{"report_id":"12aaba78-960a-492c-ade5-ed7b98dfc1b0","version":6,"status":"done","tags":[],"date":"2026-02-26T14:54:30Z","url":{"schema":"http","addr":"m-galabet1123.com","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"m-galabet1123.com/tr/","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"title":"1 yeni mesaj","dom":{"size":39,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with no line terminators","md5":"086707e4369f60afedcafb16050a7618","sha1":"8216b0cc6876cbd44f01c158e7dff3833ceccd41","sha256":"a7fe83ec64bb23eb28090598db3d166ed98e52e39d1afbbfd74c579553f93e4e","sha512":"aade21843813e2cab329b99185c6f61db7907a556ea974e0315dcf3ad967cab20fee66d4f10db0d0ec43a71e086ce6d700d5524103deaefa3ce5f6be74ba5737","ssdeep":"","tlshash":"6a9000fee0a2000efc303bc00cc2238a0c28c3a830028e002ac038b8c80822bcc032c8","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"m-galabet1123.com","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-02T14:54:30Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":15}},"detection":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"dataspot-int-bucket.m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"dataspot-int-bucket.m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"dataspot-int-bucket.m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"dataspot-int-bucket.m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"dataspot-int-bucket.m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"dataspot-bucket.m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"dataspot-bucket.m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"dataspot-bucket.m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"dataspot-bucket.m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"dataspot-bucket.m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null},"summary":[{"fqdn":"va.tawk.to","ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":51316,"first_seen":"2017-01-30T04:20:46Z","last_seen":"2026-02-23T04:05:34.530775Z","alert_count":0,"request_count":5,"received_data":7679,"sent_data":2620,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"galabet.winwingames.io","ip":{"addr":"172.67.157.158","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-08-15","domain_rank":0,"first_seen":"2026-01-16T16:03:38.346691Z","last_seen":"2026-02-25T02:34:22.417241Z","alert_count":0,"request_count":3,"received_data":24144,"sent_data":1386,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"dataspot-int-bucket.m-galabet1123.com","ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":5,"request_count":1,"received_data":798,"sent_data":753,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}]},{"fqdn":"api.livechatinc.com","ip":{"addr":"2.22.225.11","port":443,"asn":20940,"as":"Akamai International B.V.","country":"France","country_code":"FR"},"domain_registered":"2005-10-31","domain_rank":29526,"first_seen":"2013-12-20T14:27:35Z","last_seen":"2026-02-23T09:39:16.493485Z","alert_count":0,"request_count":2,"received_data":7052,"sent_data":1229,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.gstatic.com","ip":{"addr":"172.217.20.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":146047,"first_seen":"2012-05-29T15:36:17Z","last_seen":"2026-02-22T22:30:31.423356Z","alert_count":0,"request_count":5,"received_data":2675281,"sent_data":2420,"comment":"","tags":null,"fingerprints":null},{"fqdn":"crm-lib.fasttrack-solutions.com","ip":{"addr":"172.67.73.148","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2016-01-28","domain_rank":1905587,"first_seen":"2019-02-04T20:13:24Z","last_seen":"2026-02-24T14:23:40.524504Z","alert_count":0,"request_count":5,"received_data":2899790,"sent_data":2430,"comment":"","tags":null,"fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"statistics.btcoservice27.com","ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"domain_registered":"2026-01-26","domain_rank":0,"first_seen":"2026-02-20T14:37:20.243897Z","last_seen":"2026-02-20T14:37:20.243897Z","alert_count":0,"request_count":39,"received_data":87128,"sent_data":17943,"comment":"","tags":null,"fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.74.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-02-22T22:18:02.864626Z","alert_count":0,"request_count":2,"received_data":5296,"sent_data":931,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"www.recaptcha.net","ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2007-01-06","domain_rank":7582,"first_seen":"2012-07-11T14:32:37Z","last_seen":"2026-02-23T05:34:41.901983Z","alert_count":0,"request_count":3,"received_data":96768,"sent_data":1886,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-02-22T22:14:59.650342Z","alert_count":0,"request_count":2,"received_data":81926,"sent_data":1098,"comment":"","tags":null,"fingerprints":null},{"fqdn":"cdn.jsdelivr.net","ip":{"addr":"104.16.174.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2012-05-16","domain_rank":1678,"first_seen":"2012-09-30T00:15:09Z","last_seen":"2026-02-22T22:32:51.303032Z","alert_count":0,"request_count":2,"received_data":305951,"sent_data":909,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"cdn.livechatinc.com","ip":{"addr":"2.19.183.147","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Sweden","country_code":"SE"},"domain_registered":"2005-10-31","domain_rank":36142,"first_seen":"2012-06-22T08:37:34Z","last_seen":"2026-02-23T04:37:59.14964Z","alert_count":0,"request_count":1,"received_data":101741,"sent_data":421,"comment":"","tags":null,"fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]}]},{"fqdn":"icons.galabet1052.com","ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":41,"received_data":1368701,"sent_data":20485,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"explorer-api.walletconnect.com","ip":{"addr":"172.66.147.126","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-12-19","domain_rank":466611,"first_seen":"2022-10-10T18:16:28Z","last_seen":"2026-02-26T01:49:24.714164Z","alert_count":0,"request_count":8,"received_data":451817,"sent_data":5090,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"cdn.segment.com","ip":{"addr":"3.164.239.145","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"1998-07-06","domain_rank":9348,"first_seen":"2014-04-11T12:30:48Z","last_seen":"2026-02-25T16:09:11.470117Z","alert_count":0,"request_count":2,"received_data":111166,"sent_data":961,"comment":"","tags":null,"fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}]},{"fqdn":"geoapi.btcoservice27.com","ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"domain_registered":"2026-01-26","domain_rank":0,"first_seen":"2026-02-24T14:23:39.776853Z","last_seen":"2026-02-24T14:23:39.776853Z","alert_count":0,"request_count":2,"received_data":2299,"sent_data":942,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"PHP:7.3.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"dataspot-bucket.m-galabet1123.com","ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":5,"request_count":1,"received_data":796,"sent_data":749,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}]},{"fqdn":"events.eu1.segmentapis.com","ip":{"addr":"52.49.32.105","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"domain_registered":"2018-07-31","domain_rank":186340,"first_seen":"2021-08-11T00:43:45Z","last_seen":"2026-02-24T09:04:25.795583Z","alert_count":0,"request_count":1,"received_data":262,"sent_data":500,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"tawk.link","ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2015-04-22","domain_rank":89439,"first_seen":"2015-06-24T11:31:14Z","last_seen":"2026-02-22T08:26:50.384618Z","alert_count":0,"request_count":1,"received_data":6942,"sent_data":484,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"m-galabet1123.com","ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-02-24","domain_rank":0,"first_seen":"2026-02-26T14:54:42.841175Z","last_seen":"2026-02-26T14:54:42.841175Z","alert_count":885,"request_count":177,"received_data":6870905,"sent_data":111365,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}]},{"fqdn":"embed.tawk.to","ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":52083,"first_seen":"2014-03-19T21:03:49Z","last_seen":"2026-02-23T02:57:59.281263Z","alert_count":0,"request_count":27,"received_data":1235213,"sent_data":12388,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"www.googletagmanager.com","ip":{"addr":"142.250.178.72","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":283,"first_seen":"2012-10-04T01:07:32Z","last_seen":"2026-02-22T22:20:46.526035Z","alert_count":0,"request_count":4,"received_data":1752264,"sent_data":1833,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"my.rtmark.net","ip":{"addr":"104.18.41.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2014-10-29","domain_rank":43911,"first_seen":"2015-02-04T09:54:57Z","last_seen":"2026-02-25T15:28:19.517047Z","alert_count":0,"request_count":2,"received_data":2114,"sent_data":1055,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"vsa85.tawk.to","ip":{"addr":"172.66.161.