbc95b5577941162783a1351f62d19c10663715fae7ffe17a3903efe1bbe02ec93a7704db0071e323e7654d0357c42","ssdeep":"384:9wphrrZxhxlVz12awqhvTXDsB4Pzenac0aoK4A1n1:9CptXDe8Q5X1n1","tlshash":"a572750b8a024c12c97e4639c0ae15f1b9781b32e8b8cdd11a555c7afb5fa5b31e1738","first_seen":"2026-04-21T12:24:49.004569Z","last_seen":"2026-04-23T13:21:42.126028Z","times_seen":4,"resource_available":true,"data":null}},"time_used":125,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":125,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dataspot-int-bucket.gallabet1075.com/configs/928de3c284a560a4ec2990544700741b.js","fqdn":"dataspot-int-bucket.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.565Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /configs/928de3c284a560a4ec2990544700741b.js HTTP/1.1\r\nHost: dataspot-int-bucket.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 520 No Reason Phrase\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 7449\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\nx-frame-options: SAMEORIGIN\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\ncf-ray: 9f0d2633092156b5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"520","status_text":"No Reason Phrase","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-23T18:09:27.649541Z","times_seen":14112422,"resource_available":true,"data":null}},"time_used":219,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":217,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"dataspot-int-bucket.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"dataspot-int-bucket.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"dataspot-int-bucket.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"dataspot-int-bucket.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/BetslipStakeInputSection-vslSA2K8.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.882Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/BetslipStakeInputSection-vslSA2K8.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/assets/ExpressOfTheDay-43DWSrHP.js\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950254700; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 503 Service Unavailable\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: BYPASS\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=z2EZCO%2BzQ68pddQULHxv8JqaNqvTtMBn5V5V71z1ibCVCMTjp6FIwcNLkASx%2BDZWzYFscZnl%2Fk8lDUejOznkBbxKoEjvyqt7Jzy8fmUXshjKOI8cXOmXU0tM6BMHnEdL5XVfekI%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f0d2634dba756b5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"503","status_text":"Service Unavailable","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-23T18:09:27.649541Z","times_seen":14112422,"resource_available":true,"data":null}},"time_used":78,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":78,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"explorer-api.walletconnect.com/w3m/v1/getAssetImage/692ed6ba-e569-459a-556a-776476829e00?projectId=45f4062f4f6427f9e6eab952d2452b3c\u0026sdkType=w3m\u0026sdkVersion=js-2.7.1","fqdn":"explorer-api.walletconnect.com","domain":"walletconnect.com","tld":"com"},"ip":{"addr":"104.20.35.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:35.009Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"walletconnect.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Apr 2026 19:35:08 GMT","end":"Sat, 04 Jul 2026 20:34:55 GMT"},"fingerprint":{"sha1":"29:D9:EC:AF:28:AB:86:B5:F5:38:A9:38:B4:CF:23:E6:E6:9C:63:04","sha256":"83:7C:8B:D4:F5:FB:85:02:A1:F8:37:D9:53:80:6B:8E:C0:ED:FA:F2:DE:40:56:27:B6:C1:31:C4:A7:8C:01:8D"}}},"request":{"raw":"GET /w3m/v1/getAssetImage/692ed6ba-e569-459a-556a-776476829e00?projectId=45f4062f4f6427f9e6eab952d2452b3c\u0026sdkType=w3m\u0026sdkVersion=js-2.7.1 HTTP/1.1\r\nHost: explorer-api.walletconnect.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m.gallabet1075.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:35 GMT\r\ncontent-type: image/webp\r\ncontent-length: 628\r\ncf-ray: 9f0d2635ceff56aa-OSL\r\ncf-cache-status: HIT\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=86400\r\netag: \"cfaRKjj98wG78-Q94g8ciN3whHfmDcyauXnchu_YTSDQ\"\r\nserver: cloudflare\r\nvary: Accept\r\nx-wc-r2-status: HIT\r\ncf-bgj: imgq:86,h2pri\r\ncf-images: internal=ok/- q=0 n=1019+1 c=0+1 v=2025.6.1 l=628 f=false c2=0\r\ncontent-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'\r\nx-content-type-options: nosniff\r\nx-robots-tag: noindex\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":628,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 120x120, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"07a8ca43077147f4b93899efbe31ed8d","sha1":"bb87180866adc635991e4867c8222fc4387331ba","sha256":"b22b238c613c9bfcf13e8340213b734fea3bd0b9b2fe67648e3ba6decc104e89","sha512":"6d9a2235c65c224e78bd78025eacb630cca9bc9c4a838fd540de031cca2e8c442460eae186359cb98dcb1f1eb867414c6b5b77c78a2f3e1be6f6f36b254111c4","ssdeep":"","tlshash":"90f062be0d21c29ae04842881a0c6c5da472a9b9fb4424c4eaa5f7a67c0319433a54b0","first_seen":"2024-06-15T18:00:08Z","last_seen":"2026-04-23T13:40:26.03574Z","times_seen":2180,"resource_available":false,"data":null}},"time_used":279,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":279,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/lodash-CeISZwwN.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:31.268Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/lodash-CeISZwwN.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.gallabet1075.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:31 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:38:42 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2329\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=YjGmqv35C7UFcpyLVk2LTs9_6I0U6.BD8eoqKHSprfs-1776950251.3192954-1.0.1.1-c2uuTy6ZAtNNrwiN6JMd_k44oeSOujB0bJSqo8LJw_aNs9govCLB0mpN2sqlQvsE3osnIg087vI1OJTWHZ2nWI6P44hyQV1zYzSgYCAx027Sg.onO4Q47GHEVGL4Hzzt; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:31 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=72pkZJxzFXGzfw3tScM2%2FqblcHV7OMVzJcxu%2FCLZViyFsHZZYIknFic0NkMrRXO3YVmwW459E8Wee8tQ4Pbsb6NsjNvJD0Gt7nxP%2F6Midz%2BFBd7LrIcG%2B3B03wk143yRaNpcAw%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\ncf-ray: 9f0d261e7f1856b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":165093,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (35092)","md5":"0af14a8381aa9ffb9041549dd564ae57","sha1":"b00695d65a43fcb3bce778d4fd6c2eb1ef739508","sha256":"91145be72493b190ca52499d5d945d5a187482cae6add0e36306ffc697aaf446","sha512":"44efa6d772b31bad9a9561c9fc66f0c962b06343a31540d5bc31f3c8aa0c8fda87df68e8466bc810e02085c12a24bb72ef8a7a1581f8f16859b6ac646520ee10","ssdeep":"1536:/nsfx6WucPPRwy0/KHP5c+LBza4t8jxjiFOre/U3nadtDoayvi1Ynu9gMa5joGAw:/smcl3B4eFILYgMdGIkpOuFM7u","tlshash":"27f390c835d7f0a183a7287440bf084bf23dad65a84cd054e1aae0ed7db8919d277e6d","first_seen":"2026-04-21T12:24:48.978952Z","last_seen":"2026-04-23T13:21:42.170008Z","times_seen":4,"resource_available":true,"data":null}},"time_used":159,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":150,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/menus/footer_menu_751_tur.json","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:33.357Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /menus/footer_menu_751_tur.json HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950253281; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:33 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 14:17:33 GMT\r\ncache-control: max-age=3600\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=hnCHbMKuDFVIUZbAxlp6OSj4sUTQ9I8uw80aenh8ego-1776950253.4035034-1.0.1.1-rAnLT55g32TD083D_5P_AQjMtRwKL2k14ZllVXUxZo90En3P.66swWu2DC_8Vra8.AnRzLY6KOlFHL7K715uv8ltKHvegsRplG0qbKywUlmws7C07FsJ6PRTvRt3GIPZ; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:33 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dd91jus3fAi5%2Bd9RZQaLFt5FGTbvHDemQwTjwwRwCEaibHpt7ZdPVndCaLXJqsu7GkoR%2FiKZy%2F0a6Lr7lMOIiJkqTeV5OyK%2FbpyJHGcQ%2FGZ2Gq18Z3jbokLXNpovprUZAp1m%2BQ%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=3,i=?0\r\ncf-ray: 9f0d262b7f1256b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":8560,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"cb7c741a547fc4a891e36f03de2f52fb","sha1":"e589086845b554f59b1b11b2b498edd0f09d2c50","sha256":"e1f2743754b756e617ee3307f8ac72f50f94263f3009f9aa90aec03edac6be73","sha512":"2d3da210a4cece77d8c2c5a21e57119c60f5010e02e3e86a8e7d3b1df68174b55f59be99ed140bf5760974abf623b8eaa24d96f0808498dffaae7723bf944482","ssdeep":"192:XSk0zkRSkukOkWkEkRSk36kphkpGkTSkEAkMlkk73kKUkwHknu4kQSkvIkWbkCOY:XvTNrLz5Rvn8xTvewIYfQQvVdqO3y/XV","tlshash":"c7024612f00d5576e7087e00bcc7ad0b84ce609dac5d49519d4d8bcecbda5af8ac62eb","first_seen":"2025-12-24T22:39:16.150949Z","last_seen":"2026-04-23T13:40:25.961501Z","times_seen":38,"resource_available":false,"data":null}},"time_used":147,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":146,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/flags.png","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:33.616Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/flags.png HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/assets/index._m59fQOD.css\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950253481; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:33 GMT\r\ncontent-type: image/png\r\ncontent-length: 94974\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:48 GMT\r\netag: \"69e73090-172fe\"\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\naccept-ranges: bytes\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=T60ZFcFLFrwDIKY2InBrdkJfFSQ5t_jO4_sNqIt8Ivg-1776950253.843277-1.0.1.1-RYrgoKGN4eUV0Z37JA3G8AECcV9a2p6uR7g5xH9J6Vm.XSNRqWhwmD1ju3yogqo2JGT_Lwaomc0qmWpZhbJ0bjTZ9FCD81DV0bBsPWfO4Hg7s8IgMvYEsAK41fCEd6Wi; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:33 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gmYvJ%2F98Y5VJ%2Fm2RsTFBeYw7szbjnVj3SleOP21vbwBvRnA81HYsG89emgAU6g%2F%2FdMYnbUi8ghHuTEcrQH%2FiHIPouiH%2BSYZxGWUiW7iA6USU8%2BLytfed5kUb%2FsgoWEwWhTcp%2FA%3D%3D\"}]}\r\nx-xss-protection: 1; mode=block\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\npriority: u=4,i=?0\r\ncf-ray: 9f0d262d192e56b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":94974,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 66 x 17960, 8-bit colormap, non-interlaced","md5":"02c3b5af3d0ec1f21c51bf21a22241e9","sha1":"c39c097d704c754294e3fbed23b80e502054396e","sha256":"1c0578c469db9a3da5c0b6fa0258f99b2a2ac602d0027ab6fcb7b218c3acbb75","sha512":"bb097e3532e83aa4db8e8dd7cd16d95d83ae77f4cc19207f04f3b929ca695ebcd7f5730e9ea888763108c95028f40f81490a03093ef8d57665c6f4393091dc63","ssdeep":"1536:wxq8h3gUrI89XxfLcduXa08ucH+te2RIr8T8hKdPzgkjM+PDRzSKR2JLDpzm5NLX:Sq8h3e85FquXPAeExk8odPFg+tzSKe3M","tlshash":"509302ab06de36c6e10b2e9408902d3c720f65fdcba545ad497cc743d8e5a68d48feb4","first_seen":"2025-12-12T09:55:43.277784Z","last_seen":"2026-04-23T13:40:25.947344Z","times_seen":548,"resource_available":false,"data":null}},"time_used":446,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":378,"receive":68,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/GameSuggestedEventsWidget-C2pyJjPN.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:33.748Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/GameSuggestedEventsWidget-C2pyJjPN.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.gallabet1075.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:33 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=qDzfCGHqCI5CoxUR5K0d2.ScDiBv6T0TPq.ZPIKAp2M-1776950253.7870488-1.0.1.1-9e__B5W9EJwWVbZOYFynuVny4KTipBHhdlfhdCusQrDMjpBQtIMY1cR9DKBZIooTSY0vLEtgCrQ0YHmNzIUBhlpSeajCQL1lOUG93UdAwdd0UKhGNYfuWsM7gfSAebDf; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:33 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lXHjWWphGyjumRA6UakwWFv6YQnsYagZyUOKg9SzFsZ3CTV6mkGrIq2E%2Fh0%2FxsjszzclLhpN8a4s1%2FPX6pSyNDcGFCrith4Paqb3TMI1oayP%2BK1fH%2B2lwIi2bAPVDbXb5XZUMw%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\ncf-ray: 9f0d262dca2a56b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":3709,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (3708)","md5":"751a6d9bdce905b3da67bde527735018","sha1":"6eab5e951f1ad5abf219a195b0064c1ed86a0fd3","sha256":"b8c08c5a6a2762fc27e6450bd245d830bf789c22e00d40948de00d520000195a","sha512":"9bf68d9935943ac61e80e726518f708f6cd5fb3da4b1486be866d273c6148578c2ce7957eac09fef9f069b8ba5005e8ab9fc55ee3180854c183261f23860cb21","ssdeep":"","tlshash":"2971c646e010aa39917741d82bdf3119153632b4b94353c1b63fca3123e2592ab9bbdf","first_seen":"2026-04-21T12:24:48.990149Z","last_seen":"2026-04-23T13:21:42.13639Z","times_seen":4,"resource_available":true,"data":null}},"time_used":187,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":186,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/DepositCountTracking-C4f65rk6.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:33.790Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/DepositCountTracking-C4f65rk6.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/assets/index-By9i3a2L.js\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950253701; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=twr3Yz7WUzy2U9qfT7yGazryu4oBf_g0CEtjaa5vnlo-1776950254.0482194-1.0.1.1-8JgEdoCEPRfSV2T1T5RW5e8I5zrahIjyJ7qYW40xQ36Ilx6yyUFGCPS2yLjLQOEJTbSD3xx3UCAdAvgM1ulQU5qDS8aIAHFYh6P9RamaNaqiOBKb3erU2EIYSjbyPLou; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kZaGCS7B3XulY%2FXnirTTSlmN%2FnIz8xN%2FVDxYB5G6OHh08myssH3hFF%2FKSrw9tMiXWMzRG33S%2B28Tjzfd5FkEmKxFr02vRbY7LH%2BpaTxM8ipimV6%2F%2F8yby4ev56I%2BZ%2BVmx%2FzuiA%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=3,i=?0\r\ncf-ray: 9f0d262e0a8256b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":645,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (644)","md5":"60f8ccc683f8e04b4d2bd5b46692978e","sha1":"a92629bb533866e0209a7cb4c588dd6a6d9aca42","sha256":"d7ac00917578c665dc9c2a20814ea59fc1c8582fb6b59b1e8d6dc5e66f43485b","sha512":"479ef92d357834a97e1b5b778ae0d90836ebe97dded4b150de9c50b144d8002410ff0fcfaa510f6ede63b84a17023c376a5e0d55e150792c568d9f359507ea4d","ssdeep":"","tlshash":"9df0dd9b68b8d2e58a493a8472c6d8e363f0650dba5689c385bd4d4a0248012e4c8e1b","first_seen":"2026-04-21T12:24:49.022744Z","last_seen":"2026-04-23T13:21:42.221091Z","times_seen":4,"resource_available":true,"data":null}},"time_used":343,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":343,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/usePriceChange-myueINat.