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":3125178,"first_seen":"2020-03-11T11:51:49Z","last_seen":"2026-02-25T08:54:54.096837Z","alert_count":0,"request_count":1,"received_data":417,"sent_data":1081,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69967ba6a3b/js/twk-chunk-2d0d2b7c.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ecc9e5cf090bf5602a01763e2895acad","sha1":"1d07eaeecb0a31f0d95363694e803282518f81a3","sha256":"1cb6c04d780fb838f64fe8bad72bbc16ff24e2466f9ba3123471321f8342cc0a","sha512":"9ace38dcdfd09222ce1f2536d8e4acc781b0055d6ae35486922b86baa540befc98bd9a5bc67bb00b0ef09b9da16ec97b1fe3b2b676b1403cde8eb2c13981870b","ssdeep":"192:0CFny7CpmxwbZlR1cwr40v0zSrj5D6/L6LvGokD36b4hwseQ:08mChZlRNr40v0GF/LvV4hwsR","tlshash":"073295b7e0a1107ea316871c506fa610f61f6c8ab2161da6b67ab46f900ddcfc065f7c","size":10938,"data":"","first_seen":"2025-11-28T06:07:28.918411Z","last_seen":"2026-05-27T07:42:34.869974Z","times_seen":26442,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/SliderMarket-CiXvKW3i.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"a35dee8833cc3474941c8ae9f42ab0d0","sha1":"c45f7e36e577f6a3858c7fb17c142b5317c7a70c","sha256":"4e199e3e49aa35595c65e4b71e7f7afeab3c7136689cc49166647cb309090206","sha512":"e990db021995ea83acd1e1e9669e3b1b254c29951d151d0aa8ae905c94c41c9b4d81890245dad72d344d34a888022948803d8941e73b41e0fa73fea2406c7ef9","ssdeep":"","tlshash":"0421404af120e5b0326a8cccc034272230352aa2dbb4e2c1e1afc7111f38259f71eb16","size":1277,"data":"","first_seen":"2026-02-25T02:34:32.612974Z","last_seen":"2026-02-26T17:03:57.930846Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/jackpot-jNbP6Duk.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"c4e89512f1192d8bdeb452c2cce992bc","sha1":"1d30070e7d0ed0838dbae22c81c41430fb3d0d45","sha256":"4a7f2a8747580d38cb522b361b5cc73a8ebcdb6690f3f8d92d7dded5be8a36fd","sha512":"b548c62816c00d3df156b43a8e608d5d7de55931f121ecfda4e7296e5cd65208ffaf60871ba3b035cd43b5e2aae82b0965329a8c9b5a0821de5a23fbdbc12626","ssdeep":"","tlshash":"00e068eed8c08dfb967007552bb018840e2416ca101ec9e4be2672611800b8828f8239","size":376,"data":"","first_seen":"2026-02-24T14:23:51.255604Z","last_seen":"2026-06-07T06:35:51.65736Z","times_seen":99,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.livechatinc.com/v3.6/customer/action/get_configuration?organization_id=ff83b5d6-c81b-46ff-a19f-41e5f7ea1cdf\u0026version=229.0.2.32.102.88.2.3.2.203.2.9.8\u0026x-region=us-south1\u0026group_id=0\u0026jsonp=__lc_static_config","fqdn":"api.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"2.22.225.11","port":443,"asn":20940,"as":"Akamai International B.V.","country":"France","country_code":"FR"},"introduction_type":"scriptElement","is_inline":false,"md5":"0ac92ab9fff56f2073f6e72a454203dd","sha1":"8575c778663d234bbc32f12789f467ab0db4565d","sha256":"dbe3fb785ce08fc1eeef82c79f22d3919fa6bf2f5afdcf559943f59a6da3c0b0","sha512":"67374c99e4e85cba72cb7a8578eaa34ad6b7b2626540ce491c69074fe293a4fa45917ff745ee87ad6c404b09e685dd7df79cae8deb2a1c15e878e136c8e82081","ssdeep":"96:80hUsXhUA4hUwhUNy1o3acJlt017gWrZSN+/9YXtJ/xN7QcGIIKTe3+/vCaq:FGsXGA4GwGWgSZTqQ1Ih6iKn","tlshash":"56c16526835fc8bbb377915a62cbb70e31185079b4f8593fe474ca70b2861c7d206d9a","size":6005,"data":"","first_seen":"2026-02-26T14:54:53.881999Z","last_seen":"2026-02-26T17:03:57.981923Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtm.js?id=GTM-WL4QZ2GQ\u0026gtm_auth=\u0026gtm_preview=\u0026gtm_cookies_win=x","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.178.72","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"51d980ed0519e3393b722f982c4a18ca","sha1":"f20e020835fd8b748c9b72fe55da4b9ed66eea31","sha256":"0b802ece8599be19c07c2b77ced60170b41b868d4cbe817e54ad9ed45cb6a9ee","sha512":"abf8767fbcb35823f058b50bd1c34b972ba5e2e25c46bac244bcc34afce1c36124737b66fa288971f8e53c5c82c2f03f1b4364d4eccb06f17aed74ce825da546","ssdeep":"6144:o95ukIVdclYZfJDbvGj8JLgoQ99orRUO+N8h14+c:o9BY+lYZfJPq8ON8v4p","tlshash":"c78429cdb7d6b46643a3a478403f014bb17a28e2b84cd894f186d8d42e70aae5177f7d","size":383074,"data":"","first_seen":"2026-02-26T14:54:53.726415Z","last_seen":"2026-02-26T14:54:53.726415Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/destination?id=G-2CT6DSEQTF\u0026cx=c\u0026gtm=4e62o1","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.178.72","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"42c87bd4b84cb12bbdd5afbdd8463a4f","sha1":"d89d1902dbf3a6061b798023defdd14391da4166","sha256":"ce7c4cdda44052367a4a85c1f1c2d29d5a17d9831b49d1a43cd25416788439ea","sha512":"69c8e370eebfb7f0ae233412b2dd73dc1273684e093c334376508e644ac078c5ca63caa545de1c18f6ce2dfef32c86255f67f26fe75369fa8d0ed6e83f9a5831","ssdeep":"6144:dDkI3dclXYZfoDbvGPR8JLgoQ99orRUO5N8X1XgyznX6:ao+lXYZfoP6R81N8l3G","tlshash":"8ba409ce73d674225297f478903f018ba57b64a2b48cc89af189cce42d7469a4277f7c","size":455441,"data":"","first_seen":"2026-02-26T14:54:53.831068Z","last_seen":"2026-02-26T14:54:53.831068Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.livechatinc.com/v3.6/customer/action/get_dynamic_configuration?x-region=us-south1\u0026license_id=19330347\u0026client_id=c5e4f61e1a6c3b1521b541bc5c5a2ac5\u0026url=https%3A%2F%2Fm-galabet1123.com%2Ftr%2F\u0026group_id=0\u0026channel_type=code\u0026jsonp=__4phonwpto8b","fqdn":"api.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"2.22.225.11","port":443,"asn":20940,"as":"Akamai International B.V.","country":"France","country_code":"FR"},"introduction_type":"scriptElement","is_inline":false,"md5":"4c86c288e52de23adadae47a6995bc9d","sha1":"284cb8609662ce2fe9cddfa180940b267f653e00","sha256":"90a88be37a65339c66d7502dbb38001f847f39c1671c78b07cfa82f5c56bc44c","sha512":"354eed9f820b72ed2d68e1bab9eb8e5c016ed8eb26779fda8d529438f61f575aac9cc9d12d600b595442aba3f58fda9e50dcd410a3f234638cf1d8ac59d2009f","ssdeep":"","tlshash":"38e061a36151553196c8e3be94015b537d305b97510496bcb46b0201521fbeeb314947","size":390,"data":"","first_seen":"2026-02-26T14:54:53.904346Z","last_seen":"2026-02-26T14:54:53.904346Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.recaptcha.net/recaptcha/api2/anchor?ar=1\u0026k=6LcKXcgUAAAAABnErUWDwYMpRiWUfgDhsWTkyPIJ\u0026co=aHR0cHM6Ly9tLWdhbGFiZXQxMTIzLmNvbTo0NDM.\u0026hl=en\u0026v=AWtrSI7lAmTAfV1rzWqEqz54\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=30000\u0026cb=6cuqg1jf8bo2","fqdn":"www.recaptcha.net","domain":"recaptcha.net","tld":"net"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"dd0925f820fb28dabf207fcafe2e5c01","sha1":"6a3913fe21a048a63d5133995447acf630e6e209","sha256":"0d6376259de58e53848141edbbfcafd448303cb15dcfb67b3ab68b63e1c35d59","sha512":"4a2d993a307c704b747c10f4fdf5c629b77095e979621630fce1afb1cce192dbaa6ea0b1c0536655bbb933e0edbd514aa6ebb123170ce8c0e64dce793a49df7d","ssdeep":"384:fTytTl8RpfWguizZq7JViU0m/EYNiaFxyrY/oXwA4b9naeIDY+oDvQ8BGH:fA8Qkq3YaAY/oMaeaknB0","tlshash":"c492b5a8f552f41a85b2b1f55c2b1239e4b76c90ec0e245ce140c1e43e71eead12be7b","size":19583,"data":"","first_seen":"2026-02-26T14:54:53.917409Z","last_seen":"2026-02-26T14:54:53.917409Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"my.rtmark.net/p.js?f=sync\u0026lr=1\u0026partner=139a886e39fc38c92e86d82c241e5af2bdde29b6844bc7ddeb0c099f62648e4a","fqdn":"my.rtmark.net","domain":"rtmark.net","tld":"net"},"ip":{"addr":"104.18.41.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"cebc7667967e601f02df39ba19712d86","sha1":"c7d3677008d76115cc41ba1b734aad112c743dbf","sha256":"089867e58a1de5998b0d74b779119d8a30fe54616ea3ce76063a5530163febea","sha512":"80a26888852e4a15ef49580494958b710628b404f4026c5b218daa918280b24a8f2fcc698ac49ee66c6e9b91954c54f5f296abfd4645d71cc32c83d4ba199378","ssdeep":"","tlshash":"2b01c07d5b86312454f634906b2bbb4a743b12be5c535808848d0414a3a8bafa21add8","size":697,"data":"","first_seen":"2025-12-24T22:39:16.348988Z","last_seen":"2026-05-22T17:22:58.055376Z","times_seen":51,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"galabet.winwingames.io/","fqdn":"galabet.winwingames.io","domain":"winwingames.io","tld":"io"},"ip":{"addr":"172.67.157.158","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"8d894772cc8ebc08c554e305272fb743","sha1":"9630696cfb8fb02d834b6c2d590ebecc9e4c1971","sha256":"8822f04d16fcc6ebe390ead32df5d08238c7c383f466f401ebd9d235d32f434f","sha512":"20c22c322a8e6d0cee22113e4bdef0fd06e8b21ab65665bf648a3dcbe3857fad121cce2043bc46551247f2f88af76efcbc8f3ba5053a820439d0383342fa0728","ssdeep":"","tlshash":"5e511f3506b31521036b206c3babe316b23ad2433548f5457e9d93015f45f79d9b2bde","size":2492,"data":"","first_seen":"2026-02-24T14:23:51.4869Z","last_seen":"2026-06-03T04:20:32.028973Z","times_seen":60,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/NotificationsButton-pLBpik3l.