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.159Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/usePriceChange-myueINat.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.gallabet1075.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=PWGL6arjkBgsV1rD06_6aQi.TKmF37DATECN8rbIg10-1776950254.1281674-1.0.1.1-6H7QmqMUsaQk.fo61r6EZcGTwN3bYpYge_37rmApDWTDFh__5KF8uum4ynCzawI_IcKtTsBcABz5LBi8ZkLbw.iB3xCGoQKUguk36Z4bH9AAfK6WBX1FzX40xw4suX84; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ldK8qNQiu7hnPmJJjiO%2FocLs5a5N6quDknGerCcmcBofTHUMqqaPdTe1%2BwRSboJ278WsMQ%2F8hWWwVe5XsMrYfg2nzqvQjFn2Le3nkpsJWGxCYphnNRM%2BMhFpnhx7BTrLrLJL9Q%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\ncf-ray: 9f0d262feceb56b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":470,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (469)","md5":"4295f4c6125344dde02e8b6937f94a4d","sha1":"f1c4952e3da24d3fc5cc4539d0a24cd3f6a7b423","sha256":"f938915b888a934d449471981f2d0496cdf2b87214d09b96f2027f561814e1d9","sha512":"f40c16a008b3d9f9acfce3584d8729a3d1a8b20de0f73f0629682b64621d51c7457b411f0573e200597be86b87c7e9475166fb21d30677c0b16f58e9c1323420","ssdeep":"","tlshash":"f0f05cbd14901813545f0cc4c26485971fd126d56bbdc31eb230882d37589af06aef6a","first_seen":"2026-04-21T12:24:48.898294Z","last_seen":"2026-04-23T13:21:42.165197Z","times_seen":4,"resource_available":true,"data":null}},"time_used":128,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":128,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/GameListItemStats-BXlmppzY.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.861Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/GameListItemStats-BXlmppzY.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/assets/LiveGamesWidget-iPe0Z4pg.js\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950254700; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2050\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=Ux691vzppXqLiUFANZpum_0HGZQZvs2MRV31BFDGkFE-1776950254.8946407-1.0.1.1-obw7ThkPgxf0AZCMTcSpe5n4ZWdRqYEzOuXX4eF0Pfp8KlfkytxcnfRPL0Kcgxx0joBbhtZG8.O.fIl15WUEOCrtR9TRNZVCEZYpChsWcLmgPzwajhRows9A6ZAtpEpj; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hNFiTbe%2BMqzyCzRW1eZj44nZ9Via1D7pDuJbTe%2BMEhn7qlKeu6C67L%2B2vp4VjlgP3xXCG4A%2F7LWTwMIUtxSwYe9DjC5n%2Fhp8OQkSDVkn%2BZNc9XtflagptfZoEATZjNlrLlWfiw%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=3,i=?0\r\ncf-ray: 9f0d2634bb7056b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":4429,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (3870)","md5":"5a6ad4919fb9e228ca0e1d839135878b","sha1":"7bc35eed27701315327f9b369ed74d92e7473911","sha256":"c88bc939f2174cf36b70cfef1f47432681161624ec76321a8f91aa62c701a279","sha512":"5ff28aaf23042d2f240d46fff8c7632a2b09356f3400d0093ad4651d1453d9be7abb4bde81f3c6a0f8176d866f13fb2964bf2d8b002ea6a7bc4aa0990102c9c9","ssdeep":"48:jOrkT/A1GF51Nf7/89lCgIGl5SLsK8vCK5Jx5fTYyx7XgxYzm9/L8umGus665LQj:j9A6Nf7/8jC6SoK8vCKfxay9iua8kQP","tlshash":"a791a69150745bad753d0cad659faa00205a072cee58caead5bd1f2e326c04e7337f74","first_seen":"2026-04-21T12:24:48.941466Z","last_seen":"2026-04-23T13:21:42.114814Z","times_seen":4,"resource_available":true,"data":null}},"time_used":119,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":119,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/usePriceChange-myueINat.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.864Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/usePriceChange-myueINat.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/assets/LiveGamesWidget-iPe0Z4pg.js\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950254700; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2050\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=FaWy_z9ifGdpG5KbcgkgIFTcgzEvjGCREK8rEyE46Ek-1776950254.8869073-1.0.1.1-hfVtX3RsBQaq8hSD2CO8.Y3qOB.vCeUaB5KfvAXz0ywwC6xH7WZJsnDkvTtY7wFAIILNa7DGAL4nfmrChOOXZmATleah7jKFZZ2jDR58JrpXZAsJCvLmIOXAuZygNpGG; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=W0wVdfw7GNHBntxZP%2FD8Cd1VhFuEqYf8E52%2FMb1YCn7OzXwYJjr0u%2F%2FKNuaD5R%2BV6%2FVUZFzk84%2F9Roxv5BJovlhaEhKT%2FHPKhn28nH6hKOXJyYXk83fYkOtWqJ%2BF47VGnQ5DXg%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=3,i=?0\r\ncf-ray: 9f0d2634bb7756b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":470,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (469)","md5":"4295f4c6125344dde02e8b6937f94a4d","sha1":"f1c4952e3da24d3fc5cc4539d0a24cd3f6a7b423","sha256":"f938915b888a934d449471981f2d0496cdf2b87214d09b96f2027f561814e1d9","sha512":"f40c16a008b3d9f9acfce3584d8729a3d1a8b20de0f73f0629682b64621d51c7457b411f0573e200597be86b87c7e9475166fb21d30677c0b16f58e9c1323420","ssdeep":"","tlshash":"f0f05cbd14901813545f0cc4c26485971fd126d56bbdc31eb230882d37589af06aef6a","first_seen":"2026-04-21T12:24:48.898294Z","last_seen":"2026-04-23T13:21:42.165197Z","times_seen":4,"resource_available":true,"data":null}},"time_used":105,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":105,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/BetslipPossibleWinInfo-BODkpSVE.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.170Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/BetslipPossibleWinInfo-BODkpSVE.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.gallabet1075.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=PAo2zT6Kjt.c0QZqmr4JbQPiQ4AEQW0K3GJlWGrEyPw-1776950254.2946367-1.0.1.1-6qBZG7AjVGUdCbGrn1t8m4AxrYFJdeD7.pQ9m55udb72XLCk.arrM9c2ZUmWGgd1_YNszeUkxZMBZJVjVCyVGHSgcA96jSzJTahxIvYoQSuhIMokhr2ORdjiG9PT75g_; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XLlWupOkt75Gai9%2B35CpBLmMd8jQD6nOaVn6MCpRKG7MIvR%2BJJHeDHZBW2ogBFv1vqqjSoVdRmv1Ab7e9MDLRa5GuU0seSkCPzsV0I9kBmZzmcSz0LQC2W7ZotsmX0uhgC3qJg%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\ncf-ray: 9f0d262ffcfe56b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":2149,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (2148)","md5":"aad3864d0ced213a2758771417e96758","sha1":"3ab8f87457930f5085e69132786768feebbfa6ce","sha256":"5d319ebbbd4232944ecad0beb30af546e5a9cd6367fecdb61c66420a19adc6cd","sha512":"c8e861d73d9baf2bb62c4cabfb0428880c35ca3e237b7f77012872039caef4369336ce736cc5fb5821dae4d981c3401587ea579086013da48f9135d94aa52a78","ssdeep":"","tlshash":"f0415a11b414cbfdc5720dca794d1134b00e2fa0eb69a191e0fb2e2896bc9d67641ecc","first_seen":"2026-04-21T12:24:49.045458Z","last_seen":"2026-04-23T13:21:42.188302Z","times_seen":4,"resource_available":true,"data":null}},"time_used":286,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":286,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/MarketSlider-May5T4d_.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.199Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/MarketSlider-May5T4d_.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.gallabet1075.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=Rzxh2.9AwTm_nYJAvNv299SJd8ojly9o6.Ijxa9JvU4-1776950254.2840881-1.0.1.1-aP_1EuXNIzRyo76ZEYXil53X_cJ6aSvfQDF5gN5EhJ3FSerTigyY1B5DH.4OAFXLedstg2JawAkQx120S_UJvnDJNLVCWwhDLD7OcILKTI2PP5hc56CaRnJWlh1qoV2a; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Rnbi1OvVVa2qo%2FUoxz1XbrjPTMABiB%2B44OkOtDwm7KQ23wR2IHKNbtyBC4YPZjlT1n8FC%2BOcOAxMdgE1GR%2F0a7OECJkTK8uJ2sW%2Bd9Zdxrt1pVA%2FZVIPTsN2PVekxz9pkYB0%2BQ%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\ncf-ray: 9f0d26301d3956b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":4384,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (4383)","md5":"feea55c67b86227b96fac92790da896a","sha1":"1d76497c4a47bcd68cade47f07b90dfc4a31af93","sha256":"5ad5d6cbb54b9abd12c813e38b1885d8cee4e1fb39c4d768b6e94424281ccecf","sha512":"84ff6cf0d5307e322ee2187c4d0b3fb90d061d44b14d08c5a7dbd840e35921cac28c12c8ce7317cd30d6bb46b01382268ea12ba41350049915a3f6b7042f3208","ssdeep":"96:GeHcJa/LobULY+sKOqG/RdMZTuwZctcmXrc1IrRewlUmtRbOLDv:1HUa/LoAhOQ/ctXdhlZt5w","tlshash":"cc918888d039c86471698cdee1376f13a2703973ab7682d3f05b0db94364148d6aeeb7","first_seen":"2026-04-21T12:24:49.03677Z","last_seen":"2026-04-23T13:21:42.223936Z","times_seen":4,"resource_available":true,"data":null}},"time_used":232,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":232,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"go-cms.gallabet1075.com/api/public/v1/tur/partners/751/components/header_info/contents?use_webp=1\u0026platform=1\u0026country=NO","fqdn":"go-cms.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.549Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /api/public/v1/tur/partners/751/components/header_info/contents?use_webp=1\u0026platform=1\u0026country=NO HTTP/1.1\r\nHost: go-cms.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m.gallabet1075.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE\r\naccess-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hM1gMTZXXOOxsvKRc8VyFCl3srUNez9uhZ66YUQCKKNi79aMRT49UHoZ6Iy4rg5lUw3MSetR4SeVT2ZvB2LxUKP%2BZs1rKgqMnHqkyItIQQlDfCB48I1Qkaf2sjPJgfQGyjQ0Mbod3wNQkA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f0d2632b87956b5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":56,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"43dfa1c019084a2c14989e86bd6886dd","sha1":"7fb0def9ba86bc2b460cf769b94379b420263485","sha256":"1bdf4392fdd5d05c96b5535705fea6d6b46a42dc167783da8fe90f42cfa4f81d","sha512":"e2eae1c1a2bc05c7f77e3028cd407b45a718221fe2cc4daef14f4879ea0c34870bf1f21aaf87e7d8e0b77557564edc5b1d6b6b4a8e2eb6a0793bfec2004e2c34","ssdeep":"","tlshash":"b0900212743591f36562f181252c2d027674b0806154c01c4d4c1968a7045673042428","first_seen":"2026-03-02T16:47:34.128167Z","last_seen":"2026-04-23T13:40:26.019813Z","times_seen":8,"resource_available":false,"data":null}},"time_used":79,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":79,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"go-cms.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"go-cms.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"go-cms.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"go-cms.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"go-cms.gallabet1075.com/api/public/v1/tur/partners/751/components/6713/contents?use_webp=1\u0026platform=1\u0026country=NO","fqdn":"go-cms.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.603Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /api/public/v1/tur/partners/751/components/6713/contents?use_webp=1\u0026platform=1\u0026country=NO HTTP/1.1\r\nHost: go-cms.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m.gallabet1075.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/json\r\ncontent-length: 709\r\nserver: cloudflare\r\ncontent-encoding: br\r\ncache-control: max-age=600\r\nvary: Accept-Encoding\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=L..SQj6f59pBybwREPwnEdQ3mxyUTbpRiXSlVM6hqwU-1776950254.6412625-1.0.1.1-B.SNrHbhA5GmZI1Oblwh2ZJN4ujhfoFwq8IlXIxXSSu6VQLBWgxpn8TDAmQGhS3KM1jaE2Y83sw_pa5ZCYfcFRBnz7xU0rbfs56LuW1epLD9O5mDnsHSfKiwcz7.KgAQ; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vhQBgPkBLgZwalERPI6hvUoRYQn9Ds0Ybi5xEoooYuyj%2FFtZmlErlTPpSCk1eVy7ISBzrckXde3ErILLWFIIkUaH3i6Lhj1txEUPbUuV7TrWaC0BkZC7fTcDp0f9T7%2FII75lcrcbYHou\"}]}\r\naccess-control-expose-headers: Content-Length,Content-Range\r\nalt-svc: h3=\":443\"; ma=86400\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE\r\naccess-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization\r\npriority: u=3,i=?0\r\ncf-ray: 9f0d2633296656b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":2615,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"57bcadb4fc8dd230f6f3adc9cfa648b7","sha1":"321770a05730c5f865b429f3fcc694ffc9fa5ec5","sha256":"1772e571c74fcc1ca93188d5e69f84c965c726a181a7b3d561755c315ef595b4","sha512":"cb9b859208257963cc58c460d277aae9b69d53bb7bfccc6a50c8d87c4bcc9500776b35e7f5268869b4ade92c59c96b39bb491046cd4ea1fab24db640d2e02027","ssdeep":"","tlshash":"f1518b13702d9d6a5b507b40b8c7394ac8ee2447dc0a5670ec494f8d82fa63ac6d33e7","first_seen":"2026-02-24T14:18:16.975259Z","last_seen":"2026-04-23T13:40:26.06858Z","times_seen":42,"resource_available":false,"data":null}},"time_used":216,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":215,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"go-cms.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"go-cms.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"go-cms.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"go-cms.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/index-DNoJruNH.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.617Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/index-DNoJruNH.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/assets/DataspotTracking-BNSAxMZE.js\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950254546; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2050\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=HNOFLQfLI4qnl.ScGCfjcKrHRTUBLwWCEdtlrpiwimU-1776950254.677045-1.0.1.1-CQnOr0JXAHfNfQsmuLWTftxDVdGtIW_wi6inn8Rqgr3727hBrzIZvPO93sRaaaeB.Vj4b8ji511wxgVnr41PDSgyIgOmA92cKYh8swSGP94NDFeJIFsDX17Dx0NPUD_o; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QPqjxYw9R2kpSL9hh1x6GV1hdtMynRnExD3FHY2km0FtklO6hnfcPGm43BRzIV7%2BKBqgBUnW7RbxnmprcXNTm8bms4TrE4jo2KVQUlzfodL%2F7Q6lxlHnH%2FE%2BTfxzveJZfMVY%2BQ%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=3,i=?0\r\ncf-ray: 9f0d263359bc56b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5948,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (3085)","md5":"7dcd3c17ffec3af71ab56d113ac4c8ba","sha1":"8091491c5770791fa28e7aef0aeda85aec3a387a","sha256":"7acab49a2e3d824dc194d2eee3402945bddcbf42026240627ca8d9ddd108bc23","sha512":"c01ccf0217c328b24597c1092795b3bc4730b84cc7fb72d2779cf10fbf90b5510d4c0ee622ef7009a10b4dbf7b185450b9e45bf6af4399a77a07e64fda5658d2","ssdeep":"96:z1SftCFV7h7FHpokS73s91v2InwLRiTCHUgAaQKFu0FdWpA6u6PEDdxrOq+IHv2E:2+kiOHva0FdIuSEDdxP+Y2j8Eu","tlshash":"56c1b75631906530c6d344a6914f42aeef3e6638f00f50a0b23f9c6d3ba1515d6a3ebd","first_seen":"2026-04-21T12:24:49.074623Z","last_seen":"2026-04-23T13:21:42.22463Z","times_seen":4,"resource_available":true,"data":null}},"time_used":116,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":116,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/GameDetails__platform-DeLpPgwV.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.852Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/GameDetails__platform-DeLpPgwV.