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"a9b056a32d1ed76e431c79743fff40d0","sha1":"991812d257618219734da63f7572df103c290922","sha256":"1d39a6add7ab9c187045bdbe1fe951cd7aa476aa5df81ad0e50ac2a876c40934","sha512":"058802b490279b15a1dc08c0bfccff599583ce22b9121453e2282443bb321ec4e51145d312ccdf1d58cc0d7ed07506b8f89c3abcdeb726bc57778cfcdeeba673","ssdeep":"","tlshash":"aef0264be994d5f417c25a11623bd0163c3ba96cef4a588000eb1c591734116c81f55f","size":558,"data":"","first_seen":"2026-02-24T14:23:51.194058Z","last_seen":"2026-02-26T17:03:57.749218Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/index-E_Qw-LwW.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"9a5934fdbf3896c23908942c6ec28e8c","sha1":"819bdac227d7bb6d8f065468a0f65ed6697d3132","sha256":"83fa3f48a7e001a7d28471b096a8806e83653854e7aeeb15c4dd979cf31ef3a4","sha512":"5cc79da26050a6c76f22fedbe2e38373849eb51337ed406c5d035935c348268dbd172717a209a97b8388223f9c8dce07018b7ccdfa043716b518ebe1fc61663e","ssdeep":"96:q1SCtCFV0h7FhpokS73sjlsv2InwLRiTvHUgAaQKFJ0FdWpA6u6PEDdxrOq+IHWE:J0ljijHvN0FdIuSEDdxP+Vj8Eu","tlshash":"ebc1a65631907534c6d204a6914f82aeef3e7638f00f50a0b23f9c6d3ba1115daa3ebd","size":5948,"data":"","first_seen":"2026-02-24T14:23:51.109809Z","last_seen":"2026-02-26T17:03:57.724952Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/Tooltip-CV9gl-ox.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"c664a5ff794ec2d4923355276efa0494","sha1":"024efb4f2181efd35ff7b0996e3517db120391d6","sha256":"0544e8134a6142b6b1562ae0ed7f436c4432371c51bd27b2d4ef7787dded9749","sha512":"7e3e1f83336d26f2e7024b35825c268d4ada8b770e4a4bbfab2b2d7d160dcea410b775fcab5f563b66fb1767aca1fa53e891581c14e489fc1529c703f82cf51a","ssdeep":"","tlshash":"1201f646e032fbf4e17754db142d966d7253266cbe2f58f0a038058f0ae4984d317b8a","size":820,"data":"","first_seen":"2026-02-24T14:23:51.012578Z","last_seen":"2026-02-26T17:03:57.835687Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/TabItem-zqZt7Nh0.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"7399832e6d7898196fe5a4b445f58dea","sha1":"2f4b483b30eadb90910b318b43c8b68aeae46a35","sha256":"4d9195a229d1433eb80aa41cb3d5a1d41e315d57081e871c6ba0d6069b42159f","sha512":"103e8255fb328e1f8ad8edd4ec6dd2a1c36b1533e03b5286272b5f2f6c53ced739ea46c254fbd7e5008e6475b3e81ac6ce268df769c0c60c8593546176533ee0","ssdeep":"","tlshash":"25e02b42e020f3f5982b84d6d26ed4c7761249dcda9588e6e0a22054072e521fb4ff8e","size":413,"data":"","first_seen":"2026-02-24T14:23:51.086077Z","last_seen":"2026-02-26T17:03:57.833559Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gstatic.com/recaptcha/releases/AWtrSI7lAmTAfV1rzWqEqz54/recaptcha__en.js","fqdn":"www.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.20.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"5d76c1cd54bfa6d632bdce4917dabe51","sha1":"8e6de70150687c9f54210ea7887f8d72a36a398c","sha256":"abcf7e70c37225416bc5c4dab4beb331be3e0a7fa478e267224af9b0d4c6855c","sha512":"558cc2e5c5baa8f91f3882ed43e1ad9241f88997d78cf53e5f70d3382eb3c661a5152fc05546baf9214c3db7e635ef3d38ddb5d1a8da00015dde503b32833e36","ssdeep":"12288:3XOybJb8FoAZFOlhDN4/6M4peznNwcLXtsnKrfPSekrMj1EL95LnAF+Om1L:sR46necLXz6kw5bM+n","tlshash":"12054adc75427661c322fcf6a067204ca37d95aac49c191db19ad8f02fb190da07afb7","size":861792,"data":"","first_seen":"2026-02-25T19:48:53.036897Z","last_seen":"2026-05-11T00:14:47.527289Z","times_seen":8685,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/__inject.js?v=1772117448018","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"1340220c02aa62dab157d1571e682c87","sha1":"c5a3e1e847953c9b1f0525466708564e74a4b0a4","sha256":"8cf463fc8ee61935dcb5fb7b66db46f80bd78c4a310fb9ef762b6f7cb1196823","sha512":"371afb6cb43d82b1529e1b3ed616a8a338dfe3976a5381a69146229c0bd902c99fa763ccba30bce97a7748f3eb71ac7efeda9f6bbadbba535bfe6e543f7a7a3d","ssdeep":"1536:oQMg8n9FTFcFuFDruVnkQCwGvPKwriA0xA:oWvl+","tlshash":"316396487ef262b2577ba2ae2787b240753240031006ee517fec47246fc6a6dc576bde","size":72157,"data":"","first_seen":"2026-02-26T14:54:53.85247Z","last_seen":"2026-02-26T17:03:57.890663Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"galabet.winwingames.io/public/proxy2.js","fqdn":"galabet.winwingames.io","domain":"winwingames.io","tld":"io"},"ip":{"addr":"172.67.157.158","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"1296781ea2c9cd24e19fe155b42373f2","sha1":"d7ce9dffbb2482bc2f3795cdeaa727d99e49644d","sha256":"de74ac92be5c23abac0e045e3380edf98b53abeb1abc7351e98ec06a71a01359","sha512":"3922435bb5f624625705a335938c57a7addd890b26905e7097bbed9882d0508fd10eacfd3fa32cf5b570deece89987d97773fc9377c68416dc03707c32e4af72","ssdeep":"192:0e/p461ScOtSD3FfjmfO6goK78IANjSLsZPiSLrBEpKYehsKs841+yUV22hhCsrq:l//Sk8fhPVEQGrUFAvRZIgUlM","tlshash":"ce92860e927b6123447334bc978ba146be1150971d0acd847f4ce394bf85b6eb6b27ac","size":19498,"data":"","first_seen":"2025-12-24T22:39:16.372563Z","last_seen":"2026-06-03T04:20:31.901901Z","times_seen":57,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/PromotedProductsWidget-DSoPzSu9.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"d25f49c76bf72dfb92284c6c8f2dc43a","sha1":"4733586af980420660c1a628ce020a362106b16e","sha256":"2ac7c3f2e2427cdc73697125a1738aa01a5fe580bbef638ef5212dd8a5294adc","sha512":"d86d81adbadb6bf8b8413a53dd5a04b75efebeca14413a687d0bcff91e54809a670e26d12566633c3048257c0e7577073444220d4b0890e9ffbdf6464d43f84f","ssdeep":"","tlshash":"d2415443d535a2b9f23a5dec264210c43c167d34d5b148a5a0b7bd1e9039826fb92ffc","size":1952,"data":"","first_seen":"2026-02-24T14:23:50.993184Z","last_seen":"2026-02-26T17:03:57.830859Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69967ba6a3b/js/twk-chunk-2d224aff.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"87f83aeea14051d9edd97ec3dd41fa0e","sha1":"8649c359a630d1c55eb268ff051d5a284ef7587e","sha256":"38a072ee28e39fadd2153244a3f0a48df473ce7d8dfe16e2f2fcbe5d9cd0bc6f","sha512":"c56e03220951ba738fa2f29bec6d02b1de5ca769f1f41c39ff3f12334b16d0a82db78487c4e4cfcd8fdfaddf4af6b923c725af335346028224efa849bc140eca","ssdeep":"384:jqiSR0nIa0kIrCQl2kL3kCrGN//h6LiJq:SzP2DZSLi8","tlshash":"37822ba6f149311bc925c750605f2228b33b19a9fa1ece7df2745cf245a8cc2906af3d","size":18392,"data":"","first_seen":"2026-02-19T03:13:10.613764Z","last_seen":"2026-04-15T01:21:42.807167Z","times_seen":8478,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/DisabledMarketEvent-h1nKsvD1.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"cafa2204750e6c428d8d41b6352c085d","sha1":"c9a9a7cb6e53b2302271d6843c7be573c05b249c","sha256":"24de6c529bd7bdafa022cf861a72397ca443c76bfa60e98475c9bbaa32d2ecf3","sha512":"1cf092dccfc5de91708958ba521a58df056c8d34bb1b490e1e12418e6775872817a2e9be50f976b8a0de0f97b09043a52096b7df9b425a86c5d4d384a37efc14","ssdeep":"","tlshash":"df415469e3a0fb7d653608dcd33f1a2a740906b1eb650992d07e0c3d1a1814e751ef9d","size":2432,"data":"","first_seen":"2026-02-24T14:23:51.276124Z","last_seen":"2026-02-26T17:03:57.830269Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69967ba6a3b/js/twk-chunk-2d21ad1b.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"1115e2fca9841903408279b7425f0389","sha1":"caabdc62a38aeee323b94ce629f1c12f260e7353","sha256":"8ae1a405e5dbd536b519694e1557e6b6ef73e4e679da67cf506cf43ff0f36ec1","sha512":"ff0e62573b59fbf6d2315eeb340a8bd798b0ac2a793b849665b46bf06f5fdbc774a27aff3dca3fde1c06b05cb8b5da46433ade1c441be88bbf0de9b2ebf6b9f8","ssdeep":"","tlshash":"d57193a8f195fbf98603e75240ff5322f0347955916ae025fb70caf803d44da6269f1a","size":3572,"data":"","first_seen":"2025-04-29T16:20:56.245573Z","last_seen":"2026-06-07T13:07:36.699952Z","times_seen":478,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/tr/","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"25968e8050b03a228b4d547826b098c6","sha1":"b15ac3dce03be69ab8e198afebaf9cf761cf9da4","sha256":"583e20359cfc6a64154b601fc47309be1e57fc2b89434d8a7649445fc66af0fd","sha512":"d2256261787b021c3ef34b69e3509640f04abd03353b7dbea1d8f07211764770e8b0a4a1ea015475e3c326d1fc797d8191b87834550309076754f8b1213dcab0","ssdeep":"","tlshash":"89e0f1e77817486a749f01bd6bb5902431832119640dc922fcfdd4241f60693cc0e88c","size":435,"data":"","first_seen":"2025-12-24T22:39:16.413128Z","last_seen":"2026-05-22T17:22:58.341014Z","times_seen":52,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/Firebase-DDwvASrY.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"7481cf9dd3ef4629e43999506ee69229","sha1":"ff3e5c0aa6bc24b531b4f638646d49e38d2fe486","sha256":"5dddd0ca4c525657b36e3b4310620f8e3a581c1465be6f5c21c7d32ff6f6200c","sha512":"4f04b6e31a72b4a72c9fba82a07bcb57365c400ced0fc7a49f453812edcf2a3d36da72936d9f2d5f38c08e2ef99d82c5313d827e582591f7f8ecd7f18d29cf59","ssdeep":"1536:V4B1ZtLG0w0MlRdcuwMU51uxIZOLphF4yslNmuICMmWJRvebilqVotWL8Avw+u7h:Vs1ZtLG0w0MlRdcuwMU51uxIZOLzF4yv","tlshash":"3883957d7a922a3317d189ab792f50cbb319c64d390f8394741ec0e91e3e45a45faeb0","size":84095,"data":"","first_seen":"2026-02-24T14:23:51.31641Z","last_seen":"2026-02-26T17:03:57.82728Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/SmartMarketEvent-CIsZCpQX.