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/assets/LiveGamesWidget-iPe0Z4pg.js\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950254700; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2050\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=gOlvP7VRG3ncaAzwoO7AHBNzRCNUoEchCzXaIDNLaOw-1776950254.8697524-1.0.1.1-7B4RRqgzJKM_glrnda7KeOg7JLYzV93jGMZaSA2zw0u9FtaTmBbBANC0.XsOiovtWejDnpBVhYAyy5fq5GFzRyjNXkaqV2LItehRf1bRn9DpOG0KINbAtsglx3mW2Gcj; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=WTNSWPOpUXEBPGD49c9hr13X86p3p6HRQZJOHW1MlT1XNxjE6Dx9QMPhm4nsJKsesDXE0i7%2FhEj0NmFtkyCsepSuKvSD6O8RKGSVIHzUJn1xPPHzkRbUhA%2BUOhZnqBjtE3UsVw%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=3,i=?0\r\ncf-ray: 9f0d2634ab6356b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":7412,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (7411)","md5":"b1d3729a864ba6f0f038acc8f30e65e0","sha1":"09afbfa1c6972ed430da5ae094230a69170dc4da","sha256":"2c16641def7b54bf96b79561afcd16676fc0c9e8e0869c89a0705a1c5a5cfab6","sha512":"e5941d5433ddc66b45c0a300c64209be0b85dc976b5ed662440aedc50c676edeaaf09f5f59e0147a31018a25fa3a611c6087012bfa203c7ce0d977e0d6eb84d7","ssdeep":"192:2rZFwk2T2D2E0iP1XjkHjjkHE2t2p2A2V2+2DPAPpPuPQPkPAjkRjkKjkJjkPkj/:2rZFwk2T2D24PRjCjt2t2p2A2V2+2DPO","tlshash":"69e1e19e912e6c46dd7f063cb5c12b26bb333fc136440695fdde539aa608687312a72c","first_seen":"2026-04-21T12:24:49.067917Z","last_seen":"2026-04-23T13:21:42.086246Z","times_seen":4,"resource_available":true,"data":null}},"time_used":92,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":92,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/BetslipControlsNumpad-CAXDjwGA.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.883Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/BetslipControlsNumpad-CAXDjwGA.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/assets/ExpressOfTheDay-43DWSrHP.js\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950254700; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 503 Service Unavailable\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: BYPASS\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=B%2BbFhpmIkUqUSncGXF0ZOVckcBRWM3XqD%2FRx04Oy8M0Zz2pPHziTq%2FP1koz%2BL4zjsQKm%2BfzvTrhMQ7do8Lyde0FNs4m%2FsLo4zG0MdS5vF6Yy0FKfdX9NPCrSZfMjrcs9d4jik0U%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f0d2634ebaa56b5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"503","status_text":"Service Unavailable","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-23T18:09:27.649541Z","times_seen":14112422,"resource_available":true,"data":null}},"time_used":79,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":79,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69e6f4c07ce/js/twk-chunk-4fe9d5dd.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:41.260Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 06 Mar 2026 09:33:33 GMT","end":"Thu, 04 Jun 2026 10:33:27 GMT"},"fingerprint":{"sha1":"F0:6C:DC:32:63:CD:34:E3:15:CD:7F:77:F5:A3:64:E0:9B:36:95:83","sha256":"B6:7F:6E:A3:69:3E:0D:3B:04:3E:8B:65:86:7E:1D:5F:82:84:18:16:8D:AD:72:D5:51:E3:46:BC:BD:CD:BC:38"}}},"request":{"raw":"GET /_s/v4/app/69e6f4c07ce/js/twk-chunk-4fe9d5dd.js HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 23 Apr 2026 13:17:41 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 21 Apr 2026 03:54:36 GMT\r\netag: W/\"8249fafc9a9fbe0f75d4bef0aae2305a\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\nage: 206537\r\nvary: accept-encoding\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nx-content-type-options: nosniff\r\ncf-ray: 9f0d265cdd06b509-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1000,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (1000), with no line terminators","md5":"8249fafc9a9fbe0f75d4bef0aae2305a","sha1":"fab6dda0967dfbaf8ba0cfe5cfade8e150d1735d","sha256":"69b650b4d6479fd29987836a9b74147aade85cc9c50024bcacd5dfb2cb793e8d","sha512":"d0bc9a750061e5b4b761db081656b0e1e655126a413aaa22e87ce14cdfaeac34d532acd08eb0d61274707212871f6d84369b8b2a1a6d3e6c3bfd3d4167afa865","ssdeep":"","tlshash":"f9110248f056b8fcdc8af64288df143034627d4a898cf9e6f5f0aad405555ab312bb5f","first_seen":"2025-04-29T08:39:38.372752Z","last_seen":"2026-04-23T18:02:33.557835Z","times_seen":36701,"resource_available":true,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/walletConnect-CiycSUBb.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:32.629Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/walletConnect-CiycSUBb.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.gallabet1075.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:32 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:22 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=KkMXauT0iD1FpKH3y1H9yxY1J.InTNC8hgt6X_fyjvo-1776950252.6640732-1.0.1.1-raBMq_0__Q1hT6RBIunga21j4Pngu8V58dhVY6Qihjxpo85FnpDUPoW8Os0LwDQ14ASIEYzkyuSSllNBuc_n.sq_F6EphLmpvJwHnztlod.7GgyWrY1n1Q7myf3eiHlq; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:32 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=WBseKz16ZtBNFpZ1jQOOS%2BqiJiMu3GT%2BWc3Xp2GKJbWZerGwvs1OvbRu7g0Gr4%2BoBlfPuUUDGT5R4qmLCXDH%2FT2tIz3O9LkjHy%2FOTahFnPv%2FKrwxgtYBzfMqxDFowex9rIB7sw%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\ncf-ray: 9f0d2626e9c856b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1998,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (1997)","md5":"da47465662d5f1b88313ef72ebb29b9b","sha1":"e0d2fd5d0504d57d4b24f518b22952d2c988a7fe","sha256":"3bab1d05ac548fa6a9da34691fb10a9952e78e39de56d9db8e707490f5693803","sha512":"0caccce9e0a63d128acb707352cf961d8f203ab6088a491971a415a6902229d366a19c5983aa951831611446a97d432ac6eb2fa0aaba7cafee0d82e68688bcb2","ssdeep":"","tlshash":"cc4153ed9a14e4fccd74d1801ac9a709a0268ec6b40d40cb71cd912f0ffd4aad546b27","first_seen":"2025-03-03T02:49:15.275081Z","last_seen":"2026-04-23T13:40:26.073528Z","times_seen":1607,"resource_available":true,"data":null}},"time_used":88,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":88,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/withPanelButton-CZMGiM-x.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:33.712Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/withPanelButton-CZMGiM-x.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.gallabet1075.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:33 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=gw7Q8r_eqM77IrquACL52OIO39FLIBZQ7cwnW0OlagM-1776950253.7560315-1.0.1.1-5aYFQDjmpfPLw9tQls8Ij0vbN75WmsXMIW.3kqiBWaTlaFfVC1Y3iSl77_x.nqiTyvvBWzKzRMVhQnJASsgGKqKK.BuS0CQoZ9cKG.7WRC9taOAi4kFwSM_Xl.y3b3KE; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:33 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3s3pMkIn945EWEpmzW0n%2BmCpLXlP422cYh78oEQk1190M4Wnli8GG6ZayFNF5iImnFVBr%2BC3vs8P6cOX5WDQG4ioK3OeZhotEAZKdAtkpFgW%2BxAXIjSEY1iD3AuzqiEcPkVmTQ%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\ncf-ray: 9f0d262d99d356b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":1089,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (1088)","md5":"f4d15b1bfd3e75dde9577068cfe0fd2d","sha1":"77654457476f7caf254ef7bb2b5f00f7ceb41661","sha256":"ce48c81643016988a5bd0dd25411546e92cb88e93a881fbb28be7e848fdd93f0","sha512":"e412e91e3edc4c462aebcb09787ab705a6681ee081ed314be4347d7952e6e2e26237e5a46b93a69a00da19a53ec04c4684986be9a6db16e56d8d61d66eae2a78","ssdeep":"","tlshash":"d21112f4f580a9b2f4c41088577b2cb6319f32cadce1049021b6c8e91ff9448965e9af","first_seen":"2026-04-21T12:24:48.867057Z","last_seen":"2026-04-23T13:21:42.140256Z","times_seen":4,"resource_available":true,"data":null}},"time_used":116,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":116,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/HorizontalNavigationListItem-CWrC71fV.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.878Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/HorizontalNavigationListItem-CWrC71fV.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/assets/FeaturedGames-DWwns83P.js\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950254700; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 503 Service Unavailable\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: BYPASS\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=q9lfYxaUz3m5ZMCJnWp1gw0RmwPwbpJ1QNMcGLgdy2PiUTxfYYXxBGXBPP5zVM2VfVdXHdj%2FrIMCbw9vT0IEm3oYrBH6CTb6swe1jX%2FSQKI1keQW%2BDud5fi39VeTEzSr1a4Oxj8%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f0d2634dba156b5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"503","status_text":"Service Unavailable","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-23T18:09:27.649541Z","times_seen":14112422,"resource_available":true,"data":null}},"time_used":72,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":72,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69e6f4c07ce/css/max-widget.css","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:41.389Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 06 Mar 2026 09:33:33 GMT","end":"Thu, 04 Jun 2026 10:33:27 GMT"},"fingerprint":{"sha1":"F0:6C:DC:32:63:CD:34:E3:15:CD:7F:77:F5:A3:64:E0:9B:36:95:83","sha256":"B6:7F:6E:A3:69:3E:0D:3B:04:3E:8B:65:86:7E:1D:5F:82:84:18:16:8D:AD:72:D5:51:E3:46:BC:BD:CD:BC:38"}}},"request":{"raw":"GET /_s/v4/app/69e6f4c07ce/css/max-widget.css HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 23 Apr 2026 13:17:41 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 21 Apr 2026 03:54:35 GMT\r\netag: W/\"7c8224daff490314bbee102edaf64029\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\nage: 206536\r\nvary: accept-encoding\r\ncf-cache-status: HIT\r\npriority: u=2,i=?0\r\nx-content-type-options: nosniff\r\ncf-ray: 9f0d265dbd17b509-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":100307,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"7c8224daff490314bbee102edaf64029","sha1":"13aabbb4f10305443e0fbb19c55fd27c149828a6","sha256":"a3652c70ae4477871298cf7fec970ce38a1a5f26a814c06b72cbbafa9c6f3298","sha512":"4a1ac844d0cfc147baefde211336f72422efaaa9c92b4e3a150e434aa3bcd0ca3ab49c34aefca46bed94139738c01ec1af989beb50b48dc747faef0cb8a779b0","ssdeep":"1536:f/Uifm7kUdwddCri1iLc0Lg261F2BBCrikauV3cGiH27PNWE98MGfU0nPROpmi0U:xauVLmi0V0d+tKaK","tlshash":"dda399b2e56710cc7363c22692c1faac1029e370c757caa6f827767d4bc25963562f9c","first_seen":"2026-01-16T00:46:03.978063Z","last_seen":"2026-04-23T17:55:50.503093Z","times_seen":22619,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":8,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/fonts/default/Roboto-Bold.woff2?v=170","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:33.620Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /fonts/default/Roboto-Bold.woff2?v=170 HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/assets/index._m59fQOD.css\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950253481; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:33 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 74184\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:45 GMT\r\netag: \"69e7308d-121c8\"\r\nexpires: Thu, 23 Apr 2026 13:47:02 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\naccept-ranges: bytes\r\nvia: 1.1 google\r\nage: 1831\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=caYjI3xMvWqcYGOVA4k72BGyffJsqlXvEdWa6rFG_XI-1776950253.6731899-1.0.1.1-HpJOTGUlqLxLbEFpS2cDZQO.jVcErRjJFaRN0oErxvhEEJFW0YxXDG7MeXIR3Lg9pYwlk8.s1r6QKI7sORHYOmzT4qEA.tvhkfY8ZMZpAab74DIgutWZH5v8dk3AwnbK; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:33 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=p35TyzNTZrpYU%2BvhzbZ6VX0fEYHtIA%2Bi3cBd2iHRGJidW0l3ayAwejtS5PB%2ByguQteuHyC4deGK6vAPFo%2BxtJ0PtUlcQRKpHB6csmfDKGhyDQ919b6Zy%2BpCvRcQTka%2B8cQjhqw%3D%3D\"}]}\r\nx-xss-protection: 1; mode=block\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\npriority: u=4,i=?0\r\ncf-ray: 9f0d262d293d56b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":74184,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 74184, version 1.0","md5":"b270a087c3e5691e8dcd9c65c47146d8","sha1":"eca2667e8e4bde8fcfb4f7bf60bbb173b253f012","sha256":"a263682614bc107fe67de6eed6bd2e02a7225cba494c307732bb237bd5fe2e5e","sha512":"7377ab397d9ad4f74c194429c95372d83899fdb831cc2d63b80d84898be9b14e6b43889470ac2b5ef017989e5ab1d3d24b74dd461c9781c83e14dc9ad37b7b67","ssdeep":"1536:0VL7PKKoeF5SBEVL8FqoDceu/+6ab00LtFbsCbE7pr:IL7PZnqvasb0EtFbc71","tlshash":"3a73017c44e03055ecfded5b329f20a3ca3863e258d59e88fe79099d1cb6bb8118b449","first_seen":"2026-04-05T07:31:10.868394Z","last_seen":"2026-04-23T13:40:25.938517Z","times_seen":21,"resource_available":false,"data":null}},"time_used":272,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":182,"receive":90,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/Firebase-CifH36fp.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:33.683Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/Firebase-CifH36fp.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.gallabet1075.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:33 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=IM3Md3O6iYTaYLtlOfSN1sLrfbEcJsxaw41jkvv12gU-1776950253.8991416-1.0.1.1-01f1294HpymWdh7HRqUxzXOBTe5Z__tcvfVGx6.ct9y3RkyFys3Q1ei45Ctju1BNunRZphunjzTuzrSakRCSTZfJSKfxCS2TAEzpE3AzQw4GotZjCkkfOxiDLlqHtceL; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:33 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bZahezRsWh4F5LGZ0fIJDquoHqrkEM0IjnAJiBTP7c046vGvnwkKD%2B0j%2BWfurzgJ2dZdcPLnvAjYjxX%2BKgGxOcR4%2BYfL7jQI4XJp02x3e1ZlOwgWw9VHfgQ%2FC2jZUARUNRL%2F7Q%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\ncf-ray: 9f0d262d89b756b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":84095,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (4779)","md5":"d23df4ffc78896569b07187cf4a48d32","sha1":"e273ad423a635ff19510aaa37ac6463bb6c1a27e","sha256":"e25409253f5c5bc35aec45ef960561be1d9c89c60bfde100b52a181bc11c0e18","sha512":"f636a22cab13b3cbc6ef726f2561a4e2f15526b44fb3f07a97e1109ef0013af95d9ab3167b6328523599f7f106c36634ffd2548d1c454c4892dab846dc5c093b","ssdeep":"1536:H4B1ZtLG0w0MlRdcuwMU51uxIZOLphF4yslNmuICMmWJRvebilqVotWL8Avw+u7h:Hs1ZtLG0w0MlRdcuwMU51uxIZOLzF4yv","tlshash":"cc83957d7a922a3317d189ab792f50cbb319c64d390f8394741ec0e91e3e45a45faeb0","first_seen":"2026-04-21T12:24:48.879237Z","last_seen":"2026-04-23T13:21:42.200059Z","times_seen":4,"resource_available":true,"data":null}},"time_used":312,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":312,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/FastTrackTracking-C80GL_Ah.