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"f3521a316d53fa50c2e0381363feea63","sha1":"ef6cc843f6317261047300f861007f341b630c5f","sha256":"9a19b1d16ffc3ae168cc81796555a5a30f33875120447d64b6e5bf0d1f1cc0ea","sha512":"cddae7eec47f003557983c216afce6b7c676027eaff33b7433724e29a41398528363ed9be78486b068174c44719c49ed394238ddd2e816b53e04addce34c096b","ssdeep":"","tlshash":"3401d0a6e85172720072ccbcd2109b43961812d3cb710255dddf8aba7bfc86e939df19","size":803,"data":"","first_seen":"2026-02-24T14:23:51.208759Z","last_seen":"2026-02-26T17:03:57.767639Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/index-BiJIhSTW.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"290dcee25f8e870092e0107cb9f53b29","sha1":"d4183bca37682f05060e8d1ce6d7868f860cab86","sha256":"0ef379043ea494139dc0f9b188aeea5e4a27103630a8f5fc565f4ece328dbd3b","sha512":"ebcb68e4da4f4a2a0c0f600e0003a5cf9a682273ffeb2352ed169c1e539a082b0c906ad037c92633945224fe94adcc66992a58eb154ffbdd8f137b841c348f30","ssdeep":"","tlshash":"ae5141c7a042e7f4bfe708e6429b10b074378d5cbe1b84a092be58964958752e36bf4d","size":2923,"data":"","first_seen":"2026-02-24T14:23:51.440572Z","last_seen":"2026-02-26T17:03:57.799137Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.16.174.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"7bb7aac0cac89a90304af1c72eb4f50d","sha1":"729f6f8ca5787d89743b0ed7eb27fd76406bf985","sha256":"f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b","sha512":"ed26bf873a3c5b2e48d8b3c955240a46d8f7d7f3c635ab138179b999dbadc77802285879cb1a833f703059762c346066090a9a740bfe881f56d6d95f2dca7f30","ssdeep":"1536:Q/drlyiQh7fh7RqgwkMTyDUV6HeAIDgI9IKQ/d2ffWifiIzQFBSob5/ove:Q/drlyogMVc6FIKV+ZLBSob5l","tlshash":"59546c7a87606deeea94d02d86db374af58c3c0453ed1266b66482cb27f543a33487dc","size":302554,"data":"","first_seen":"2023-04-05T07:49:38Z","last_seen":"2026-06-08T12:51:50.360541Z","times_seen":48804,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/tr/","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"932d1c008400401a55681904391c206c","sha1":"7cc9f4d6461805e1878406a830a785ed08d9adbb","sha256":"24cbc4e4b2c15b32036fbb84d653cb480e0818fda8318d2a806d8c3e8666dcdc","sha512":"06be73e2b9709f0164075b7fe30d5f2c03288af4d97b5eac9c0d77cd04b238efe0bf6dd746c6c9063b2f2edd00fa981d58769f76a1439687e7b0582a4d78167c","ssdeep":"","tlshash":"b421d6e238630473061625f7a93fb188b479341e2e0dd821c04fd9a839a9fdf81a3a08","size":1405,"data":"","first_seen":"2026-02-24T14:23:51.476805Z","last_seen":"2026-05-22T17:22:58.331427Z","times_seen":50,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-2CT6DSEQTF\u0026cx=c\u0026gtm=4e62o1","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.178.72","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"fabf35169e1e0124051592ae6194dc8b","sha1":"f460cdc1fab203614a504f0dd2cc0d692352edd9","sha256":"96ade7154003acd2f81ef43c06cad1ee1c3706477559821fa91ced2a7848f2c8","sha512":"d84b2ea5058309b4767d9e9c060050ac22de4e7d8e52956669889cf1360632e52b1057e79af2ab9f9a59edf00a2de0fbaab630a394cf5659ee43e0364a8b4f0b","ssdeep":"6144:dAkI3dclXYZfoDbvGPR8JLgoQ99orRUO5N8X1XgyznX6:Xo+lXYZfoP6R81N8l3G","tlshash":"e0a409ce73d674225297f478903f018ba57b64a2b48cc89af189cce42d7469a4277f7c","size":455432,"data":"","first_seen":"2026-02-26T14:54:53.833587Z","last_seen":"2026-02-26T14:54:53.833587Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69967ba6a3b/js/twk-app.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"e736e189edb5d0d9d5b8e7f23dd9114a","sha1":"bcabee193f13756fa9154fc492fe420c47140343","sha256":"13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd","sha512":"ea972884c185633ea238bdacea6ac9da0e0e92f88588cd85c214514c3597bc7d811c4dc4cd35b671dd2db97179bedceb38bd5d200abb9653fbcaeac2ca6ec7b5","ssdeep":"","tlshash":"a0c080ac1496fc9c1674154a8377f54a5cd510108055141015d851a11311546560c54d","size":151,"data":"","first_seen":"2023-03-07T01:02:46Z","last_seen":"2026-06-08T12:51:50.307892Z","times_seen":85472,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/index-nSKS2CxE.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"37c4c49a4145406837780bbb7247a394","sha1":"d86eed76369d32d002b66a497e0af321c35eac41","sha256":"b6c086f2a21e2899b76a9393b869eb8a6703f59eeda23f3d5fd5971673288ea0","sha512":"b9f970a925bd992a373a452ffef7869ebfac3e8770a1587c932a88435d4c2131e18236af156b0aedd5da7a9cb77ea64b0397d783b5898b2efbdea01f249858c4","ssdeep":"6144:YfeL9y0h4R78o8e4YQIALoh6wj9Sd51jjVvFahIRcDGRD6On:YmJy0h4R78o8e4YN/j9e5xahIFROQ","tlshash":"23240ac4b274b0b556e59494502b1201f1347c56b00d80e8b6bd9dff7faa88d92eef3a","size":221144,"data":"","first_seen":"2026-02-24T14:23:51.32626Z","last_seen":"2026-02-26T17:03:57.796635Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/userJWE-BFPhdtVH.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"61aca6b0f0e9aa3213323f0d42cf93c3","sha1":"b8b89311099047c5593d07ded4233133a6718801","sha256":"e5a44888979239c112e0fe094fec9a2b04b32f3c381b0b0b9c96ee9a843f7ad3","sha512":"a2f5abf9458a3a50960a852fcd13144ca1e36fe5ae42445706b382ee9d39dd8b291c120f60e6a8b4c5e0fce83b3c25361dfaaf27cb5552ed9555fc94996f9bdc","ssdeep":"","tlshash":"d6c0c0db4cc411f7c5582c441005ed13c7307914a3d8d3519b0cc3fe7a5500bf90ca10","size":193,"data":"","first_seen":"2026-02-24T14:23:50.941413Z","last_seen":"2026-02-26T17:03:57.968001Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/InformativeWidget-BAwOKhPq.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"bfe68e52383a846bcc852d13693ec99a","sha1":"bc0a69a7ab99db5d5e825560d41045567132c9ef","sha256":"ad6a0e54fb28450de78b863bf168d8664be8ae14ffd118032cc0dbb0aaf41642","sha512":"bbbe591918823d2e09b2fb24ebed7a12934e6d15f40e2f5ffedbf4eeeb766157ebf3346da3b0bc7421b552d4376106ca98b5184aa01a99e89893473d5889a48a","ssdeep":"","tlshash":"ca117947f550d5bdf0354dc44616d0946d212dd4df39d4e998f57008a83410bb6db7ad","size":1087,"data":"","first_seen":"2026-02-24T14:23:50.926006Z","last_seen":"2026-02-26T17:03:57.765598Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"crm-lib.fasttrack-solutions.com/lib/js/fasttrack-crm-app.js?v=caaa61a","fqdn":"crm-lib.fasttrack-solutions.com","domain":"fasttrack-solutions.com","tld":"com"},"ip":{"addr":"172.67.73.148","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"c2b96460440b1358a43a511913fcc46a","sha1":"815bc669e0c05413dd3618b44e995de5200098b8","sha256":"6a86bcf9466e23eb5dd702ffae4b53f730cde0c3a160ccfff8afca7169cd7c98","sha512":"64c88dfbdb85e2b328f8e690a4829accddbc943dfe479a4210ddf28c872f5fccedd46f23c525e2653f27d6e3d24aefaac7d9500f8027c0f08ab2be0abbe58d13","ssdeep":"768:HQzjpSkGROiRfEu8T3eSwKo2hWN0Kh4yPaw6ANGp2u+A47WFfVVoO4kC:wHpSbROiVJ88hawKV+A47OVo2C","tlshash":"4773b88db1d2badd4de32021535b3604f23b1974542bd484f7acedd52a28b0be227b6d","size":75107,"data":"","first_seen":"2026-02-12T21:09:52.719393Z","last_seen":"2026-04-14T09:08:05.884309Z","times_seen":63,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/CasinoGame-9WoCdzkb.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"9394597a4dd6f86f5e43d734a073d194","sha1":"de0ffbb62bf980a6a7693d17001195f0ca02500d","sha256":"3d3c7b4dbc38c7c892cd346771c606bfbcc9ccf8d621bc8f4396ac7eb76a7227","sha512":"9c17ba1fbc81d094106907fd547a69faf5febd87bc4c795dad206094a9d355c27d89cdba231a68f340c25d1bd1821343fedce2a70308c9ceb3aa63883383a323","ssdeep":"96:jx1BM8Xcl/jL5p8u+m+9Z87/ORx2CZZ9Lm7nxT+xmZ97vaycesDa+e:V1BMJl/jPIm+k7jKq7nxKx005e","tlshash":"f7c18504e014efbdb8360cca986f202978191fa2de198565f47da839367c11db627bdf","size":5905,"data":"","first_seen":"2026-02-24T14:23:51.033613Z","last_seen":"2026-02-26T17:03:57.889854Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/getLiveGameAdditionalInfo-wT1MfhKJ.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"8bb6d48e0059b4a0993ea7f2f68ad297","sha1":"ac68453f12a4713e30b7fe85e424dbbb266ffb70","sha256":"7f7d09c366f8afbb43e1439ce81afcdaf76f9f8d9aab83a3338c7b13e18e944f","sha512":"ff5ff2ccf22ad1c8f7d89b02340c0352025c54b019538a2633b759e620a36526188ed63dfc4dbecccdff53d6f723d2814e679da801fa29843fabb2e223625c19","ssdeep":"","tlshash":"aa2144b2606e92bbe5c94d945ab01b31e2b5ba05380445ccbb3cc9191877480a7e203a","size":1150,"data":"","first_seen":"2026-02-24T14:23:51.176176Z","last_seen":"2026-02-26T17:03:57.783484Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/AppSettingsButton-B9Bfk5lt.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"11b72d538039debad23018d55f70656a","sha1":"437b032ac4fa6f1f4a8404b53fbaeb8ef015a729","sha256":"c4f26646d48d997669963b81485af4a66a84c589c5005fa9aac7e81ce4151bd9","sha512":"a558a63166c1c05cd1f781fbe1e412559881d4e502a5768961783da4cedf90ccdb34d072f0921cc027c35bdc157f9fca17973d2e5617b1eae1ffcf1e7ec37c79","ssdeep":"","tlshash":"aae0c08b90c2d3fa03d27fd1c51fc2057e1bac78d394da4180fd90617ab4182d55e66b","size":385,"data":"","first_seen":"2026-02-24T14:23:50.9912Z","last_seen":"2026-02-26T17:03:57.902053Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/bookingBet-BkIiazay.