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:33.752Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/FastTrackTracking-C80GL_Ah.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.gallabet1075.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:33 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=KOn0rwhkm_nCuDtFp.3h50COMnyaEIC5bHuiVeF9Xtw-1776950253.9283426-1.0.1.1-LD9dImKbVU6H.Zdn1VzUI5xCYD047n8wnEeRE1Zz5J.xhpssLQbyukQ_s1i42oU34AEhASOw9qDslbnnZwUBiNfN8eNvT47cICihSfgnZ1xuhL2vnanAVF2eN.kHwWFs; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:33 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3Xg9SzmQT0eJF1P1RIx78ULo7JHVJcII11K50FqLDOhRobFmelUGRumDCDomfa91Qfc7tbiQjnO%2FPE%2FkvpHZKePlHeX3cKjtCJFXmk7bOpz8xYVmOBD92%2BpfGlVJVMlWqnPwGw%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\ncf-ray: 9f0d262dca3056b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1385,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (1384)","md5":"44402e6c809f993a91be813f29131dc4","sha1":"0671bbefcca323b5a50859522d160175bbe76ba3","sha256":"1d295d131e759ef01fed7c13a6c9c25b30a03064b0b29952ff8f0bd1c6c5257f","sha512":"c9dee0cdde4cc36a00231a4e2e5f5719d5263ee852a5b7c14884a31fa15d1e0e2d297395c45f6cc45ed61cc3edd1c1b039f26721354694350db91356b2e84945","ssdeep":"","tlshash":"5421410f40f482f93c800e4ea2e7e2a0967e5539702dd4a3b17a0bb82b1c245d3dac93","first_seen":"2026-04-21T12:24:49.030129Z","last_seen":"2026-04-23T13:21:42.195985Z","times_seen":4,"resource_available":true,"data":null}},"time_used":261,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":261,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/useJackpot-BgMStqQ-.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.119Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/useJackpot-BgMStqQ-.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.gallabet1075.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=lyyLBuAiPzsYIbXPVHL8xEmmq5zfZQkLmrDxDzxyuVA-1776950254.0635703-1.0.1.1-cbu0ozfcK0_KokkS_9X7IoCtjHzxAD_f7emql1jX_otiK18bcCVh98fQRXJoz7IUrXbTphDSyshOlfrHPJYqxXRzr9G92zgUswN2YjnbuEoqzw93f9RxI.H2S93MoLoW; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0u6e36Nd5DSHO5yQIXhXfTQxe%2BARKZM%2F5UD7r6%2Bh%2FpAf2DpvEOa6btK%2F%2FEA8vdTGx4zMhazM5SvRbsQWb4yoiw8F4%2FEw5%2FfMFDCbU%2Fv%2B%2BTJYUyo6uwXnoFJNMVzNXqNbb70IWA%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\ncf-ray: 9f0d262f8c7256b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":1419,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (1418)","md5":"ade688ccd4986b3e2cc18ba021e37d84","sha1":"5192350aeb75b62f96abc581fc97adb6430a2364","sha256":"d4633c61f7b8cd422e3dc99882d4a7c1f0edc9cfc4d4473fdc6f05bddd332266","sha512":"e07826b02aa78a47d2b184a6cf64329c7a1609c7078498adfb6aaaa0239dc4a57b5e1ce51d84f23898e4683daab0ce00486b7f907cfcf3706f256ababfedf589","ssdeep":"","tlshash":"7821f045c059e5f8f58d8cb10067d72a1b3c3f297440a090a0be5ebd57a8d41b6a0f93","first_seen":"2026-04-21T12:24:48.876051Z","last_seen":"2026-04-23T13:21:42.203949Z","times_seen":4,"resource_available":true,"data":null}},"time_used":120,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":120,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/DisabledMarketEvent-D3Rzd1b4.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.156Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/DisabledMarketEvent-D3Rzd1b4.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.gallabet1075.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=otsLnfjip2bb2By733WkIYks_i5a2kwiWgkIPikT8do-1776950254.2665825-1.0.1.1-ATDMd.iGNDQJ0_zfOwBkl7q8QsIEsipwd03rUf_W7MwfxapEfU2w7q5a_N3fUKW5eyOMTMsMQOgmN3cbqdSFGmM29OwEkx2yRRpLHcPJWdLyggntvJm6HfEdUUa_e1ES; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9oWME%2F98yJqjngoJ4%2B1eTN5Mao51Atr%2B%2FqySgUDmOmZM8gICSXAJ7qCbFLDYzR5JrBpGOXr0vuY4yDl3%2Bcb4DF%2B3rsWss06eRoWQv49n6DLD2dNy0v9LG3NqTS%2BHlmu3gxASyg%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\ncf-ray: 9f0d262fece956b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":2717,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (2716)","md5":"a0853a252113b89e2f91430c92601259","sha1":"d1e90d51f3b0454077b0fdda9bd92f81338a3174","sha256":"f9942c9c1250a67cc2cc703ff9bf0c330e117e3fbdb15c2abc5d94cbd5bf6905","sha512":"1339cda711baf829a033f7bc84391f3b1b0a3c250bdf34f4ca1c13886db7d9ab1cc282c0a329fd60542271aab51ee98d9267c6110bb87a7d56b86796d19fec77","ssdeep":"","tlshash":"7d51846df280ea7d593500dcd37b1f5a601a17a2c65a0952d07e8c38095d09d366ffda","first_seen":"2026-04-21T12:24:48.909521Z","last_seen":"2026-04-23T13:21:42.158864Z","times_seen":4,"resource_available":true,"data":null}},"time_used":264,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":264,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/GameSuggestedEventsWidget-C2pyJjPN.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.615Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/GameSuggestedEventsWidget-C2pyJjPN.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/assets/DataspotTracking-BNSAxMZE.js\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950254546; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2050\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=qdNyMFZkM2Yc4MwTXtaBYzg_hzf52eMgDq27Q1tMs3s-1776950254.671609-1.0.1.1-iAJDbV0JfaPKEViBse8bldrqifs7vpYLeJbIINW85MkM_9TEnN66eHBmo.EBsnyyWdVj315s85B2oXPzk2vvU.g1TXTg4mlUPUmc4I2ke3rdudqfweSm7nES2EWNbL7Q; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2Fk75rV%2BtFoyBl5IvceJSBykLAp2uRKSQXUcElXLDM7swV3evvIES7SiXnKpsDdZuvXeewhbVEuzNrIZ88g%2FBX%2FU%2FWrJjZNG%2FdE6oCIBMryrJnwyYTgbnoJTMDc7RqSyHTu9dBg%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=3,i=?0\r\ncf-ray: 9f0d263359b456b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":3709,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (3708)","md5":"751a6d9bdce905b3da67bde527735018","sha1":"6eab5e951f1ad5abf219a195b0064c1ed86a0fd3","sha256":"b8c08c5a6a2762fc27e6450bd245d830bf789c22e00d40948de00d520000195a","sha512":"9bf68d9935943ac61e80e726518f708f6cd5fb3da4b1486be866d273c6148578c2ce7957eac09fef9f069b8ba5005e8ab9fc55ee3180854c183261f23860cb21","ssdeep":"","tlshash":"2971c646e010aa39917741d82bdf3119153632b4b94353c1b63fca3123e2592ab9bbdf","first_seen":"2026-04-21T12:24:48.990149Z","last_seen":"2026-04-23T13:21:42.13639Z","times_seen":4,"resource_available":true,"data":null}},"time_used":111,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":111,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/SmartMarketEvent-DZJsJGjf.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.878Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/SmartMarketEvent-DZJsJGjf.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/assets/FeaturedGames-DWwns83P.js\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950254700; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 503 Service Unavailable\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: BYPASS\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=UCG6wfgRnUXmm1vMsog01shn9mnZGO7brU6L7FXzMHKuFtfTL%2Fm68yhHZ2%2FQyXElNNTk9WLlB2yNncVdLQq5YZsUc8J%2Bd1kbFIPHpagOF5T12h%2BvGC8VX%2BFwDfuQD1Y7j3BkHbg%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f0d2634db9f56b5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"503","status_text":"Service Unavailable","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-23T18:09:27.649541Z","times_seen":14112422,"resource_available":true,"data":null}},"time_used":67,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":67,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"explorer-api.walletconnect.com/w3m/v1/getWalletImage/3d7eb880-7654-431f-ed84-a25712b45200?projectId=45f4062f4f6427f9e6eab952d2452b3c\u0026sdkType=w3m\u0026sdkVersion=js-2.7.1","fqdn":"explorer-api.walletconnect.com","domain":"walletconnect.com","tld":"com"},"ip":{"addr":"104.20.35.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:35.019Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"walletconnect.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Apr 2026 19:35:08 GMT","end":"Sat, 04 Jul 2026 20:34:55 GMT"},"fingerprint":{"sha1":"29:D9:EC:AF:28:AB:86:B5:F5:38:A9:38:B4:CF:23:E6:E6:9C:63:04","sha256":"83:7C:8B:D4:F5:FB:85:02:A1:F8:37:D9:53:80:6B:8E:C0:ED:FA:F2:DE:40:56:27:B6:C1:31:C4:A7:8C:01:8D"}}},"request":{"raw":"GET /w3m/v1/getWalletImage/3d7eb880-7654-431f-ed84-a25712b45200?projectId=45f4062f4f6427f9e6eab952d2452b3c\u0026sdkType=w3m\u0026sdkVersion=js-2.7.1 HTTP/1.1\r\nHost: explorer-api.walletconnect.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m.gallabet1075.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:35 GMT\r\ncontent-type: image/webp\r\ncontent-length: 2176\r\ncf-ray: 9f0d2635df0e56aa-OSL\r\ncf-cache-status: HIT\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=86400\r\netag: \"cfepCHWB1qkSi-cNd1o8wsvD9BfmDcyauXnchu_YTSDQ\"\r\nserver: cloudflare\r\nvary: Accept\r\nx-wc-r2-status: HIT\r\ncf-bgj: imgq:86,h2pri\r\ncf-images: internal=ok/- q=0 n=16+2 c=0+1 v=2025.8.5 l=2176 f=false c2=0\r\ncontent-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; img-src data:;\r\nx-content-type-options: nosniff\r\nx-robots-tag: noindex\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2176,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 120x120, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"7b91b6e5024dfdf6e8a4d61f0f74dd13","sha1":"1614f764ed7b516c7768fae0966abab152ac7d1b","sha256":"00e34844a07301274fc65fdbb65891aa95436b94c4c860d9edfcb96331c5487f","sha512":"c3948fdb40f0f4154fce632acb88cf9cf57ce39d2858e4934d8820c4d5729da238c569448b5bcb6d1780e37f005cb9f5ed60093005cfa451a92270c4c0034566","ssdeep":"","tlshash":"48413ab2c3378c72ce2cb5e3e9b2d5168b449a5a91859afc22413d33a4b145cc4b89e4","first_seen":"2025-01-28T05:59:32.007883Z","last_seen":"2026-04-23T15:12:40.144517Z","times_seen":2765,"resource_available":false,"data":null}},"time_used":670,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":670,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.blocked-domain.invalid/beacon.min.js/v8c78df7c7c0f484497ecbca7046644da1771523124516","fqdn":"static.blocked-domain.invalid","domain":"static.blocked-domain.invalid","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:29.951Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /beacon.min.js/v8c78df7c7c0f484497ecbca7046644da1771523124516 HTTP/1.1\r\nHost: static.blocked-domain.invalid\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m.gallabet1075.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-23T18:09:27.649541Z","times_seen":14112422,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/DataspotTracking-BNSAxMZE.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:33.741Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/DataspotTracking-BNSAxMZE.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.gallabet1075.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:33 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=pbIfAkzQId_IBXwXeKsJLFO1apn0oOE8po2lQND4uos-1776950253.7784054-1.0.1.1-2d8573s4lJ8ob7YuivoFWJCH4EUHh4P_ROaxMv5tfvkCsatuSwwWG81vFLOKDT56oEhd2UccTo5Je8f.8eNFgZwUAnfkuFPp4qB9hXXKsdFA5Kd.Zie788A8r9lxNkQb; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:33 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jO2LPXvUVsKa6IfiOeAanq0c6n%2BBCfVuSwzZpjSuuw%2FkM4Zqra5TxcKOXzp47SAR%2F9g7bwFmD0i9pdFTPVLFI0EnHg8I3p3rBkR0vbscEQE4C8wB46%2F43NU7xIKufjN2Sj6XoA%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\ncf-ray: 9f0d262dba1b56b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":8580,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (8579)","md5":"a43d6d9db291e70d4e23f436096e894e","sha1":"64f14bdaec33bbf43977c9906be595d3ca46d1ba","sha256":"e24a59385db663e56f90b790d445a3cdc8a6f349d11f651b3d92e5362525fac4","sha512":"3df63a09575fc7247f89411684c94afdcd9e76770ff3074340f2c50816f89733d102a5038c5ed539f30076f271c9714471093afe3fd3d2e1015b10d913b8dee6","ssdeep":"192:rECb+cB+hnlqWkO+bNKb0s3LnBaCHJNvuvXvqvxgFzL3IuXge3AmYO2hU:rEq+cBsqViaCHJ5Q/0W1LnXge3gO2hU","tlshash":"4d02e155641e78bd6037d6ad0d4711a208387042e1339de076aacf5a9e399c28ff77cb","first_seen":"2026-04-21T12:24:48.85803Z","last_seen":"2026-04-23T13:21:42.099406Z","times_seen":4,"resource_available":true,"data":null}},"time_used":124,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":124,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/InformativeWidget-U7XsexQ0.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:33.830Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/InformativeWidget-U7XsexQ0.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.gallabet1075.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:33 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=abpjyoYc39hgDlzrZU8OPhxMKHnrk6lDxwcjVTiYGaE-1776950253.8973277-1.0.1.1-TYq0mKQxrL5D8i2tdhPDoa2sp0RE0Qv.bQW8r_HmxmcP.48kxtmnkTize9s1gaqAkmYZrjqyKI8WMCpwDQCSGACKf6hkX8nOPq8t2vhyj5f9nrOM2a7LMLbPMdg80McW; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:33 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=frN2YbpmJ3UY95bbrW%2BiLM4P9QXsiyjueLv28jiVOfr49pAN4jdjuUyikwqEePZDDvjs13R5zG%2FUO3jJqomgSuwNTR%2Bcm4Axi7GImNBgriUhqKxTvzgZ9H1NXOnylwbk3iJaxw%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\ncf-ray: 9f0d262e6b0056b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":1087,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (1086)","md5":"b33695d67c48abe85873f5bf86c00af5","sha1":"0edd914a4fb8b3b268ceac53a25775329aadaaaf","sha256":"e68f8bff445a41225207efbe87a76048f840efdc5a396eb5e20c59c1a8b7a8e4","sha512":"3f3f59e5635099172d72bbc52ec00dd07d215779f272fc3afdd5f18f6cd6b5d8130e8c445232c3665177ea4800b81e47ba8fc0a1671a8887ba2990e65ca574c9","ssdeep":"","tlshash":"6911b946f590d67eb0350dc44657c0d46a212de4cf38d8e898b53008a43410bb6dbfac","first_seen":"2026-04-21T12:24:48.922225Z","last_seen":"2026-04-23T13:21:42.143661Z","times_seen":4,"resource_available":true,"data":null}},"time_used":132,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":132,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/useNotificationsProvider-CDjHBCPZ.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.145Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/useNotificationsProvider-CDjHBCPZ.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.gallabet1075.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=9TUERYTFdQS4ii.HwSc8YqqdSO3ut.rj8NPoyR3UnmA-1776950254.2385767-1.0.1.1-KfTe_Tcs9Hs_A1Q5DqAUBjufiXWkXbtxP.JI7tGn6T_PiZyj9zqIdWOGzEA..UsMqjQz7dlmeJQytUuqe5J3ujohxUlrl6MBOdMlkS38dTpCDc5llyZnWH0ddd2suz5c; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MjEmDePi0CyUjqFETThILP8GkJ46QEEjPHjtFi5%2FBlUyVn1NMZkPtVWq009xodDRL47GPQbgef%2BubKHITpTl3z2EiTZ7%2BFApWlC9AFU1q20F60Puau7bwd1AY5NlDflmGeUlnQ%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\ncf-ray: 9f0d262fdcda56b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":92,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text","md5":"a0704011931a5a01bec0bacba061e934","sha1":"347f1557de03029cb7df1dde97a3026956a3d89f","sha256":"b333c15ca234db1c66b1abe91865568ca9bc09da01cfbab8a9d40844156abd7b","sha512":"5489c10972ebeeb5f7c5d669c7f0611717f8b481d5568f1d16a8e5ecea9c79033d38bff972bb98aafeed060467c6c3d146de309071a667442a86f837962e9961","ssdeep":"","tlshash":"87b01217044143f021020cec011048690732083d37419fa00034010c12e4089830ed16","first_seen":"2026-04-21T12:24:49.044228Z","last_seen":"2026-04-23T13:21:42.186775Z","times_seen":4,"resource_available":true,"data":null}},"time_used":246,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":246,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"icons.gallabet1075.com/storage/medias/galabet10/content_751_76b99092bc08940901dca416fe299c14.webp","fqdn":"icons.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.849Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /storage/medias/galabet10/content_751_76b99092bc08940901dca416fe299c14.webp HTTP/1.1\r\nHost: icons.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:35 GMT\r\ncontent-type: image/webp\r\ncontent-length: 49696\r\nserver: cloudflare\r\nlast-modified: Sat, 11 Apr 2026 08:42:33 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"69da0979-c220\"\r\nexpires: Wed, 29 Apr 2026 19:11:07 GMT\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\naccept-ranges: bytes\r\nage: 65187\r\ncf-cache-status: BYPASS\r\nset-cookie: __cf_bm=_JzKITpp66rgkofYQRCnK.BmolwaR87iH0ZY2gEUlmw-1776950255.0271442-1.0.1.1-7aSKLFpBcsQWYcSxD9P4RgXnAnC6c7nPVz1vLL0wLbLbbomyAMREyiPKQk5HsR8gdhvoE27ltpMdlUuySLNMN3hxl05BdpnzwEsAfmfswlSYRJ4yIVCz6fj1lIvgSG0q; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:35 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=cOAB9oP%2BQFaEwtXsW6TUL%2B78zYDeRjyxL1bTmxDYcsasfQmJHACVFn%2FL6d9syh%2BXWuZur4ovg%2FDE71H%2BjggggKdehKQeWsxgDa5cBmbNCKeBH%2ByyBLkhrbeZ8BJxDQ%2FIxFcjsWHsS8s%3D\"}]}\r\naccess-control-expose-headers: Content-Length,Content-Range\r\nalt-svc: h3=\":443\"; ma=86400\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE\r\naccess-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization\r\npriority: u=4,i=?0\r\ncf-ray: 9f0d2634ab6156b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":49696,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1200x220, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"b45e2e0571ca089932495878bb35f96e","sha1":"14a4ce744110b76de2b0636776575daaeb73dec3","sha256":"2d1c796cd1d61a6cf40c6f3f1dda19e771029a09816c860bd30b4d2ebe49259c","sha512":"b9a544f15cd22e56a929658982c0959a08a79c3eb469f2642f53578df2d5091fb10ebde9ed59b24221518c527643606cb7b24d3ce8b342999f9b127c66a7d386","ssdeep":"1536:rMzyrLqWJvJ5Cxvn9M56EklcmxYTYI5rZtSUo4VoNt:KkrJR5CJ9Mwd7+YgtqyoNt","tlshash":"a123016ac39307260befa5b642a796c94fd539b44606f32bb43bb017d778060f46a8d1","first_seen":"2026-04-21T12:24:48.884944Z","last_seen":"2026-04-23T13:21:42.226503Z","times_seen":4,"resource_available":false,"data":null}},"time_used":367,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":251,"receive":116,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"icons.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"icons.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"icons.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"icons.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"explorer-api.walletconnect.com/w3m/v1/getWalletImage/77c1d3dd-0213-400a-f9cc-bfd524c47f00?projectId=45f4062f4f6427f9e6eab952d2452b3c\u0026sdkType=w3m\u0026sdkVersion=js-2.7.1","fqdn":"explorer-api.walletconnect.com","domain":"walletconnect.com","tld":"com"},"ip":{"addr":"104.20.35.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:35.015Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"walletconnect.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Apr 2026 19:35:08 GMT","end":"Sat, 04 Jul 2026 20:34:55 GMT"},"fingerprint":{"sha1":"29:D9:EC:AF:28:AB:86:B5:F5:38:A9:38:B4:CF:23:E6:E6:9C:63:04","sha256":"83:7C:8B:D4:F5:FB:85:02:A1:F8:37:D9:53:80:6B:8E:C0:ED:FA:F2:DE:40:56:27:B6:C1:31:C4:A7:8C:01:8D"}}},"request":{"raw":"GET /w3m/v1/getWalletImage/77c1d3dd-0213-400a-f9cc-bfd524c47f00?projectId=45f4062f4f6427f9e6eab952d2452b3c\u0026sdkType=w3m\u0026sdkVersion=js-2.7.1 HTTP/1.1\r\nHost: explorer-api.walletconnect.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m.gallabet1075.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:35 GMT\r\ncontent-type: image/webp\r\ncontent-length: 1404\r\ncf-ray: 9f0d2635df0a56aa-OSL\r\ncf-cache-status: HIT\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=86400\r\netag: \"cfvWH7-l2WGZEJvxD_-cbyo5fufmDcyauXnchu_YTSDQ\"\r\nserver: cloudflare\r\nvary: Accept\r\nx-wc-r2-status: HIT\r\ncf-bgj: imgq:86,h2pri\r\ncf-images: internal=ok/- q=0 n=722+3 c=0+3 v=2024.10.6 l=1404 f=false\r\ncontent-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'\r\nx-content-type-options: nosniff\r\nx-robots-tag: noindex\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1404,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 120x120, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"434c7550a1a937d1e7e8bb8416691d9b","sha1":"d837654b42d1474560a5698cfac3514209cde2c2","sha256":"5f0f065528ec2543e34a03df1cd588b4c4ce7764d1ff62e67cec0677f638c549","sha512":"eefe6cf29ea82af55070456f2bf2cf1ab3c3328938ea092695f0a25370e6cef7ed1da43633a4548b22b46d7d7a87253ef01b2c01847ea84725cd4acc7be813fb","ssdeep":"","tlshash":"9f21e6a32c3914ddefa65f1485a00d8dff03c1a5983ee3d896e83548e5788da6ca00c2","first_seen":"2024-12-05T15:42:26.602777Z","last_seen":"2026-04-23T13:40:25.954885Z","times_seen":2477,"resource_available":false,"data":null}},"time_used":466,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":463,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69e6f4c07ce/css/min-widget.css","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:41.328Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 06 Mar 2026 09:33:33 GMT","end":"Thu, 04 Jun 2026 10:33:27 GMT"},"fingerprint":{"sha1":"F0:6C:DC:32:63:CD:34:E3:15:CD:7F:77:F5:A3:64:E0:9B:36:95:83","sha256":"B6:7F:6E:A3:69:3E:0D:3B:04:3E:8B:65:86:7E:1D:5F:82:84:18:16:8D:AD:72:D5:51:E3:46:BC:BD:CD:BC:38"}}},"request":{"raw":"GET /_s/v4/app/69e6f4c07ce/css/min-widget.css HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 23 Apr 2026 13:17:41 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 21 Apr 2026 03:54:35 GMT\r\netag: W/\"af9830eef563b4df395870a483ce549c\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\nage: 206536\r\nvary: accept-encoding\r\ncf-cache-status: HIT\r\npriority: u=2,i=?0\r\nx-content-type-options: nosniff\r\ncf-ray: 9f0d265d4d13b509-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":36092,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (36049)","md5":"af9830eef563b4df395870a483ce549c","sha1":"2c678a245c7b8984569447c9bbfe182583ef7e56","sha256":"5d919993a3fe6ec4c27ec6696b643900c02b95584a4a21a518eb8809edf12531","sha512":"16416617f0c79b40d196c1a7df699f1e01a130e3df75a4f437b4adfc04fa666ac7987d080bbfe759b849bd81860e6bab5b2af02356a8814f0dd1fa9a64b726d4","ssdeep":"384:uTTacuVZNgxYe4fbgL3w23U3xi7vxEbXR+ziLwH0Lg26/tFTiBB6TX3DYC8:yeyna+ziLwH0Lg261F2BBCX3DZ8","tlshash":"47f2bef1f4b700c8b363c122c3d5f67c6459b770ca86ce92f427666c49e16a63581abc","first_seen":"2025-05-21T12:18:34.219676Z","last_seen":"2026-04-23T18:02:33.470818Z","times_seen":36525,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/AppSettingsButton-VpAExZZO.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:33.779Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/AppSettingsButton-VpAExZZO.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/assets/index-By9i3a2L.js\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950253701; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=g4bc1OMsDesNPEdlKK9SgELSApwQk9ez2p.RbweWqNY-1776950254.0035863-1.0.1.1-P.9GaWDT0alQnNSe9v4Fm1HrXkVmvts89rDLL.OnuBTh1rTDSDa8orsZb2_JRa26T.b0m.1gdEBseEZhdWdLTG73hhTc4FxNSfDOOXnaGO5KQ_kUjMqRnjR4M2S0.5yg; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DUVYNzjBCT%2F060cA90FXEUUN8dT8G3Bme7LrWDVm151YuN31N636vyLbRc6lp1oX4S8RYSjZzAcA1EOGEoLjn2662inI6YATQT%2BeVm4gZRXBYDSvNxcwXQ7o6hArCx9p5XeQXQ%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=3,i=?0\r\ncf-ray: 9f0d262dfa6656b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":385,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (384)","md5":"2b10a9d03e1e17e641edf61e60ea544d","sha1":"21b9c8821975babf963be8d0f702debaeb5e5209","sha256":"aac5cdff48e2bb77a4163e864d943dca18c8a1d3c9415d6f94e1f97baa73f860","sha512":"9ec0a37867716d6efe94a08e7b9034157730ffda234ddfa64318b8ed73e741baca6c71aa48b0cbe524150f58cead6d70b9a60ae3b10e7fc3f88b29f4f2a78418","ssdeep":"","tlshash":"c3e0c08b9192d3fe13e22ee2c51fc6057e566c38c7459a4140bc50a137b4196818ff6f","first_seen":"2026-04-21T12:24:48.935309Z","last_seen":"2026-04-23T13:21:42.10783Z","times_seen":4,"resource_available":true,"data":null}},"time_used":310,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":309,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/MarketSlider.DEf_J3O6.css","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.037Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/MarketSlider.DEf_J3O6.css HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/tr/\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950253805; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nvary: Accept-Encoding, Accept-Encoding\r\nset-cookie: __cf_bm=B6Ywdie5gpZvPt5rNj5XJBlt7trBpJ._aPObVAZxUVo-1776950254.1423552-1.0.1.1-_7Zp_4OXZCo_1p7kqSAYKHXruulyxr0L19ZP7oWmBuRdWIkaSzfTFyaLcNL3UzgT9V4WiK5M5bLQqsnZw03lU4B5Y4XVGmbZhchf0BB0pDyl2yAkamb1ovkkgWh_A1Ox; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gbkCQtgnYKfRcEuziX%2FxfqBdSektstHOTbpeLjVkNWg5sdMG%2B%2BfZGxy1nyVNZnJ6gBA1jTgs1mZykl0xWObAA2llkZ%2B0Me8Hn8j4vbHF%2Bw2WYDiafAGiQdbzNLRTnprC5LhUAg%3D%3D\"}]}\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=2,i=?0\r\ncf-ray: 9f0d262f3c1c56b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":1833,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1832)","md5":"ef343f8c175866bb7bb368a1bf123a73","sha1":"e1c0533eb620915a2c4c40e107f70d5baf9d6389","sha256":"6d099492d0c2c9b56be2306ce327a593012ee443628458abe71202072d71b172","sha512":"82cd49f1b4f6e25c1af4748350e06b08d99555d4eaf4860a5c6d28add968d1a39aa76b2cd82767771330c04613fcbe90e97d8825b536c10b4761487b5ede253a","ssdeep":"","tlshash":"303148926406203cf976e25df6baef9df08a1233bcf5d777d9151239c4852a42031da9","first_seen":"2026-02-22T15:27:55.529294Z","last_seen":"2026-04-23T13:21:42.213361Z","times_seen":50,"resource_available":false,"data":null}},"time_used":237,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":237,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/Tooltip-BxyEk8_4.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.862Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/Tooltip-BxyEk8_4.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/assets/LiveGamesWidget-iPe0Z4pg.js\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950254700; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2050\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=Lo7QgakYq5b3TKRw2PIK2KAuoHhmFYiGfIbr9iddaWA-1776950254.8957384-1.0.1.1-eD0nwYj7Oogg.eoBFB1k3rcHQrOxiVmpWF.uZKh5_Oq5rGnmMgqTEWE9F1Bm6WCNMDp7OP1AI7_Lz4IffyK2QmXIMsTu2LejTUziEw4HlGXdOE8VVDj41fLQqO4K46tl; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EKCpkwaDK0HIMlSSYe0m3eaeENFHxNX2LxwiI8vXCUuSoKVXCicMoQLxpY8QlV0NzaSMw7kcrV5vVAaWqCOR5A8KHVzIQMT3DtcaH3YAJ6SPkvjBHybTKnWpRF2kR%2FXF5YJr%2Fw%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=3,i=?0\r\ncf-ray: 9f0d2634bb7256b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":819,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (818)","md5":"1bc8d21796179e001b4a17878a32af96","sha1":"09ad98308811505e38b2708695aa4637a517b411","sha256":"abce98c3d30f7ae4c36377777ebc8f059710382987c75131d66ee1b1f6e69428","sha512":"a8edddb8ed281a34f1b29f3d4f75e6252f85f350f26c5888d420b7e86b3a9dd54b6ac77afd8884e9b6334bd49bb7758fe0af8131e4d3c90b5ffc8e6f6b37f487","ssdeep":"","tlshash":"a001ce46e022fbf8e276549a142d866d72632a6c7e2f59f16038018e0aa4984d317b8a","first_seen":"2026-04-21T12:24:48.930431Z","last_seen":"2026-04-23T13:21:42.211627Z","times_seen":4,"resource_available":true,"data":null}},"time_used":130,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":130,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"crm-lib.fasttrack-solutions.com/wc/rewards-main.umd.cjs?v=493597","fqdn":"crm-lib.fasttrack-solutions.com","domain":"fasttrack-solutions.com","tld":"com"},"ip":{"addr":"104.26.4.72","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:35.145Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fasttrack-solutions.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 25 Mar 2026 06:34:08 GMT","end":"Tue, 23 Jun 2026 07:34:07 GMT"},"fingerprint":{"sha1":"6A:FF:CB:88:7D:2C:21:DB:DF:9C:CE:23:37:4F:33:97:B2:66:83:F9","sha256":"D6:89:30:57:7F:09:DC:DF:2F:F6:56:BD:C5:FA:DD:99:4A:6D:A6:D6:C0:95:94:F2:71:EA:ED:8B:67:DB:6D:46"}}},"request":{"raw":"GET /wc/rewards-main.umd.cjs?v=493597 HTTP/1.1\r\nHost: crm-lib.fasttrack-solutions.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m.gallabet1075.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:35 GMT\r\ncontent-type: application/javascript\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET\r\naccess-control-expose-headers: ETag\r\naccess-control-max-age: 3000\r\nlast-modified: Wed, 22 Apr 2026 07:42:41 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: D1z9uGIhnPyjYbkv34vKrTso0HtbjdZm\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=WYbwuzuuBFC%2FdPxY7kfQhJxslw0H%2B%2Fv9E2o59shXNEahYOAx7J6dQIl2xTyXzI56d3WYCbE9RogBAQeDwS9WcGz2cfWZG%2FR7qMBodmHU7Ww6SHnHVYa2Oe3NQAx1eGyCAD%2Fzo1fAr8u5RaMGZc%2BXvZE%3D\"}]}\r\nserver: cloudflare\r\nvary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 953ec33235d719831a6e6956b5e5bb7a.