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"ff9453e086df71df36b0074794be5555","sha1":"26e004575c1a346c510ae5be3a2545489c7e5f90","sha256":"5d233e99dd55cbd6c4a6acd81c566dee1cb146166fc41726489d64c6b6a5ed0a","sha512":"309c579276d7680b59861354b688536af34279823f9396e3c5f122059ac7c50ea0b93cf70bf48989a7bf66a9915f7ddf366e722d109c72137e49752c1e6f92a9","ssdeep":"","tlshash":"2a71e664fd2090be67f2317df4de7b426b2c4ba871a19a40fb6b9d0841848cbb534638","size":3796,"data":"","first_seen":"2026-02-24T14:23:51.288648Z","last_seen":"2026-02-26T17:03:57.896099Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"crm-lib.fasttrack-solutions.com/wc/rewards-main.umd.cjs?v=492254","fqdn":"crm-lib.fasttrack-solutions.com","domain":"fasttrack-solutions.com","tld":"com"},"ip":{"addr":"172.67.73.148","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"609f8e6887e1889e72c4e96fbc3e3d39","sha1":"1a137f4ece5f1fcbdd412cbfe382d4d3af7b5fde","sha256":"c1fad91dd5a74216ffa996be3df2737e4d30239784d7e34b004b713b7a569dd3","sha512":"c991d488a6d36de33254d5ea509320fdebb96f9bbdbac34bfc624dda5d1cf3fa3665b1ec7f02b5d51affe3e534e03d4c75a70c9a3181effc79c4a88ffc4b35f5","ssdeep":"24576:5iHlTFInH0lTghey0pZOrBQL89IQn9AZNnHF9G+lTlsREuIA:MlJInH0lchey0bOrBQLAIQn90nHF9G+m","tlshash":"50157d9072567434c3b795b160be050db23c5b027806c698f2bc99ea1fd789662bbf7c","size":953208,"data":"","first_seen":"2026-02-24T14:18:16.990938Z","last_seen":"2026-03-02T21:59:07.354611Z","times_seen":10,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/__config.js?v=1772117448018","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2e7261456f5abea81d7523bd45bf9c08","sha1":"c769a950ab481ed64288bab6f998bbbae1d52cc4","sha256":"5128a0dec3d3e8442b757502e33a2adc2225b1cb5e29887fca5ddc391e6b4830","sha512":"c548c96bdea284ab95c4229dcffdc54677f58cd80542f91eeeeff524dc54aef0d45c34275a89612918895cf6a5c559f23c262c2d243ec388503615af2248512c","ssdeep":"","tlshash":"58e06820ed50087203256426541a1603391ac1cf0a0dbd0632e0186c9f8527f8db39ba","size":361,"data":"","first_seen":"2026-01-26T08:13:17.653624Z","last_seen":"2026-04-26T13:53:22.515958Z","times_seen":26,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/lodash-BtsIEKKa.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"5bc7777b8892642f23cd66c6e8d340d5","sha1":"95ebe4b13c3fed94f7028355dc49e2d6ce00388e","sha256":"b63e578e7a1623b8704017a97c4c4a2fc9893e75cacb4036d7a44e0c4130d890","sha512":"7055ad31472662e8b5c146095854ace0e9c9ba9da557bc6fdb31cf77082a158465dd5eb9144c3c16209bf8feb546b15556aaa0449a60365430434c01913f7031","ssdeep":"1536:KR0fO7acP1TyOF/Lkj1hvbm5889266e0YRbIfY47ePu3nVd7oa+i5DnIp6EvIjLv:KScPuV/87IQ4Xn6sjLeN551tQr9M/q","tlshash":"74f3a0c835d3f4a283a7287440bf084bf23dad65a84cc554e1aae0dd7db8919c277e6d","size":165432,"data":"","first_seen":"2026-02-24T14:23:50.996294Z","last_seen":"2026-02-26T17:03:57.824337Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/index-Dm17uEDJ.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"aa15a3716deb2c818e694c29f82d9757","sha1":"fbbe307e85357f8404e2555b2896f8aac7ebeaa0","sha256":"ac64b215d95dcc20f5fe3ecfa23ec65abb79d2af76139a4732edcd39445f136a","sha512":"aef0c5357b1438cbce28bdc72147cfd65e40f6e5b5a8f58287e51fce6cff4ccb171914d2df874a0c9f071688833922353ee747fc13e6faa4bfd38a1a25e8b10b","ssdeep":"24576:cWVkHIx9sL4CFLHodjJhtBPZ2d0gPGYZYqjmsKmZiKif3ikAXEt70VDbyzWiQnu+:VVkHIx9sL4CFLHcjJhtBPZ2dPPGYFjm8","tlshash":"d1358e85b155b97997b709e560af0102b1381e04f40dc8a0f17cddad29bd849a2bbffe","size":1136380,"data":"","first_seen":"2026-02-24T14:23:51.478462Z","last_seen":"2026-02-26T17:03:57.990061Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69967ba6a3b/js/twk-chunk-vendors.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"b057293b718ae7060a9acc593ff83f67","sha1":"991ec4ae783d59b4ae91113a0ecb5e6b21d19d45","sha256":"39d3bf235a12d663f4c2564a4d0311e4c902370219bdf1c4b81d2d1698dae888","sha512":"61865e60d018bd21ca9c737aeb975e8f52b0d0fa74128720cd03fb59f7766362efc8d84b06def39558f302b15d1bb39e44dde7cf0a840d62cdcaec6932df4f52","ssdeep":"3072:NTX1gABPVhOj6y1ekyYadM/9LJQMoZmVodXsJ5Ar6VKkOPmx/:FGABPVhO5wdKJCMo4VJ5Ar6kOx/","tlshash":"11644bc8f183b0b606e7a1a5009f5207737a151968ed8498f574dee968e8e5c633bf3c","size":324696,"data":"","first_seen":"2026-02-19T03:13:10.628072Z","last_seen":"2026-04-21T03:41:36.073067Z","times_seen":12668,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/index-yvd_ZnLz.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"1fba2e1c245c140f4c56b555946eb95d","sha1":"e15437ad7685e61f87289d14a4c8b6c509e737e6","sha256":"e2fc3b5224d0d5e9cf9b6055ec32b340db14dac24312e4652c31eea4484784f8","sha512":"1c97606c460c23d83456ecc27d5ea0e862e10ca933a194daefa3f4c75c665b128639821faccceed7bcec42921a1ec987579acd0f0894019b9ec4dcba59eba281","ssdeep":"3072:m1waIFmmU4Hxsu9jbgkqJFHSWotoOwhWBx9/F1FV:MwhFHU4HNwFH7MoOWexZFHV","tlshash":"bff34ce063b4e17db603836e97e605e0e21cb444f729c0f4b6ed87f540c3599deaa629","size":157556,"data":"","first_seen":"2026-02-24T14:23:51.093868Z","last_seen":"2026-02-26T17:03:57.73553Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/FeaturedGames-CmnWY5V8.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"e24344281a7fbd4a9713273199c71772","sha1":"31949c747aacdd74360d42c5bdef538b9b1b1ef7","sha256":"cd4bbd4ac6d8c15d2e0161bbf733762f872971bef3f330f61722203fb0709294","sha512":"55516c7b75aac53acd092be82e3812ca3ed64b29355dce7d9867795b332110debbee7d5f7a536b5d6e1df37f4ac737357bf55bc82e733d0934768b6de87b77ec","ssdeep":"192:DjWt/Fh/fNHPEwDG3Qo62p7c0mhcMO/b2wL4Ula2yjRC:vKtHP4Qozp7cjhAI2CY","tlshash":"36f1ea0ae010fa7de63b49e7753f6104f47a06d4e7150890d0be6e2919e5246733ef8b","size":7906,"data":"","first_seen":"2026-02-24T14:23:50.903051Z","last_seen":"2026-02-26T17:03:57.839197Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.recaptcha.net/recaptcha/api2/anchor?ar=1\u0026k=6LcKXcgUAAAAABnErUWDwYMpRiWUfgDhsWTkyPIJ\u0026co=aHR0cHM6Ly9tLWdhbGFiZXQxMTIzLmNvbTo0NDM.\u0026hl=en\u0026v=AWtrSI7lAmTAfV1rzWqEqz54\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=30000\u0026cb=6cuqg1jf8bo2","fqdn":"www.recaptcha.net","domain":"recaptcha.net","tld":"net"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"497770a2ab62f2aa5e9a92139301634d","sha1":"49c10647ffe35e24f84f743006f162ff0fe16399","sha256":"0663d282ac18b3e9d3e81725926a5310e5cae5e6954873f09b7ee193136fb5e4","sha512":"94a5141ed28656c5873a486aebfdda52790c8517426987bf905bf3c44163a25932ab17ac498215ddbea8e0e9887a8dabe6ed80acc950c993bdc61ecf977724b9","ssdeep":"","tlshash":"06a001b2053584208e6299509553bac4e187605dfd81819470265a89f3e15e7d144940","size":72,"data":"","first_seen":"2023-03-07T01:11:36Z","last_seen":"2026-06-08T13:11:11.653834Z","times_seen":25037,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/FastTrackTracking-BNZErIta.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"1861326333be5ba0826cb14fc624519d","sha1":"203f8b49b38a20a34c025ee2bb55b976493a73ef","sha256":"51bf4e13eb7ae22577f81b7802fe6f66aba230e326f393a6593af81d306e496c","sha512":"8b7e06061c38400895b375cbece5a404410a986df6ad8dab6b4625d6bee1d6de78743cf69dc89fef75ca29971ab2b267bbefcfb468156737f1cd3b6e4fac0edb","ssdeep":"","tlshash":"1721530f80d443b478804d8da3dba261993e9975711ec4e1f07a0bad3f0ca66839ac97","size":1322,"data":"","first_seen":"2026-02-24T14:23:50.96774Z","last_seen":"2026-02-26T17:03:57.835165Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/HorizontalNavigationListItem-D8usqGBs.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"2ee91c2a746e670fa0395e2402ebb652","sha1":"5b074a326d8263e052af7932050c4dd696f95dd6","sha256":"6bed6f8c738e862641eb57d60efd2be604d705024d3576fb68a1f6cc491e62f0","sha512":"15a2d3022a25b216582a549dda022b4de3fc8eecd4d2e519a047d4ff7abf1e3ea3767850c513f5cc800e846c071b7263da71e4dca1a299a8754660a8227a0291","ssdeep":"","tlshash":"f001c001e014dbbc9a2745ccab8d1089b5479afedf782ce190f4e12109794593a86f8e","size":729,"data":"","first_seen":"2026-02-24T14:23:51.015813Z","last_seen":"2026-02-26T17:03:57.886757Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"0c2b6b27426735861f41251ff23ef3ce","sha1":"1a16b24b925212b7dc04bf4e3548a04039c65070","sha256":"acddfa288d326d9ef4d00bbd398e516a00c3637fe167fb83ed0a605a915ff4d0","sha512":"e7a6c6492054970e68a61eb0a2ab4513a95874df5d2b97008050b9792e7b1624382088d35c48e0551398c90a34388c62928d8a63d116b35e4735b8c06e23bad3","ssdeep":"","tlshash":"f251448e65b1b2b327ab20e48f8b3055603b9657100ee551f5dc4b44bfc224ed3679ed","size":2698,"data":"","first_seen":"2026-02-26T14:54:53.926766Z","last_seen":"2026-02-26T17:03:58.004771Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/if-defined-CWaLTnLW.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"a3b110c47aadc250e8c08286a3927c90","sha1":"dc2412f014870a6cdd5d3fe64734a12372b2e66c","sha256":"ff1673476716b35b4481265e15bbbf19e034f23574e163b4f79ab7e39ee93d55","sha512":"a4b3491b2b16d7c8346d302b6c57643dfd39947c2bd5292310d2f86940fd9980430abd20062b49151f9417afc5d133f9056f0da838e0afe5e1c0b3b561b5580e","ssdeep":"1536:vMetjKG9nc1EM27QiZmqog9o/LxGRbVkT68QEC07G8:v5UZg9o/LxGRbVkT68Qup","tlshash":"203308d472d671a243d386e5843b001bf3753824382d846cba2de9dbbd35a4691bbf39","size":53241,"data":"","first_seen":"2025-06-12T05:59:20.504038Z","last_seen":"2026-06-06T21:30:11.633829Z","times_seen":639,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/JackpotPoolsWidgetContainer-CG5gkeJb.