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P1\r\nx-amz-cf-id: k6o1fvprk8mc5KODbl8xwrIZ68Q43rgvnhAi_nC9podIBRV8wVkwjg==\r\nage: 982\r\ncache-control: max-age=31536000\r\ncf-cache-status: MISS\r\netag: W/\"56a9a1fc282017f5069d416bbd3dc663\"\r\ncontent-encoding: br\r\ncf-ray: 9f0d2636dc4cb500-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":971549,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (35653)","md5":"56a9a1fc282017f5069d416bbd3dc663","sha1":"71381a7b19fe123d86de52f9a777f47b540e04d7","sha256":"b3f8b98864b79b4818ffc553d0426ad57d766b69263e262a479fee636be261c2","sha512":"86bf512b5f0b2e7eb210d3067a515836298d494c379ad2c01a535102c0b6000e4c201aa4e86350c1309ce2a4505b8c8457f94294c406e649097a612ac5f297f0","ssdeep":"24576:HlX3M5UTRlXGmUVHnehOsBhCh1TTGrAJ+o/Ce9xGHelXOLmUl/V:HlHM5UTRl2mUVHnehOsBkh1TTMAJ+o/k","tlshash":"c7256d9072567434c37795a260be050c733d5b036806c6a8f2bc99a92fd7c9a627bf7c","first_seen":"2026-04-23T13:18:15.406147Z","last_seen":"2026-04-23T13:40:26.049922Z","times_seen":3,"resource_available":true,"data":null}},"time_used":185,"timings":{"blocked":32,"dns":25,"connect":4,"send":0,"wait":95,"receive":0,"ssl":25},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.blocked-domain.invalid/beacon.min.js/v8c78df7c7c0f484497ecbca7046644da1771523124516","fqdn":"static.blocked-domain.invalid","domain":"static.blocked-domain.invalid","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:30.589Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /beacon.min.js/v8c78df7c7c0f484497ecbca7046644da1771523124516 HTTP/1.1\r\nHost: static.blocked-domain.invalid\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m.gallabet1075.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-23T18:09:27.649541Z","times_seen":14112422,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/___vite-browser-external_commonjs-proxy-CCjIxWCC.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:32.627Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/___vite-browser-external_commonjs-proxy-CCjIxWCC.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.gallabet1075.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:32 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:22 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2050\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=phvjNY5hYJVjEjyFWTBKbk3fo_xUc4VmcoWp04AkTH0-1776950252.7958987-1.0.1.1-rMlF_5NQzN9ryJBY.lb.ug4paXxhUZd0LOCMxK9llIeyt3W1fEtskum71e35OVpdo7ZMIcYW_yHsn2dlUJjudNrjZ7zeXiYYOGf5imSzks__IiirQGwYqXkHpx5UCjFF; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:32 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZcEiET%2FnhdAJPdfOx%2FJVyJhX%2BviDjJnRzDVJEz3l72dZ%2Foqxn4Sd0%2B%2FoHa%2F90WDR23J1rg55ryCT5lWmWvDr14ywPWG07S2%2Fs5az7cv0txgSaQXn%2B89v0ufGBz7MukodvFTThg%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\ncf-ray: 9f0d2626e9c556b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":178,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text","md5":"2c191b46b99e357a939a4a4b8c773c12","sha1":"3401415118bc2649e837edea0005ce70f99322bb","sha256":"b1497fa9daa91f85ecf7c57cf8615ded12e1e9667f07ab065133e14c39ded42f","sha512":"ae2b121ade5f07d63432308f0f51921ac0f6193b09dea272a3e61c220fa810ff129ba67ea1215e89b0e0ee9ba71b8f32f5662d705659a7879a90e94ae9fd0bb2","ssdeep":"","tlshash":"f9c080451654dcf462571d838619d801d54c4d6d73f4f9d0bb0c8d51021559b627df57","first_seen":"2026-04-21T12:24:48.947675Z","last_seen":"2026-04-23T13:21:42.199489Z","times_seen":4,"resource_available":true,"data":null}},"time_used":224,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":224,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/fonts/default/Roboto-RegularItalic.woff2?v=170","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:33.622Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /fonts/default/Roboto-RegularItalic.woff2?v=170 HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/assets/index._m59fQOD.css\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950253481; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 78564\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:45 GMT\r\netag: \"69e7308d-132e4\"\r\nexpires: Thu, 23 Apr 2026 13:47:02 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\naccept-ranges: bytes\r\nvia: 1.1 google\r\nage: 1831\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=cwBVB9Mr4QnCCWKhDijH3Nj0YX2Ua7Spo3ZkJ8kF9Q8-1776950253.8696823-1.0.1.1-GRZLpS8BvtoMwSu1CJb7WlbZ7o60KQaaB2Ld0mH7RQOSbIOFi0W4M14w_kxiV8mcahK3vPGviACpqLGL3hOWum04W43T4E0V03TnYIHQzCTCqNJ5vpqwWmAwSB1_VbYy; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:33 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=j1%2BF6IMNdK3TwturfXEoZ0v8nEkPdDXx3CAk9ZGCjpdN743tTmn5dhqUBOh%2Fcfy86PnsPqoH299eBYyvTexgX0uF2St905%2BjSwK7G4ykLYFX4Bv7nnA%2Bs%2B7tqFNmTcpPeHkaZQ%3D%3D\"}]}\r\nx-xss-protection: 1; mode=block\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\npriority: u=4,i=?0\r\ncf-ray: 9f0d262d293f56b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":78564,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 78564, version 1.0","md5":"ffa03f9099e16b1ed1a0158f01961b69","sha1":"f1b97110bb1dba1c8985b4c48fcc8f5c9cdb3e98","sha256":"84d373e980d8f7d376e80725c42737d1f76f34bdaff56575c866ffe61916263e","sha512":"e57c2b94d74e334cce5a9f880442efd3a3b90eb91b09b2384d3c2c109e087f51184a4a34d248ac980eee963d5dd4bf23f09d3032fa85310d925cbc2849d5199d","ssdeep":"1536:TzGsd78QYdAOQGSmGmOMz0En342rWzm4XAFVZ2lX8z31t6:TaQsAOjGmOw0EIq4iARqt6","tlshash":"f6731260bc8f5f5878b48e2c73ba52a89ff54c0824167356697ec6238f99344b24e74b","first_seen":"2026-04-10T06:10:39.548975Z","last_seen":"2026-04-23T13:40:26.04146Z","times_seen":20,"resource_available":false,"data":null}},"time_used":478,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":404,"receive":74,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/localConf.json?v=1776950100000","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:31.361Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /localConf.json?v=1776950100000 HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/\r\nCookie: SERVERID=s2\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:31 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 14:17:31 GMT\r\ncache-control: max-age=3600\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=VmvXPuItxrknPB3A43SbQkVmXYcIUZMpcKzTstsChAg-1776950251.5653372-1.0.1.1-dSvw4GcvU4qHP1joemVOcVupKVxV6vOIwrG0aQdkQpbLxCD.UL_hC2v2pcvobpgVOI67aQP9Wu9_CrADdnGUIwCR7SdjPPiMvLCg32T9eKiTfhWR5Mu5n0Ir54VlfaE0; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:31 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FHKWjc0o2BFjhz8h%2BbhasR0xzNQKYwICP8YxfwBKf1Pd%2FoHd7eeS8ZGNHcpmIWPC3FpFM0S%2FKJLgh445Srfu1HxIz%2B%2Fk0kuDcUUP2nUFUznB0qhS7pZP0Qizn0v4YaPARJRiNg%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=3,i=?0\r\ncf-ray: 9f0d261ef81056b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":4471,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"b406e9c7fcaf80e5ab91f27ea0f0294c","sha1":"54ddf99952cf9b0fabd829928125026af457240c","sha256":"a327cfe81199467e7773a331449db596ff5a5da012ace64d4ae1889c757bdf15","sha512":"50bb2149cb4177578ffd52d275d2f399922cf5dc4fe93ec9e32b840532d1dc7cbf148a136fc965a7e353fab249d5849f33dba3146a47b9f8053a574661b71f4d","ssdeep":"48:YuTyTbGhzyQnA8qA+9nIok/we+NPhwxbwPAjgCfk/wWp3Copi279lMFDQJSLhHan:xu2ByQA8qAHTwAsAjgCuE56szUn","tlshash":"7391cc9d31458cfec75eeac3788b679f3042811387982c06c27cef4c5676f19650a2ab","first_seen":"2025-12-24T22:39:16.189594Z","last_seen":"2026-04-23T13:40:25.946736Z","times_seen":56,"resource_available":false,"data":null}},"time_used":315,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":315,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/fonts/default/Roboto-Regular.woff2?v=170","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:31.707Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /fonts/default/Roboto-Regular.woff2?v=170 HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/assets/index._m59fQOD.css\r\nCookie: SERVERID=s2\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:31 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 72024\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:45 GMT\r\netag: \"69e7308d-11958\"\r\nexpires: Thu, 23 Apr 2026 13:47:02 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\naccept-ranges: bytes\r\nvia: 1.1 google\r\nage: 1829\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=PgYyFRDmrOgx9kqVWQ6Kl0TNnJ4pXnqIkolCJH_IiQ4-1776950251.8833287-1.0.1.1-FM0fdVXkLEFH914m8jrLAwDsrZ7LbHfYKuZsDZPrW2TwCwGwPqUQ75eJF8RVHh5RYgFsx6kkNVxqh2FQZsgiW.Z2rZWJLMAiPEWZ1zeHF_0tuK7vHWzKV7gsfgwBrYCi; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:31 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3N7A3ZDGXkTcVDccU2MatsYOQcWC4sicTGAyRz1Qaf%2ByTCCL%2FvXTxlqYkZF9M4QbmgXj5kE5umn8n27L8L2YZ4iTgZsoExW9kmxem69WlmX634R8aQxOmjIKFVp5vcRual6DRQ%3D%3D\"}]}\r\nx-xss-protection: 1; mode=block\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\npriority: u=4,i=?0\r\ncf-ray: 9f0d26212ae156b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":72024,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 72024, version 1.0","md5":"30c281e94eab37286ff7770f3e51858b","sha1":"7a5cc673f005e9f384e322f8fde4795b0f750778","sha256":"c4a69a0b671392fe569ef74b4a59e0d2e769837ae59beb3944ac72ea240912c5","sha512":"d5b0686a2dce238f2c825169a19f0425fccdf6fe2d6d4e3704a02f618ea96bf1e0827c158b63b221dfd1f35094f4a420abab4ebf984f9993c6a080ea44b3d2a2","ssdeep":"1536:Y/pXAWA65c5JbaWR/9Al5ceizufFxY4lcWVZGDULZu8uqO1:apn54BREjCuvY4lRaK1uq8","tlshash":"3e6302c4ae4f1bccfd67d5add8859e6a1b8ef1b09320106de3119721ef4b403b3692a1","first_seen":"2026-04-05T07:31:10.87701Z","last_seen":"2026-04-23T13:40:26.067161Z","times_seen":22,"resource_available":false,"data":null}},"time_used":377,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":275,"receive":102,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/ButtonWithAction-DSAfkmWo.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:33.781Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/ButtonWithAction-DSAfkmWo.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/assets/index-By9i3a2L.js\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950253701; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=vZcx_Ig0MYHyyq4h55n75jd6uD1eYihfqNRA9Er8rys-1776950254.016051-1.0.1.1-CpSpICB4ZH8uw._n0kg5KXe5CGCJWdcCHjMy_X5J0c5Ok2Au6PrlcFLsKJ97w1pG94P5RGTxQXs4wX.1rdhy7NodJ8zJURagLOTNklitmhlRGt1j8WDstrOOxEqG_p5z; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=sUdTCJ2B%2F9QJgQIa%2BKouychpQnaIPQ1nVy2lmiSrU5nCnQKnYyAlN1o8CXEqrcUfGlS5n8WPRUDOBPneoIaKY45X6dd%2BFKMvhupHMQbIwA8%2F0tfQhZgBrCLW7ZMWGDSKQQoyBA%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=3,i=?0\r\ncf-ray: 9f0d262dfa6d56b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":267,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text","md5":"c4f4b4cf0623482ad6e165220287590a","sha1":"b6a866f3afbabcfadee5aa2e02f3f7886ee4a8fa","sha256":"5388b7316d931812f63ee58ecf67a9fd397a30258736f961919fa686a91a8aa2","sha512":"fe0f37dbc2aeb4281152419dd6962702fa59beb4a63fed2f8efff7c35f135bc6fa706ced3318313bb55a80ae282004208043ee64720cfcb0fb2f660e3f025498","ssdeep":"","tlshash":"72d0954f5441d3f903d37db0a12fc1212a155d64e7d48941804c1450373195d805ff2f","first_seen":"2026-04-21T12:24:49.021237Z","last_seen":"2026-04-23T13:21:42.109803Z","times_seen":4,"resource_available":true,"data":null}},"time_used":321,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":321,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/GameDetails__platform-DeLpPgwV.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.182Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/GameDetails__platform-DeLpPgwV.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.gallabet1075.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=_bY1VR1Q_.hnQGbqHPQ2cEfsds_v9w.1tFIeqlO.YRc-1776950254.2838206-1.0.1.1-9viLN6mjoMvGXTvhUKmxHx10jzNBqwgSvBAr.mMsQNjJXT3DC79F0lmNU7gDTF5bA4SL2O.NgIBhudMmZuYfgRz__saMV48BYJoGJMvhUJYRFVTY_DKROW7v2mfdsQzz; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vhqCEhsdZmD%2BtiHGop410dORbwbZzQekxu5XxNzpNFbn6IGzvXvvrhvCHG5%2B1opo2avFr03I%2BpgmN7t1UNW%2FxfVDCyTXFhvtFUHatfAg5ZTZj8A3rJGg7X%2FvWRDNSwcxS37MfQ%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\ncf-ray: 9f0d262ffd0f56b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":7412,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (7411)","md5":"b1d3729a864ba6f0f038acc8f30e65e0","sha1":"09afbfa1c6972ed430da5ae094230a69170dc4da","sha256":"2c16641def7b54bf96b79561afcd16676fc0c9e8e0869c89a0705a1c5a5cfab6","sha512":"e5941d5433ddc66b45c0a300c64209be0b85dc976b5ed662440aedc50c676edeaaf09f5f59e0147a31018a25fa3a611c6087012bfa203c7ce0d977e0d6eb84d7","ssdeep":"192:2rZFwk2T2D2E0iP1XjkHjjkHE2t2p2A2V2+2DPAPpPuPQPkPAjkRjkKjkJjkPkj/:2rZFwk2T2D24PRjCjt2t2p2A2V2+2DPO","tlshash":"69e1e19e912e6c46dd7f063cb5c12b26bb333fc136440695fdde539aa608687312a72c","first_seen":"2026-04-21T12:24:49.067917Z","last_seen":"2026-04-23T13:21:42.086246Z","times_seen":4,"resource_available":true,"data":null}},"time_used":258,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":258,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/userJWE-CerqSAJV.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:33.754Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/userJWE-CerqSAJV.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.gallabet1075.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:33 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=2SvAD9ZOYdAivRH_gLe6AXyHttUDhWDUpKPHwLywANA-1776950253.795064-1.0.1.1-dCYnsYTLC6Xi7F4MOxpcxIqgG7LbXdCULOn55Meew5OgqaYcTaZRXsKWQY3GMO51j1KrlSAjnks6vWlgXi7a7cqZIzOOCEsdfu0RUO_aTBh6KRQPF4xOukNHNlOe9saQ; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:33 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kcdO0QLqwtxKpYKi4fB0GFJZ2Jp2pVX4xW%2F%2FRibdzvRdv79XV8yDKRkCC23WeSjRI0Dw%2BpzeSk%2Frd2CIOxzH5eQCLdRrIHp1DT7Wjqvtz2u%2FQErh%2FI201WaP%2FCOoQ0UBdaNI9w%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\ncf-ray: 9f0d262dca3156b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":193,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text","md5":"6bfddb48b2778d704fd45ab163c323d0","sha1":"c7076e4f86f6f67894ace0e0d52089ca2688bf50","sha256":"b2bcbb09422f18e8c1958ba892073a808a3a1d889f77ccca9839773ce2396d21","sha512":"dcfe4a77850260272afba1cd0d9ff1115f6f12b414f7a2c447dd8ae08541eb6fea5abee46983f8c7fe0e5fc5b0ae25682f8dbbb8ac77e8ac1fd71f438aa6f061","ssdeep":"","tlshash":"0bc022db088411f785582c501005dc52827039146298d3415a1883aa6a6100bb10ce14","first_seen":"2026-04-21T12:24:48.900566Z","last_seen":"2026-04-23T13:21:42.181921Z","times_seen":4,"resource_available":true,"data":null}},"time_used":122,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":122,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/BetslipButton-kdf82NBZ.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:33.784Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/BetslipButton-kdf82NBZ.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/assets/index-By9i3a2L.js\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950253701; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:33 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=D1sXCjjoC09ftNhs10tjI1mwR0FXjN9mxLQyJxmXC.U-1776950253.8911448-1.0.1.1-u1Ne4m6JqIouf0OEtdm_I2KFwDmO3bZZXVfYoGHt.dMugFc0YNwdBVddlBKl1uRNN69_vfwy_RC7ixgpaEGHZVqcemY2VoIsA9UHNcXezWQ2bvCDtsrrIr.RGCg2ocTj; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:33 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gIno%2BdXT9se3lAzmj1pRYgCDobNdXtf5L3cCkBw1OjYDg4A85YBagYDpDBTkXq1%2Bw3Y3ViFJOy1nsr3y6J%2FjjKsr1uGsx0d1kEcgCgLYTFoHCMnCApESO14bvZykYwgiyT270A%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=3,i=?0\r\ncf-ray: 9f0d262dfa7556b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":418,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (417)","md5":"4b8d21182d8c4b955630a1c97c1378bd","sha1":"7e8954c2467d6ea9892e1b4af8d48791da08b9c4","sha256":"53476b4d35bfdf0b19098ca1197216bfe0a8ff916b22208bcfb475f4e713657e","sha512":"cf38dba2382349c9bd2aae9cda8ede2399b559f3284ec65b4822cfe7613e4fc89803312e1fb079212afa7d617dfe9ae57ade0e750348e3edeaf3ae1e3a89c35e","ssdeep":"","tlshash":"68e0ab87c508c2fa07421d92200bc121382755bca340f98180ad28613b34999845ee2f","first_seen":"2026-04-21T12:24:48.880755Z","last_seen":"2026-04-23T13:21:42.113809Z","times_seen":4,"resource_available":true,"data":null}},"time_used":197,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":197,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/JackpotPoolsWidgetContainer-DiFR-VGp.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.096Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/JackpotPoolsWidgetContainer-DiFR-VGp.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.gallabet1075.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=d7gd6gOgmLn6JWscGnsAmx7OTDWut1NaGtg6z.3obsA-1776950254.1773422-1.0.1.1-fEPUBOA0OKC8UtoMyKjnuP39VgvWOHwrmROPCJV9GXkd.8x_Mkl1KMpyUo9I_9w98p0Q6btGmPEL3sOAehdpwyPGbs6aoLHYu00jqBdL.wrSvwe_j6nFGHx9DahUVA7q; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZIpm7lKRnRKqSAf5FJih6p3MKIhfVsVwYXO1BXxqYcn8QAQO32MGQHCzVOmrm4CXAGDonEYknRzTkPtKaPVfyY0GxMlH5OC2LzeuSk0hZzhL09MEwk2w83KINdyFUkMHS8WELQ%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\ncf-ray: 9f0d262f6c4d56b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5753,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (5752)","md5":"662484a9e667070db18823ff53b74cfc","sha1":"571d6d3704bba2b40e58651c46b5fb38bea0e5fd","sha256":"6cb2ea96a78963ca6aba1a9e89ea6b0be508e1faeedccacef2b9dbaa3574b63c","sha512":"b82e64eafd094f3830102431c8e6fb9d3c87c2374e52c2e0ec429979474e34ba0f9d800dce8bc58cebcaffe0290a66129fe19a904517a84ac49d0be8be979402","ssdeep":"96:jNfsm5Ty1jTATH913jmbw34aBlX2Z0FmWoeCtpi+3vieNMaxttM7zJ2d:jNUnjembw3Dj26FmheCt33aN1q","tlshash":"acc1650bf017f7fce8ac48b2416ed10e3b2d1ba9972141e4d0ad09281b6c855f769f9a","first_seen":"2026-04-21T12:24:48.937201Z","last_seen":"2026-04-23T13:21:42.233704Z","times_seen":4,"resource_available":true,"data":null}},"time_used":240,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":239,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/CasinoJackpot-Ds_Uh2fF.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.134Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/CasinoJackpot-Ds_Uh2fF.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.gallabet1075.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=Oxizgol47TjYfM2S0HPziySCyn40DOvgU8z48D9huck-1776950254.0811481-1.0.1.1-rUsF_Z7k2oXdmLHddUf5UHlD1nmTWLnxdcLLmcKKs323a2VIXxqbot4laTg4c6lJq1AAcVDozlKWXBDYPVsA08kUSkrhIgDLgXwJxNVgPD17c4_DIPDaDMGvZwd5yg3f; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Jt9wEOsddF72Z2xAtfQFS2IU9X%2FPObg39x0xzODycnxfQOYT2FMUq22jxE41NbRwHMIHRvDaFRgGODQwpottqp02HIiA2Xe7hrh5XVpAvk0bMBBQ%2FsiJ%2FExZieclMB34iIaJCw%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\ncf-ray: 9f0d262fbca356b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":14340,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (14339)","md5":"ff69e8053cd08055491d54c9ffa17e5c","sha1":"b76c9c65be8dd666f8f4f164fdfe63db082dc96a","sha256":"937659cac0398acc7c77d5122d0718f21e212b18abc83b97368c1b33a9778d86","sha512":"03f409de70b47e6514a62a18e389e49c8c7debea7dd8b9775f4b952f47baeb052d679194229e951ffe90b444b7f651bed4137dba273a109ebea1a30a40e2d512","ssdeep":"384:lwm6srKqqF3EjFOFEGOpOpeHMtGRxeG/PcyKx29TQP8FJdr:lwmB7CEGOpyts/U27dr","tlshash":"3c525c04f012f7edb8a954f7487ee0687a5e1aa9c71809b8d1bd6c313d2c455760bbac","first_seen":"2026-04-21T12:24:48.955014Z","last_seen":"2026-04-23T13:21:42.150331Z","times_seen":4,"resource_available":true,"data":null}},"time_used":112,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":112,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/emptyWinner-PXmwQszX.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.869Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/emptyWinner-PXmwQszX.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/assets/CasinoTopWinnersWidget-V5-R6cR2.js\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950254700; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 503 Service Unavailable\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: BYPASS\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qf1xKOKfWdJ7KoCFs5QRl%2ByEIQbUsRlMeBEsTKbDCOqR5e9fvMdFkvKSXTZ2x054zOP8OKDJ%2BFKF2%2BjThjaDu8141QQdSJpNFFY7CZS4DnaNMl5QwaSVhjZRfqVA9FAncRE%2Bwj8%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f0d2634cb8456b5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"503","status_text":"Service Unavailable","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-23T18:09:27.649541Z","times_seen":14112422,"resource_available":true,"data":null}},"time_used":77,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":77,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"02503637-3458-4264-a556-a663e82c28cb.snippet.anjcdn.org/54f396e0-b046-49b1-9cb3-0c69281d7ea9-beacon.png","fqdn":"02503637-3458-4264-a556-a663e82c28cb.snippet.anjcdn.org","domain":"anjcdn.org","tld":"org"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://galabet.winwingames.io/","date":"2026-04-23T13:17:35.449Z","timestamp":0,"http_version":"","security_state":"broken","security_info":null,"request":{"raw":"GET /54f396e0-b046-49b1-9cb3-0c69281d7ea9-beacon.png HTTP/1.1\r\nHost: 02503637-3458-4264-a556-a663e82c28cb.snippet.anjcdn.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://galabet.winwingames.io/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-23T18:09:27.649541Z","times_seen":14112422,"resource_available":true,"data":null}},"time_used":86,"timings":{"blocked":83,"dns":3,"connect":1,"send":0,"wait":0,"receive":0,"ssl":9},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/menus/app_menu_751_tur.json","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:33.356Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /menus/app_menu_751_tur.json HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950253281; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:33 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 14:17:33 GMT\r\ncache-control: max-age=3600\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=ObBlvVi2PA126QIYw44iONWVs3Drmhxq5c3kH6CeXfA-1776950253.4027674-1.0.1.1-Hmjfem5DLrBYIpv2FmacqISKY_YzNBX_YL0nEF3OVWlmR5O5wmzVl2AZ.9mU5r5ahfxQV0h.mSsYc3s0buJbs_mpfYQRof98do_XY6J9iHfx3kMijZyHXHQgm6cYlCH0; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:33 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7RFZpY5POXwVoFFy05ZIGUV2J9n45MUVPWRVtHRUDF0vxDmNowPETUAiVPgEC8SMM5%2FGQsNeHUne8Z6IXmPOxC4z0%2ByRg1%2BAKONr5AXMZOqEN58e5NR5%2FouhQkr6olkuc1mY2g%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=3,i=?0\r\ncf-ray: 9f0d262b7f1056b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":11094,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"fa2350da5ade95aa04966b376fe45ba8","sha1":"3508ce0495f4418df230eba5c34f5d9133710d06","sha256":"faefa36b9e69550edd0919940d952d9e8780f4a85ab448e592f1388b44657a14","sha512":"30a572f3efe65dae280e5c32ede94628ae228d011d1c73b4d20316f0c80e94b729047a0cd07b15e6650f242f40358e99a0f99cbc9ebdeee574d5348ec87fcf52","ssdeep":"192:SSkcUlkiU+kuSkxUdk4kvUQkZUcktTU2knk95kEk/kbkAkCUdk7kkk2UUkoekIUe:SvuxuvPtUi2k9W58Y1g4ZbCCQJU1whju","tlshash":"bb321602f01d5976d31c3e00bcc76d5b988d5099ac9d49419d4d8acecbda4afceca2eb","first_seen":"2026-04-21T12:24:49.015167Z","last_seen":"2026-04-23T13:21:42.130402Z","times_seen":4,"resource_available":false,"data":null}},"time_used":148,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":148,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/custom.css","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:29.943Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /custom.css HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/\r\nCookie: SERVERID=s2\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:30 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nvary: Accept-Encoding, Accept-Encoding\r\nset-cookie: __cf_bm=W1TVh.8rayoXuwd3Q2RQYc8qFVsfEmJJYl0p35qGhxg-1776950250.1311984-1.0.1.1-wAIJdr31nd7vkUidSTmjrsD4FmAwkzlRBu0jJGM0z3kh3_n1AFZv1pNKDaUjWffIbVeOBvSwpiHMgQLXDL.sy7xoiJZXH1LWrB.DrYMT7W.o2Jq6hXi0IANO6w1gyKgf; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:30 GMT\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yld0qw6k0DYsksBdNFZsV8gZvrpfBW%2Bz%2BqbOYQMNOPNbizl6D8581wYzx6HRpmbv8ieo0Wbv3uQhZr3hEAggpZSphHn5BQ920pG6YJc8tMvgPftXQ%2FcqOcQ1bDm3QEZd8PaEow%3D%3D\"}]}\r\nvia: 1.1 google\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=2,i=?0\r\ncf-ray: 9f0d26162c5256b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":9150,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text","md5":"c17842ec4c5cf7b241ec29e995f1b8e7","sha1":"09ba8c2b60b1dae3360ac5617e651381031162b3","sha256":"6c3bf9768677e38b94ea7fa54f90741ac524762cef4078ac9e034dc052454418","sha512":"037708f999f71ca3b10f55f384da0f45b8811afaacc755bb0749854eaaec38cdb5340ef0681ffb2f5c0877bad96b75d011046a93951386cc9b6e250c1edbee8f","ssdeep":"192:CHuigeWca7MAyWUrqooxTlXeyhUiUeUhQnw9mruqY2VGi8a2gB:eoxT/XHXETxY","tlshash":"b412ec03f9e31684a2ab9198697bb3b87e7c405787059db97b90b3749f8b3c28131b54","first_seen":"2026-04-23T13:18:15.410795Z","last_seen":"2026-04-23T13:21:42.209682Z","times_seen":2,"resource_available":false,"data":null}},"time_used":325,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":325,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/ExpressOfTheDay-43DWSrHP.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.164Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/ExpressOfTheDay-43DWSrHP.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.gallabet1075.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=hGa01iq6EinuLr9ChsXPfmTPhryZQOlciY5xtpk8_KI-1776950254.2702875-1.0.1.1-0yRlghPBkjvqkkFKa6p07oI1iaf01kw.D0ToRfZ0oeMjNiUxP6fIaFhEAbA5BEdNEAlmgc64FT8xHsQJkfHD1VpnMWr8I72r9f5VgfsXHXJM.YE4z89kRff5rPiupqcd; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1z0fzgdVL4SaT%2Fe1dzzEBOBCsoqVlLcg7ve8wj%2BPAC9qoKS%2FwjGQHKgXefRiYyjX9GQjZpVtPGu3EPeeClpXPkLVCyu9mIOqiM1x%2BEmydVN53REwXutT2%2BgSwrqC6qOOkv8Q8A%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\ncf-ray: 9f0d262fecf556b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":17705,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (17704)","md5":"29a4feba57dc978d4cacc40dd9c4484a","sha1":"9c5bc3381940ebb51fc21dcb34599bb7b3b44330","sha256":"2d0b096bfb50494d69b04b8dee99ca90e503795ad31e571a9c0bf43eb5c1e4c9","sha512":"56d290b4472b91cfaec323eedd93d2f80a711daa22a76009501f6e760f75ec0a3df4313e63416edff564e0253cad818a58745211be27e43e44c523d7e93697e5","ssdeep":"384:GzgLUxzpiANNygg/aazRObFUSczDwLhg8fTddMKnLLyHC4EK3CH:GGUxViAKgg/aazRGF3g8fTPdyHC4JQ","tlshash":"6982f856e009d67dda3e04ebbabe600530250ed8c26106e1a57f1c2817dc45636effed","first_seen":"2026-04-21T12:24:48.902861Z","last_seen":"2026-04-23T13:21:42.116675Z","times_seen":4,"resource_available":true,"data":null}},"time_used":270,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":270,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"wss","addr":"vsb18.tawk.to/s/?k=69ea1bf41587ab6bf87b97a8\u0026cver=0\u0026pop=false\u0026asver=0\u0026tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI2N2Y2ZWJhM2MzZWE4MDE5MTMyYmU3YmUiLCJ2aWQiOiI2N2Y2ZWJhM2MzZWE4MDE5MTMyYmU3YmUtZzZlSlcyOEJyeGhPeW5JS0NHdVFvIiwic2lkIjoiNjllYTFiZjQxNTg3YWI2YmY4N2I5N2E4IiwiaWF0IjoxNzc2OTUwMjYxLCJleHAiOjE3NzY5NTIwNjEsImp0aSI6IjFXZ0pITGhMODFXRUJEVHNsM2s4NCJ9.8kTWibObZ62bs9U07cVkx98T_5XXOcFk5IbuDe527MYMhiUv5RJoQCtrEWF-PVEYdjOKbqT-xJejdEiQJAXjWQ\u0026EIO=3\u0026transport=websocket\u0026__t=PswVJNo","fqdn":"vsb18.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:41.297Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 06 Mar 2026 09:33:33 GMT","end":"Thu, 04 Jun 2026 10:33:27 GMT"},"fingerprint":{"sha1":"F0:6C:DC:32:63:CD:34:E3:15:CD:7F:77:F5:A3:64:E0:9B:36:95:83","sha256":"B6:7F:6E:A3:69:3E:0D:3B:04:3E:8B:65:86:7E:1D:5F:82:84:18:16:8D:AD:72:D5:51:E3:46:BC:BD:CD:BC:38"}}},"request":{"raw":"GET /s/?k=69ea1bf41587ab6bf87b97a8\u0026cver=0\u0026pop=false\u0026asver=0\u0026tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI2N2Y2ZWJhM2MzZWE4MDE5MTMyYmU3YmUiLCJ2aWQiOiI2N2Y2ZWJhM2MzZWE4MDE5MTMyYmU3YmUtZzZlSlcyOEJyeGhPeW5JS0NHdVFvIiwic2lkIjoiNjllYTFiZjQxNTg3YWI2YmY4N2I5N2E4IiwiaWF0IjoxNzc2OTUwMjYxLCJleHAiOjE3NzY5NTIwNjEsImp0aSI6IjFXZ0pITGhMODFXRUJEVHNsM2s4NCJ9.8kTWibObZ62bs9U07cVkx98T_5XXOcFk5IbuDe527MYMhiUv5RJoQCtrEWF-PVEYdjOKbqT-xJejdEiQJAXjWQ\u0026EIO=3\u0026transport=websocket\u0026__t=PswVJNo HTTP/1.1\r\nHost: vsb18.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://m.gallabet1075.com\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: d2tNxwORUANqkgxhI/1ueg==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 101 Switching Protocols\r\nDate: Thu, 23 Apr 2026 13:17:41 GMT\r\nConnection: upgrade\r\nUpgrade: websocket\r\nSec-WebSocket-Accept: 1gUQQUfZH8JYdIduGH7Bo5HDDds=\r\nSec-WebSocket-Extensions: permessage-deflate\r\nStrict-Transport-Security: max-age=0; includeSubDomains; preload\r\ncf-cache-status: DYNAMIC\r\nX-Content-Type-Options: nosniff\r\nServer: cloudflare\r\nCF-RAY: 9f0d265d497ab517-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"101","status_text":"Switching Protocols","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-23T18:09:27.649541Z","times_seen":14112422,"resource_available":true,"data":null}},"time_used":637,"timings":{"blocked":-1,"dns":16,"connect":16,"send":0,"wait":587,"receive":2,"ssl":31},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/lodash-CeISZwwN.