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"c9c74fdfb9e5a74ebd6a40874d59f09e","sha1":"ea2993749891f4acd6ec817c2b7e543863bd3a6a","sha256":"bdfca645f493e6d1b5fc8fc135b986e6412413d80d764007c65aeb258abcbcdb","sha512":"75ec153ca1d34ab5fc39ed822e85ae9ad198813cf6947803d010b12a4802ace30fe5078ca669a875115285e13c4561d7d5da396c6531089ff099373746d929e3","ssdeep":"","tlshash":"c8818617e01ab3fcd8dc04a3502f910a2b7e0abdd75605e4d06e08240abc85af25db8a","size":4061,"data":"","first_seen":"2026-02-24T14:23:51.150408Z","last_seen":"2026-02-26T17:03:57.723683Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-MCEY36CK22","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.178.72","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"5589c0925b5e327da2a98b989e3b3669","sha1":"111f7c51fae10067725ce146da741ea6907a5306","sha256":"0baa4170e560f3d60c69c4f581d1b39cfea58995fb231643fe90808f5bde551f","sha512":"b3b9b8588c2851c86f5c57eba7cec1acc19856de2c9865640197a42d3464ec87bbadfe8995c09c0a52ab1c0d4cc1200fc358c988513832d8360f1493acb841c0","ssdeep":"6144:vMakI3dclXYZfoDbvGPR8JLgoQ99orRUO5N8X1XgyznX6:v8o+lXYZfoP6R81N8l3G","tlshash":"bca409ce73d674225297f478903f018ba57b24a2b48cc89af189cce42d7469a4277f7d","size":455510,"data":"","first_seen":"2026-02-26T14:54:53.810931Z","last_seen":"2026-02-26T14:54:53.810931Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/LiveChatAdviser-0F1bzkHq.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ac763154c645295c6b3cd9919c57569a","sha1":"ec6c1ebe026ff72a7b1588ff08ac5acb27f35609","sha256":"c7bab1e70362eaef1eda0b1acecc8ad6cfc72706f66f8ef2189f406be6cde7aa","sha512":"7378011e2960c6cbd8d4b05aebfd3ef1d71a399eb5bffb8b8693169d96d3af88bc41ceef1f5dda4e8effcd4c46c5e8a2d8face17a9a2bf31d5a3dd2f48a425e8","ssdeep":"","tlshash":"f211ef96f082e3fd66a7184dd69a6047600a4ea4d27d0db6807b15641a6ce0ae20eed4","size":862,"data":"","first_seen":"2026-02-24T14:23:51.27206Z","last_seen":"2026-02-26T17:03:57.833077Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/index.es-B9MYE6-3.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"a71206a48931c8ca241fd0483be9917b","sha1":"59e384af328bcbe0c7ce52526799e2b0f111cfb4","sha256":"4fc8231f3b89b71260c8ee9fd5a048df864e54f3e54f968fa3bf7f795c8d73dc","sha512":"e35fd45c940d6d6898583f6f9a0582034184f1a392fa74f9fe38e9be216d64c27db00d61de5e9d2dfa06c8a137f911000103f9bc2e4452a39be41745f27501e3","ssdeep":"3072:fzCw7+KZdQZv/7VXKAMJtSu7vYK9u6INz8P1jXJphlzfl8FnN1Nd6UGh:fz77jdU/7sJJMcvYisoljSFN1Nd6UGh","tlshash":"3b54fa8472a7f47543d665a8943b1542f23a5c64700c902cf6acfceebdac4499a3bf78","size":295236,"data":"","first_seen":"2026-02-24T14:23:51.310714Z","last_seen":"2026-02-26T17:03:57.86364Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/FavoriteGamesButton-CMayIdHJ.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"272697ecc5d859b61a93b0b0508d2361","sha1":"0a0782ab4013707f27c3542fad98a4275be02566","sha256":"c28bf4ed911a1e3d95ee88f0294ca02d9018275938aa0d5ce62559f21ce18d54","sha512":"5359a5b24b62b4ee9bfbe3fdef282c4e44b9ccf8b2ca3dfb73138287b4bc2abfb1f94f0daa37c4e8ceda755456e63bbfb771a5f8e884683a664fc97e17151f1f","ssdeep":"","tlshash":"04e0ab0be4c9e2fa2b826b911607c1282c2be4bce7a8e19050de04643d35597c81e96f","size":427,"data":"","first_seen":"2026-02-24T14:23:51.182796Z","last_seen":"2026-02-26T17:03:57.838455Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/CasinoJackpot-DoBzeOXX.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"fce9b3cfd468eed48d05649525ff5ed8","sha1":"ddc37fa9206ff7f24c93a15071c5ccaf3c4a37df","sha256":"954d2d5703bea36e3674bc3c5ff566b97db4ada799205a18ea5f83d0baa9d458","sha512":"6570def11e173fb4563ee7a075ce4a1399ffa3b9477e08c1a3102b8e78091fc7e926575fda1e152fd436cae5999b5a77d6b6484d6ed5c93084dcc6e02c63a171","ssdeep":"","tlshash":"b1110087e01bf3f4c8dc58e540a5955f0b2e2f7af72081d0545c4b385a25857f56c7c2","size":890,"data":"","first_seen":"2026-02-24T14:23:51.364102Z","last_seen":"2026-02-26T17:03:57.805473Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.recaptcha.net/recaptcha/api2/anchor?ar=1\u0026k=6LcKXcgUAAAAABnErUWDwYMpRiWUfgDhsWTkyPIJ\u0026co=aHR0cHM6Ly9tLWdhbGFiZXQxMTIzLmNvbTo0NDM.\u0026hl=en\u0026v=AWtrSI7lAmTAfV1rzWqEqz54\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=30000\u0026cb=6cuqg1jf8bo2","fqdn":"www.recaptcha.net","domain":"recaptcha.net","tld":"net"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"5ad006c28e2ad479ed4a22983ecbdd1c","sha1":"3be0573a0c07a77c4a3b35a96236dcfa5de28f58","sha256":"4396a4f76c8c74c6bdbc07b0921b47eabf48b9a2d021af14d245c1446691b0e1","sha512":"cfae106b06d67e5d7d1550ee60be13c8da09d257f32f2c29208c398f300da535ddda45bf130e42b6d43d274c78fe2db024d37bcc745277d270e4755639c4f347","ssdeep":"","tlshash":"37700008ac882020002a3020020b000800a2800020022280002088808e32c2a200ac08","size":22,"data":"","first_seen":"2026-02-26T08:01:34.978653Z","last_seen":"2026-02-28T07:59:07.884268Z","times_seen":2131,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/GoogleAnalyticsTracking-DmBvxHyZ.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"8cd4ae15064f7954689f3a7849a73b53","sha1":"fb7422dc654ef8bb8c8bc1b5427a557d164b7f0f","sha256":"243564d221706adbe127ee98e3bceb0859347bb88ebafd4c342e67e1d1609b6b","sha512":"546ce01ea7b40447f0a0ae6bc1b4eebcb7d349bde18015cbc22a079eaa3d219a0f4585413a77ddd79127711a864164951fa124040f10b930ca774a14f9b368d5","ssdeep":"192:bfWWYceR0SE+m/CTb3bHXCT76hoxGE0VK7D6L7kBNrnPWh52Lz2PM7mBE:jLYcoE/CzCIEP3Byy2PdBE","tlshash":"1152b55c32adb0b682df6054487f720bf1755910a458f480a265edf46ef8caf026bf36","size":13704,"data":"","first_seen":"2026-02-24T14:23:51.075102Z","last_seen":"2026-02-26T17:03:57.730432Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/ButtonWithAction-CMXROGdJ.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"bf13c23ae777d4ece9a23dfcef5f8289","sha1":"7978978fc78a9e74c7ecb60046979c7ec32a8ee8","sha256":"19d6a58feecc49b55a1436e210bd8ca17e7780ef68dc2a3ca293af206cf4e296","sha512":"4c2c9eb3a48494f7983f30743d92ed973b84bffe515172c826831ebfa850de894088e30b0a294a845ba0ffb278d2853b40a5035198d4925c83482e2a33a3dc11","ssdeep":"","tlshash":"67d0950f98c1d2f503c1ff90512bc1112e16ada0f7e4c551c08d54543e3165ac42e637","size":267,"data":"","first_seen":"2026-02-24T14:23:51.062944Z","last_seen":"2026-02-26T17:03:57.797516Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/tracking.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"2.19.183.147","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Sweden","country_code":"SE"},"introduction_type":"scriptElement","is_inline":false,"md5":"605796d2586f90f5518f97f1950f507e","sha1":"2f68e81739c8292c08e8cdf5b409a7c2b4e9b7fc","sha256":"c6229d999bd7bd135063a4d50f4d4155b1e459e092393c4a09281593d0ba7c67","sha512":"3a07e4dbee1ca3a1c7cf6b5785dd67c3b08eed498c3fdc234f9bf938d0698731de4d346e301f1e255f1cb0d86aa738301064ee7414a5b6c97ba790ea90bdcaad","ssdeep":"1536:E5hboeri/BevgjTcAhWeypynDx4Wwwpw84Io6eFlIUYo88:Evboeu/kYHyp0DPheF4o9","tlshash":"52a34ada7282b03453f786e7a17fa212b3392818340d8420f17cdd6a395a9c79177f6e","size":100997,"data":"","first_seen":"2026-02-26T14:54:53.907349Z","last_seen":"2026-02-27T08:53:00.751906Z","times_seen":28,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"27be172aa56102590529acc80a004268","sha1":"fd8f63d7ec48636e76cca1afa5a1265db958254b","sha256":"d11c5a4ee39c0bcbffc77b2370c879f436488d42040d3654f907afe16df23d68","sha512":"b0f0398119cbcbb7b45bcce4f0dabc5e2a26b48fac04600802e4fdfee7d4fe74df739fab96d9d9c3c9e2cc0bfb358828044e514a9c57dcff2e2e68f2581ff9e9","ssdeep":"","tlshash":"8c81dc99e0b726750363b43b27bba1013b22a5576890f9843a1f47c41fd602971bbef7","size":4028,"data":"","first_seen":"2026-01-26T08:13:17.75387Z","last_seen":"2026-04-26T13:53:22.611209Z","times_seen":26,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/index-B7VgD98L.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"f3e977cdfcddfa67de40c9532207a4e9","sha1":"fd3b3e40e28ca1784c3830af9517c4964150d9e7","sha256":"ed155181d21e63fe4f536feee6db5319acce059ebcb51d535fda3eac10ee81a2","sha512":"eaf67df8e9b0cc8ea960822bf3065c8e42c3a75184e741550897ea4b7fb58390ee0b877e9e1e73aae3723aea8e9fa825e3a27a88531e74a5c15d18d931310bc5","ssdeep":"384:3Mci40qXFFnJImIjE3QEuAOY2E0/JqNPR3OUFxmZ1d33PdEkBcxJs:3Mci408FFnJrIjE3D/OY2E0xqpc1NKkR","tlshash":"82820ad0e2b4f7a642e86add80392074f2218c28347dd0f1b6b6edd974664cac56dd37","size":18027,"data":"","first_seen":"2026-02-24T14:23:51.416772Z","last_seen":"2026-02-26T17:03:57.901098Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/tr/","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"3166d5139ebca4976a7df164026ff20d","sha1":"d7405b66cf00d1db4dc3140d6b1c63bca60fe4a0","sha256":"b297727d234af0837389b8bcaa1e72f4d0b62cfc126a4b9bb76201c5a52755ad","sha512":"ae0db71fd045eb0b103fd15902be9eb9a72763fc8494c7eec08ec13288bb0a46f320674f46a6467ba33f3869d3c388f15a83342bbf86aa38ef1810ed930d046c","ssdeep":"","tlshash":"4390024d71877261454126ed546a1016d3354480561c0113a7010081389814e42a5b8e","size":52,"data":"","first_seen":"2025-08-01T02:35:18.735752Z","last_seen":"2026-05-22T17:22:58.325768Z","times_seen":64,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69967ba6a3b/js/twk-vendor.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"3b341e35b39f6195793ecaf5db7c1d63","sha1":"3ef56ed9ac8bfbf5347dc4592653703f59763083","sha256":"548669d6434f5204dca25b9a6f8a02f63301b8c1b58a717b91fec8b6c2918305","sha512":"6b222121b74ffeabd4de7b69f354ad25283d0989376e8e3f6d97f829e28175291eab0a535ca77c22d3f65595250ad9ad3909525c2eb74bf9783f4955c3d7cde2","ssdeep":"768:kURUFvX9zXAfE4dm9+fuDosXRfMySUHM1ONdYO31hY6d/o6cyO4fefHvSAW64F:kURUZXGfzd1uU+8ODY6JORfHBWJF","tlshash":"b483e6dcb295b57117ab20b5417f050bf33a7815a80ac0a4f266f4da7c7848ea06bf7d","size":82913,"data":"","first_seen":"2024-03-08T05:46:53Z","last_seen":"2026-06-08T12:51:50.312897Z","times_seen":58959,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/StatisticsOnHoverContainer-BsM17Aei.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"49787840fdb8d4df9761ec97f3432d15","sha1":"909f1cc9fab91b7aed0753f53218806eb5be34b4","sha256":"ad4dd40765aa61a8a852c0607b3c0bd802989ee4b7f3e686e8ede8adb6324907","sha512":"50cd1ee26d9cf314e8da57339139d5e00840fb7583f3dc1012b0e1ce38c787ecbbdf490fa8aaa6d3dfc693cf1fac77ce8940a95e394900b379e4e1183409c9c4","ssdeep":"192:sn2zkXAsarXDxLwxGEE0D9AOgzm6j/e0R:sBParTxLwxGEphAdzm6j2q","tlshash":"1512626c118e5f69f41a8240b5202e39bb3a7877958d66f87ebc441fd3ce444bb9cb18","size":9780,"data":"","first_seen":"2026-02-24T14:23:51.34682Z","last_seen":"2026-02-26T17:03:57.950488Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/GameSuggestedEventsWidget-C1YjPNkk.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"43787a45f5cfe74078cbc565e4521f6d","sha1":"3acd5a9c1111d8edd8650289999c4d104689e633","sha256":"cd5da6dea240ba73bfe9cc022b7d9453583f2101b409e94833a3aae12cec1a1f","sha512":"090bda22324787190a13f5acbea2eceaad19784af2d260ac172a2927898e787ecdfacf87d12a74f6ab5fbf3b8b2cd2e18a9d8c970aec4dba4dbd4c7e5eb443aa","ssdeep":"","tlshash":"7071e74ae010aa39a13740d82bef3219153632b4b94353c1b63fca7123f55926b5bbdf","size":3726,"data":"","first_seen":"2026-02-24T14:23:51.248389Z","last_seen":"2026-02-26T17:03:57.756743Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/AiPromotedGamesWidget-DayfNQl4.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"f60b4a6a3477a15b6c0c4006e622406d","sha1":"52903e538502c20f1b9d4963f5a86007e6b79680","sha256":"7c30e8e112ab68408fd5c004a111993bbda00f5a3821108446d5d76399194cf8","sha512":"353db56b85039292e147537b1f6459435e89d1dd703016ae61743e67f912dfb38f99ac4831eb046f76900da23ce941ea8af8d18c6ae53710ad86927f7af9fc85","ssdeep":"","tlshash":"f1415f2fb01dc97cf36c0aa48294b74a98127bb8d619e0e8b6ef4a11776409d637db41","size":1968,"data":"","first_seen":"2026-02-24T14:23:51.298658Z","last_seen":"2026-02-26T17:03:57.793021Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/tr-DNMx9v2O.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"1fd777bf8093133bb5a1287bbc2b7a38","sha1":"e7dff7de238b28c10ee258a42fdbcf4c836129c1","sha256":"f3d64453462e4b3cab922024e5433aec52a85ebc8ebe805bea754142a074d3bf","sha512":"0101e21f6937710e2cb6d7a2a8a3c486e1f5551d293e734b62f283fb4651091180358049a6e655e0e2d63048a7a40c5c2dc71b78f41ab1286d2827a266e91707","ssdeep":"","tlshash":"2431624d2906eab2870159878c2f5f44f80d6a087136f5659be4d461ba709ee807eb3e","size":1459,"data":"","first_seen":"2026-02-24T14:23:51.318307Z","last_seen":"2026-02-26T17:03:57.781582Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/InternalDataspotTracking-DB2Ht68F.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"28d8d80edd5ad66eefb0fc684755c355","sha1":"ee7ce398f30728ac54a405da4ab117bcc5a693e9","sha256":"2e8b31d05474087678a43335a1ae8e9257fe9a1a690b7d7fbe36e74c4d12c5f2","sha512":"c7a4ae165f4e0f5bf2b1331d3881ef08b3940022b8a5a9319657b7ede16edfdb12b37f16020ee2bb3ba6f2e1e7a7ee9064c197d5c51b121be530edba74832e5a","ssdeep":"","tlshash":"f681741fd83c08b070a0cad9583bc957857d3cc9a590d8f06037de6a660fe09d6f1a9b","size":3942,"data":"","first_seen":"2026-02-24T14:23:51.294039Z","last_seen":"2026-02-26T17:03:57.827934Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/DepositCountTracking-De1I4Mce.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2045707223a5f38768732a2b5bbd3ba2","sha1":"d5243003260f5bc1b15ebd2265ea7c8e7d94cfda","sha256":"7c77670e6513887e7a5d0931da2f6cd0c40820dc4f6a04f9dbc342ffbb83901f","sha512":"4369d6ce9fb4b1abb3b82c1679590f2293e7953da296dc18c75043818c4245e43e04df6f825843431822700cc874e547399839227d5630bffebe1da8bb36e106","ssdeep":"","tlshash":"6ff0dd576878e2f58a892a8472c6a8a367f0a55cb956c8c381bd8d4a0208002e4dcd1b","size":645,"data":"","first_seen":"2026-02-24T14:23:51.429292Z","last_seen":"2026-02-26T17:03:57.814227Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69967ba6a3b/js/twk-chunk-3ea2c7ce.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"52698c6dc96b5f2bd13e8f921334e398","sha1":"eb0adbc44ebc73775c5cca0a3851e8a6510d360c","sha256":"37527b07ac54a4567d7e23bde1edfde8ed74c4f30402c96fb56f4c0020c6af42","sha512":"032e41ececcfc651f34c235d15953baacb81e7cfaf492dd919c7fca2a7c49d507ae4a60710064c5419df70eb581254058dffbf1d0d4c53ef47d87bce4e036524","ssdeep":"96:60WlCWYW5rugkENQdx0hZUASzpqrcHZ73abT3Qlgjm6i5cCEsK7oGuyGwDf/2/5N:XBTW5qgNQdAR7c573abF8cCEsK72/5N","tlshash":"b5b11982b251b4668ab5380045cf6f07b07baf4f5d09cd50d783e4a3b230c5a9667e8c","size":5504,"data":"","first_seen":"2025-11-13T12:40:48.559139Z","last_seen":"2026-06-08T12:51:50.363804Z","times_seen":36086,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/JackpotPoolDetailsItem-DOBnH8RK.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"3889e481ab1adf9f96a132846c0801d3","sha1":"d2dde6ac4f88e9697531b6b3a86d0638280a16b5","sha256":"64d0d773fcd389193d64f215cd0bc6f25d7bccef8282d0fcd309aa7298595108","sha512":"b4e0162884cabb644a2fdd77844e44fecf63b090206b2739478fe152ec719ea2cbe19be56520249c097335a5951319d25dfcb62c62c23c3f400b083fd9578f0c","ssdeep":"384:xm6srKqqF3EjFOFEGOpOpeHMtGRxeG/PcyKxV6baPFFWB:xmB7CEGOpyts/UofB","tlshash":"5a524c05f012f7edbca954f7487ee0687a5e1aa9c71808acd1bd6c313d2c455760bbac","size":14339,"data":"","first_seen":"2026-02-24T14:23:51.244561Z","last_seen":"2026-02-26T17:03:57.821746Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.recaptcha.net/recaptcha/api.js?render=6LcKXcgUAAAAABnErUWDwYMpRiWUfgDhsWTkyPIJ","fqdn":"www.recaptcha.net","domain":"recaptcha.net","tld":"net"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"efb36ea213c503be7335c4a384a422c9","sha1":"ebe0551c40e4f788ef7c8f4c1a71555d3ef3c630","sha256":"ec2aa95ab136705fc63d35438499ad8c86af1f1a48d3e8d34936d29f72745bf7","sha512":"957665016446d19c9f132b76b4b47ec4c06f88acf70c972d649344d99600865c01f79769cf98b3806545b9d32152a803e303a4b299a3ab5b0b3d4d31df06e5cf","ssdeep":"","tlshash":"aa111fb21708a0394b321de1a2ffd7b5e482701cf15845e8a512ead82f7edd7ce05945","size":1054,"data":"","first_seen":"2026-02-26T14:54:53.747705Z","last_seen":"2026-02-27T17:06:15.668461Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/SystemBetCalculatorContainer-BmSNbe1d.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"690145235a675d77bd5d22c88fdecc1e","sha1":"0ba668de57532a99d49e9ab401763fe88bed3fb7","sha256":"de4489e163ab1a989441ebac43016178c8c04ab7a9915ca5bd58da750b0c8caf","sha512":"e788679931673924ed51a6cf036cf5edfce7f1c8f4d6c13f36176b4400cc89b91e51b0355acd38c7706775f1569c52f84f6f21a06bb9369eeca5ea85a3957593","ssdeep":"","tlshash":"a1119c539718ce75848a0f660945a0541db54618a918f668b6e58c3cf51408387fffbb","size":888,"data":"","first_seen":"2026-02-24T14:23:51.314888Z","last_seen":"2026-02-26T17:03:57.912547Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/useNotificationsProvider-BxGEeL4T.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"2d9d5bd0509144a8bc2d18c111af42af","sha1":"ad47bfab28e65d8364ad194fbad23ae5e79a16de","sha256":"2546dc615d6b471b0a8c83a0f9b156a345134b4484caf6574eb58c5954ba9100","sha512":"b5cde42dac7ae4b2a865530dfc69039ee3efe535764378d517e156747a03a735449ca23f15fe699894692ffcdeba8bd13ef0f84fb297d1605496ddb7f0a13144","ssdeep":"","tlshash":"c3b01213884013f061010cdc11149c294f31483c3381cbb05034811c11e80858b0e901","size":92,"data":"","first_seen":"2026-02-24T14:23:51.043147Z","last_seen":"2026-02-26T17:03:57.849061Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/useSportData-Bwuajn-p.