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:30.712Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/lodash-CeISZwwN.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/assets/index-By9i3a2L.js\r\nCookie: SERVERID=s2\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:31 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:38:42 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2328\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=ZjqwYvVE40ZDxtq5awO.m01JyjAzfG8hUQ1dZ84qKEU-1776950250.9158854-1.0.1.1-9m66WOCcvJuecl_KBvbI7Ts_ZngHbZVNARt1f5ZKPSbnoBJWMmb9ijohxtpyLqJH4305LvJgsirTHphh7EwcFVI_QUaTvOk.xV1mKVpiz0_wK_a4C_4EOirIq9pCT8Wb; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:30 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3uRFFgu2NgPeLCZMNKQhLozhdtY2GNaPm%2F66prOxRnsNl%2F7F%2BGpmQv9hLk8dSqAU9PFtnjoDvmzS9F7rmsn%2BESPfAhJrm1wTmYoB5Fh7tBxxY11GuDpftZofqKBc4DjVL6yJ0A%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=3,i=?0\r\ncf-ray: 9f0d261afa8856b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":165093,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (35092)","md5":"0af14a8381aa9ffb9041549dd564ae57","sha1":"b00695d65a43fcb3bce778d4fd6c2eb1ef739508","sha256":"91145be72493b190ca52499d5d945d5a187482cae6add0e36306ffc697aaf446","sha512":"44efa6d772b31bad9a9561c9fc66f0c962b06343a31540d5bc31f3c8aa0c8fda87df68e8466bc810e02085c12a24bb72ef8a7a1581f8f16859b6ac646520ee10","ssdeep":"1536:/nsfx6WucPPRwy0/KHP5c+LBza4t8jxjiFOre/U3nadtDoayvi1Ynu9gMa5joGAw:/smcl3B4eFILYgMdGIkpOuFM7u","tlshash":"27f390c835d7f0a183a7287440bf084bf23dad65a84cd054e1aae0ed7db8919d277e6d","first_seen":"2026-04-21T12:24:48.978952Z","last_seen":"2026-04-23T13:21:42.170008Z","times_seen":4,"resource_available":true,"data":null}},"time_used":436,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":358,"receive":78,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/index-BJ21FeBp.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:33.362Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/index-BJ21FeBp.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/assets/index-BiQikUyv.js\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950253281; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:33 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:23 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2050\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=KDmhMSPMRkbuxkp0z4PWOzI1016huggCJf0Mz6tU2E0-1776950253.695755-1.0.1.1-LOviRTF3JbuFs_5O4y5RK_qJsQEV8AeNEFoOJmwB1pjrc69CndRRV4lc7FWypiflF5NrTILBWvmymHK7FjxtT67_pZTaD9W5e_5yuLqzMEauRo6coCzB1ohbCMqhLxbE; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:33 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Iim64Apn6alV1ATEWmFnULbbvrfEBn5v0DUuojzOhGUTwNY%2Bn13E9K8Qv3JgYoRkjkivfpSPGh32jk%2FZAE4AWbQvv%2F1V3zH3QzV5Jq7zCsknbbyypJoniuGnjbuVdyi1Fo7tNQ%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=3,i=?0\r\ncf-ray: 9f0d262b8f2156b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":157556,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"9d93ecfbc55243109c8742160b35e284","sha1":"5cc1c573dbdd97cd1d0e239ee4a3003a49f64094","sha256":"aab1b4236679b9462c2c99e800555e4f4bf526bedcae296c4b33af62be729000","sha512":"59545f5311a35a7aaffdf5a0d5c6a78740b3f08484da0e1f2bc38d6ff1c03bb7f92e04d2d7289a5278286fad774947b5aa9656cbe2c3bd6294dd5646f75a5d31","ssdeep":"3072:mQwaIFmmU4Hxsu9jbgkqJFHSWotoOwhWBx9/F1FV:VwhFHU4HNwFH7MoOWexZFHV","tlshash":"01f34ce063b4e17db603836e97e605e0e21cb444f729c0f4b6ed87f540c3599deaa629","first_seen":"2026-04-21T12:24:48.87453Z","last_seen":"2026-04-23T13:21:42.219852Z","times_seen":4,"resource_available":true,"data":null}},"time_used":445,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":435,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/fonts/default/Roboto-Medium.woff2?v=170","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:33.623Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /fonts/default/Roboto-Medium.woff2?v=170 HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/assets/index._m59fQOD.css\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950253481; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:33 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 73924\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 08:08:45 GMT\r\netag: \"69e7308d-120c4\"\r\nexpires: Thu, 23 Apr 2026 13:47:03 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\naccept-ranges: bytes\r\nvia: 1.1 google\r\nage: 1830\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=36.roXRRfdBsLeOznZKJaTtEC4yP4XTPVaYU82qw9Io-1776950253.8109305-1.0.1.1-X4vuDAN9cl3h4I0zqkVW.JWnEmo6C_0cTjjhlqr6ifZ244vUKGUnb0cg74.ZSfRxJWrWl0iEKzGMRR8qQfey04ypVcUyqPGgO1y6qu_M6bBfrjNmWA9uxMn9N.bNMGxs; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:33 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=k%2Ba0%2FwrwobXromSSaZFzYcxWD3fD2DP0jOiKJTYbSUFbRv3qhmoWjxSmmFCvRdx2l0UAVAxaozPyiZVCnyc0oDcb5YHqRZyuF4T5XERP7Ti1Y%2Bs4Z2svR%2FuM%2BsmosBq8Um9b9A%3D%3D\"}]}\r\nx-xss-protection: 1; mode=block\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\npriority: u=4,i=?0\r\ncf-ray: 9f0d262d294156b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":73924,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 73924, version 1.0","md5":"582c115c3f8f2e13a2c97e6826471c80","sha1":"822180738ed9ad4172d4e8354b81ecb2f7c46bd7","sha256":"9942fe6fe9ded7ab37fe4760990b57f5f43cebc438bf1bfe139c8b508acd424f","sha512":"03b3156c154922f4735e7b828d903c3400b320b352dda9ddb478786d8820fde8e9707cbc45c5e1282059994d65ead8e4987f249afb38534dab27ac59099c6f58","ssdeep":"1536:ckbrpZ5asBRVQFvoMJapYaiDKq4OevyyuZr47+uU76etJD5S1zYItyh+SlOUrfeZ:xHT5dBsRFuWKueK5r4SuU7DPS7yOUtRQ","tlshash":"a673025117a10b2ae42d1770187ebfd421af013ea2f6a2b0fbdc958f6d795bd0a74311","first_seen":"2026-04-05T07:31:10.885369Z","last_seen":"2026-04-23T13:40:25.953481Z","times_seen":19,"resource_available":false,"data":null}},"time_used":383,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":308,"receive":75,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/if-defined-CWaLTnLW.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:33.361Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/if-defined-CWaLTnLW.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.gallabet1075.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:33 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:23 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=JEkWmgOZgRlNugDNkQzkVg9nc_OSCrj4uBCq.FDs4CE-1776950253.5441797-1.0.1.1-9sK.XQQqG8UEEmT739EzzdLC0wVcHNF6CfAyrq_7ObY1LFXCkcJ2h8L474ORk4jgRgeg8tVPfFac2cxBiC8Qf_wAPDlURHnOY1yLrX.z6CW1G.7a9zXQZ9fxWPpEzn7s; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:33 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=uTxs1HXTgLdbjjBCLHrHFzgGQlfBFDCtDnKYHDoa1UeC2JJ%2BSy2y%2BOt7DSwcN43N%2FXxt1vta5Y5ClU2r6kx2SlnKgtkjeEla72UdLGanot7WMjA9dZ2j4nxdcGnSUPgYQyIyJw%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\ncf-ray: 9f0d262b8f1e56b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":53241,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (18566)","md5":"a3b110c47aadc250e8c08286a3927c90","sha1":"dc2412f014870a6cdd5d3fe64734a12372b2e66c","sha256":"ff1673476716b35b4481265e15bbbf19e034f23574e163b4f79ab7e39ee93d55","sha512":"a4b3491b2b16d7c8346d302b6c57643dfd39947c2bd5292310d2f86940fd9980430abd20062b49151f9417afc5d133f9056f0da838e0afe5e1c0b3b561b5580e","ssdeep":"1536:vMetjKG9nc1EM27QiZmqog9o/LxGRbVkT68QEC07G8:v5UZg9o/LxGRbVkT68Qup","tlshash":"203308d472d671a243d386e5843b001bf3753824382d846cba2de9dbbd35a4691bbf39","first_seen":"2025-06-12T05:59:20.504038Z","last_seen":"2026-04-23T13:40:25.935372Z","times_seen":587,"resource_available":true,"data":null}},"time_used":311,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":272,"receive":39,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/InformativeWidget-U7XsexQ0.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:33.831Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/InformativeWidget-U7XsexQ0.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/assets/index-By9i3a2L.js\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950253805; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=U.9ULDbXiMoTekcwMBGj6bkNI7j17fsuOdPAzzDwFMI-1776950253.9952505-1.0.1.1-cRHgVqauEdNTqlo2XYOT6Y0nRcbvyYA3E2FQ3MmfS5T67p_9bdkujcgQofDmuCD6CXTDf5c3NDt8mloZN18VstiicPcj98Kb.c7vqNXfaPXVRX_gfg7fz39tXdz._Wsw; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:33 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=55BK3SaI16KI0zze9O3qbSxEyu%2FeeVk2Bo9eUwY9rovgqNGfkvyjIJXa%2F75JzRuNLjBejotTU32VM4QG5TQAKKUP2ck6eTQLRwoeFjsRZmiFMg1A4UXTk76N0we8KAMeW4rFXw%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=3,i=?0\r\ncf-ray: 9f0d262e6b0256b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1087,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (1086)","md5":"b33695d67c48abe85873f5bf86c00af5","sha1":"0edd914a4fb8b3b268ceac53a25775329aadaaaf","sha256":"e68f8bff445a41225207efbe87a76048f840efdc5a396eb5e20c59c1a8b7a8e4","sha512":"3f3f59e5635099172d72bbc52ec00dd07d215779f272fc3afdd5f18f6cd6b5d8130e8c445232c3665177ea4800b81e47ba8fc0a1671a8887ba2990e65ca574c9","ssdeep":"","tlshash":"6911b946f590d67eb0350dc44657c0d46a212de4cf38d8e898b53008a43410bb6dbfac","first_seen":"2026-04-21T12:24:48.922225Z","last_seen":"2026-04-23T13:21:42.143661Z","times_seen":4,"resource_available":true,"data":null}},"time_used":232,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":232,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/expressOfTheDay-DphuSM7z.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.166Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/expressOfTheDay-DphuSM7z.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.gallabet1075.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=xrAi8diZk3ca8aqP2rh_Xi38bYkC0gURkleAgxnAobk-1776950254.2758026-1.0.1.1-EarFM5YgGyzrByreI7uy8lNT3nIueTS4teEuk8.k3XbU4Dkg2YzlMd5R1Pw9pKXY.0F9K.1zwNCXqHYc.H9FnLBpP.lCfSP.Ol18x7FnpSXZ_ec2HOYSzMBjNvPyBC8S; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=I9GFG7rLVeC48QmwTV3BvoZZFTllTIlmUPqsvMtMsaoU7NDQv88Z3W3UsSjt12nl2Qv0oMu%2B5u1dWzC7DTjVTCQBKb6idMNM3dwArJ6b6d%2BZ9aTnazS9zD%2BcbsaJaRVGUjm%2BVA%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\ncf-ray: 9f0d262fecf756b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":778,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (777)","md5":"22092a8c70eb955087af43f26b5a344a","sha1":"e502fa77042e7b7f3a03854282a6c83f03ae62ed","sha256":"19271fe669c8e2e0636cf9da9d6de5274132700d28b63b9d855a95cae9a53e39","sha512":"6cb612108e131c223976e6396cf14e58f4284bcfd98e76d01876b6f34738607b0c89b823fbb186b7eadb03966dddad5eaba3da3e063e78090bc1daef1039a7a4","ssdeep":"","tlshash":"9d01fddaa11dfb3f6cdba0abaec595851130787e59b271f0b20f0e9646bd008458fb16","first_seen":"2026-04-21T12:24:48.899417Z","last_seen":"2026-04-23T13:21:42.241284Z","times_seen":4,"resource_available":true,"data":null}},"time_used":262,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":262,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.gallabet1075.com/assets/DataspotTracking-BNSAxMZE.js","fqdn":"m.gallabet1075.com","domain":"gallabet1075.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.gallabet1075.com/","date":"2026-04-23T13:17:34.455Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1075.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 11:59:06 GMT","end":"Tue, 21 Jul 2026 11:59:05 GMT"},"fingerprint":{"sha1":"18:0C:C8:7A:1F:3A:0E:72:CD:0C:59:0B:11:AF:21:C6:13:B6:F4:F9","sha256":"31:FB:DD:ED:46:2B:D8:F9:8D:F8:B2:3B:34:59:4B:7E:8F:26:14:C4:B9:FD:01:90:02:61:EA:56:15:D0:5B:A1"}}},"request":{"raw":"GET /assets/DataspotTracking-BNSAxMZE.js HTTP/1.1\r\nHost: m.gallabet1075.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.gallabet1075.com/assets/index-By9i3a2L.js\r\nCookie: SERVERID=s2; TawkConnectionTime=1776950254227; _immortal|user-hash=Gmo4_1r0GYkfQ7PNdaRl1XbabopIX4GYxrq8; twk_idm_key=9AxeCG34XPE2PQUeWh0cX\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 23 Apr 2026 13:17:34 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Apr 2026 13:43:24 GMT\r\ncache-control: max-age=14400\r\nx-frame-options: SAMEORIGIN, SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self' https://*.galabet1070.com\r\nx-domain-activation: 1\r\nvia: 1.1 google\r\nage: 2049\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=dkH0ISXPcE0EotBBDrbiIS87yai_FPAIYuV718lB7YI-1776950254.3932784-1.0.1.1-jv_X8ipzUpL.jxUh7iqMvlc_P3NSaWjRPPx8E6w.kJ7pOURDvMUgP7BCLPYfxlBEywBJ7qzNKLr2_1iij_nfyPmDv_VDCu9LMeqyj0TFjyA8p95O_YJuLA_QLcaGopXP; HttpOnly; Secure; Path=/; Domain=galabet1070.com; Expires=Thu, 23 Apr 2026 13:47:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=K110gZPXSkXyZUgsvcq%2FdqL%2BJi2Ivplp6XrR2fNQNOk0CADHjOj5IJiYgcDXOnofNUC0smiiv5v4xZ0ZaI80kNTBV7S%2BiSbdvusc%2Fufxvm0nKY4w0umKit07SRJkW9BxsIyeaA%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=3,i=?0\r\ncf-ray: 9f0d2631af0c56b5-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":8580,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (8579)","md5":"a43d6d9db291e70d4e23f436096e894e","sha1":"64f14bdaec33bbf43977c9906be595d3ca46d1ba","sha256":"e24a59385db663e56f90b790d445a3cdc8a6f349d11f651b3d92e5362525fac4","sha512":"3df63a09575fc7247f89411684c94afdcd9e76770ff3074340f2c50816f89733d102a5038c5ed539f30076f271c9714471093afe3fd3d2e1015b10d913b8dee6","ssdeep":"192:rECb+cB+hnlqWkO+bNKb0s3LnBaCHJNvuvXvqvxgFzL3IuXge3AmYO2hU:rEq+cBsqViaCHJ5Q/0W1LnXge3gO2hU","tlshash":"4d02e155641e78bd6037d6ad0d4711a208387042e1339de076aacf5a9e399c28ff77cb","first_seen":"2026-04-21T12:24:48.85803Z","last_seen":"2026-04-23T13:21:42.099406Z","times_seen":4,"resource_available":true,"data":null}},"time_used":113,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":104,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"m.gallabet1075.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"m.gallabet1075.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}}]}