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"da8f7ebf8b11b7005cd6e2488d88fb68","sha1":"36f2cd8da9158b773280eebc9987d32bf40093ff","sha256":"a340fec9a35e98a62e30244c2de49edb6f7fe419bc358d2bdbf9ad2a803fc402","sha512":"027e8c487e0492b3be650de855b445a67fe1101ba9ab23a8e9603447b1f4f50e7b6173f5ef6b8619d39871b0bbcb37d0d8c2c6a8f152c64f955309d8ea16d5d9","ssdeep":"","tlshash":"1e31874c9164b070953948d6e0ad7a14d43415193b33eee2d85c0a297f6364a027ed7f","size":1770,"data":"","first_seen":"2026-02-25T02:34:32.60807Z","last_seen":"2026-02-26T17:03:57.798311Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/tr/","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"3166d5139ebca4976a7df164026ff20d","sha1":"d7405b66cf00d1db4dc3140d6b1c63bca60fe4a0","sha256":"b297727d234af0837389b8bcaa1e72f4d0b62cfc126a4b9bb76201c5a52755ad","sha512":"ae0db71fd045eb0b103fd15902be9eb9a72763fc8494c7eec08ec13288bb0a46f320674f46a6467ba33f3869d3c388f15a83342bbf86aa38ef1810ed930d046c","ssdeep":"","tlshash":"4390024d71877261454126ed546a1016d3354480561c0113a7010081389814e42a5b8e","size":52,"data":"","first_seen":"2025-08-01T02:35:18.735752Z","last_seen":"2026-05-22T17:22:58.325768Z","times_seen":64,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/tr/","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"5ab5194607d8db08f9abe85264322389","sha1":"105aa6a7c0d330d097cc7c9f6989d8223f23adf1","sha256":"3728c769109ca09c38155c787c6e13da31835fc34bfc842f7415f3d3eca691c2","sha512":"c48df33aa42a930e98ce83dcaf1dc59293d777ed22f746eb7ea8e299fe1622aec1f07ee914f18decfd1b998bcb691f84f58a5219a5e5ec1c230f9db6a331de8d","ssdeep":"","tlshash":"6ae0a31d1c1eb46227b419a8e237895530d5130529462655cb87d4543971cc554c6a4c","size":423,"data":"","first_seen":"2025-12-24T22:39:16.410899Z","last_seen":"2026-05-22T17:22:58.329852Z","times_seen":51,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/withPanelButton-h06qeZmb.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"dc9a073bc116168bb1ccb3db6362b167","sha1":"2d604eb5defb9d3de829082b95ffdb14f52dd2d2","sha256":"b2a956b6195a69a32dceb99f54f6ed7835b54ec4a5c855ca7bdedd26536e97b1","sha512":"05c7a6f302c209e94029ef151d80b3ee05d9d20e6398ec5a3515584fe9bdab6cc7a305803e23110d3233ef57f2925ace9d82d67f74be4b530563b2f9a809fa8b","ssdeep":"","tlshash":"5311fce5f584a9b2e0c41188577b2cb6759a32c9dce114d031b6c8ea5fa80489a1e9ae","size":1089,"data":"","first_seen":"2026-02-24T14:23:50.979064Z","last_seen":"2026-02-26T17:03:57.873198Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69967ba6a3b/js/twk-chunk-2d0aef27.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"89134e892271c99e4be394e757691c0c","sha1":"7e8e00a94406382ad3006aaffb6ba522a7172077","sha256":"d09d7f32db5774ee049fdd2fce086b87d897c6893753091886a8706e9747c9cc","sha512":"df656841a2fd8daa388e0345bb36bda46f568cb5b7f05cf9b10673227ba36da20c35d3fac4f96edc411475e93805cddbd8f85c545cc1d7c41aebbfcb9712f089","ssdeep":"192:0H9MawRIU9HkKRU0Ve20lqXvtsTBkpfCNmeAhbKqxK4ILZvUZaUZSsgM:Kwb9HkS316xAFKpLZEh","tlshash":"6632a3c6e8c7b9564227160451efe128f73f2a94771adc18f0a895f34a948c3507bfba","size":11888,"data":"","first_seen":"2026-02-19T03:13:10.639989Z","last_seen":"2026-04-15T01:21:42.639775Z","times_seen":6484,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"crm-lib.fasttrack-solutions.com/loader/fasttrack-crm.js","fqdn":"crm-lib.fasttrack-solutions.com","domain":"fasttrack-solutions.com","tld":"com"},"ip":{"addr":"172.67.73.148","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"0e62b669f80928b5dac9ece193256095","sha1":"a04e0c32df6e15dd5621258cdab16ca08361d27a","sha256":"cd306f0e4ea334dc0a9ab35e3e6c3c73a34876b8d8be27330916196042a1437d","sha512":"930f28be027cbe059bedfe820c6920d8668380c8aef844a15c140de8e907d2be6c5eb38470f0809709bf8d2d0cffd411c61a92a1fb1592503d59e24ff8350cc0","ssdeep":"192:/XKuPlMK5EbbbCUuUD7Z4ac2tMOx5YemndU25i5ObHwxaf6pedviiA:vKEiw8nbxDt4atx5Ye4ymr//A","tlshash":"e5e10e5c29f394610a93351f033be125f3b6e533221eec41b9dc8968af54667caa7d88","size":6791,"data":"","first_seen":"2026-02-12T21:09:52.600201Z","last_seen":"2026-04-14T09:08:05.84184Z","times_seen":66,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.segment.com/analytics.js/v1/lilPWXhBdHIJK2XkMZqV7SFa8UZQZd0D/analytics.min.js","fqdn":"cdn.segment.com","domain":"segment.com","tld":"com"},"ip":{"addr":"3.164.239.145","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"26d5c6e9eb5b8acc5d7f0a4acb0bb17d","sha1":"f28c859ece3ceabce922bbdf6272f9f7e826b783","sha256":"8ee1aaf2ad1cbca21e0581993206ba9ffd736c611beffb7287581a87cab67ff3","sha512":"388bd8e7a24945d1a3db30cd4cc03f006d5222f5b399b6578eaf9f87707fefae25b423aa0657dffd191f980827742165f1cfe7577a899ac63ed728bdd9886ee0","ssdeep":"768:IAObYQP9MBTSbyDRP0aubWc+ZdLyiQL96+hYs17eFCgt/oJBpntD/PN/xd0MpIJ4:TQP9MqMZ+vCBF/g0vmBuNfftrcuk","tlshash":"8fb371c8f6d6f064439764b4803f510bf23eb96e680e8464f266dad26c7899d9133f78","size":108916,"data":"","first_seen":"2026-02-24T14:23:50.976435Z","last_seen":"2026-05-22T17:22:58.310306Z","times_seen":50,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69967ba6a3b/js/twk-chunk-6289ff8e.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"79b4aa69d45c4b43f0b31fd971b1bbdd","sha1":"77122463966366aaa969b55f404af7903b9d8f86","sha256":"34b9a3ffbb7a87b04fe51abdb665588b82d1e5fba4cad27b6d6518228d20c2b5","sha512":"6bc666c4e89838ba9d62ccba15b642154cb69eb86ac22585e64e11eb0bca2ebc710c3c5cf8993a99aa85035e1ae44d566601f6b7649e7d92fa3d72a2f53f252f","ssdeep":"1536:BigMTWFu196wufn32jGDdgaOFUWbaGlDluK1MFY7dZPkx3u4V5pfYMrlSf:4nmuTilGhmPx3u4V5pPrlSf","tlshash":"36a3096ef091b47d8993d26120af3212f3363d55a919d0a8f234cdf859d89c9a127f3e","size":106023,"data":"","first_seen":"2026-02-19T03:13:10.618029Z","last_seen":"2026-04-15T01:21:42.737131Z","times_seen":8426,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/FavoriteGamesContent-BWhyATt4.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"520492d6f1f44fba5d1f5afca843fae8","sha1":"f325824eb34b56b1770f80963c772d8f23321133","sha256":"c7d7349a97d49fe38ecb60e29f790b95bc64e28929fcaf25d26507769c95df54","sha512":"5e4491318fc800e80ae25f817e14c02f4787708539b9ef5ae96597170f432fe6a924209bbd0450631434b4c53d711a93ed68c09cca99a30f893e60eb80d54508","ssdeep":"","tlshash":"5151c51140415ff8bb9e5eda2e27c064196a438ca286c17da87c4f3e3818640713bffa","size":2755,"data":"","first_seen":"2026-02-24T14:23:50.928734Z","last_seen":"2026-02-26T17:03:57.788556Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/walletConnect-CiycSUBb.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"da47465662d5f1b88313ef72ebb29b9b","sha1":"e0d2fd5d0504d57d4b24f518b22952d2c988a7fe","sha256":"3bab1d05ac548fa6a9da34691fb10a9952e78e39de56d9db8e707490f5693803","sha512":"0caccce9e0a63d128acb707352cf961d8f203ab6088a491971a415a6902229d366a19c5983aa951831611446a97d432ac6eb2fa0aaba7cafee0d82e68688bcb2","ssdeep":"","tlshash":"cc4153ed9a14e4fccd74d1801ac9a709a0268ec6b40d40cb71cd912f0ffd4aad546b27","size":1998,"data":"","first_seen":"2025-03-03T02:49:15.275081Z","last_seen":"2026-06-06T21:30:11.623634Z","times_seen":1659,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/FacebookTracking-3dL4n6uM.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"140e6f6f98e0fa8d3b0be5a3a4600dbc","sha1":"2004a2007bd28e2bd5e5cb1c4fff8c59feb0c9a9","sha256":"86621dcf5dc5a1b34c4539fb729e72c42ae3fe9bdf8eacfea3b3313b43b7e3cb","sha512":"75615ef7f6a0e1a3bf5d09e5d022ab408abda5aa2632928b514b1bea7824cb439a0025caf9ff607f42016b5a64e255803a8b012cb78879e66cfcd15099850c41","ssdeep":"","tlshash":"5a01fe0f2c45b479167c18b8d3bbd8142aba990a258b45a5c6c7c9b92a24546848db8d","size":680,"data":"","first_seen":"2026-02-24T14:23:51.217193Z","last_seen":"2026-02-26T17:03:57.815026Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69967ba6a3b/js/twk-chunk-4fe9d5dd.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"8249fafc9a9fbe0f75d4bef0aae2305a","sha1":"fab6dda0967dfbaf8ba0cfe5cfade8e150d1735d","sha256":"69b650b4d6479fd29987836a9b74147aade85cc9c50024bcacd5dfb2cb793e8d","sha512":"d0bc9a750061e5b4b761db081656b0e1e655126a413aaa22e87ce14cdfaeac34d532acd08eb0d61274707212871f6d84369b8b2a1a6d3e6c3bfd3d4167afa865","ssdeep":"","tlshash":"f9110248f056b8fcdc8af64288df143034627d4a898cf9e6f5f0aad405555ab312bb5f","size":1000,"data":"","first_seen":"2025-04-29T08:39:38.372752Z","last_seen":"2026-06-08T12:51:50.340542Z","times_seen":43731,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/UnavailableMarketEvent-wtkKsClH.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"98b9533851974b6ee03f009832ec9b0e","sha1":"5218639a7552fdf2a908290dfd2e9c440ebfdeb4","sha256":"9abebbd29b2f027411a623d5b140792a129165b070e618f803c4257da6978b95","sha512":"0170e9059b93228cbb5e6b27ea363c91b851c327080a46e85a96739c2b51562f56ba0c25f7ede463ff65a12a3f5ebfc832261f11f0db5e0eeeacaeec2353dd56","ssdeep":"","tlshash":"2be0cd0aa104bbf6d5255cccce3a8f4da90307b5d7ea45d3d1f951281b34265390ee96","size":308,"data":"","first_seen":"2026-02-24T14:23:51.155949Z","last_seen":"2026-02-26T17:03:57.841108Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/Odometer-BX62fBgg.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"55a1a4b91300616965d78a3641eacb56","sha1":"8a97ac37cee2af994acfbfc9f2cf14e3526c7c4e","sha256":"ffaf29e279a90410cade3f3daa9ef47a21684c027c281f7d196cac20604a450e","sha512":"b61b1b1f088df62ff5ee4e38e7ab6b1820a320e3fc2c0c37415ff1d9bdfeafba35817b9b62cf4b731f95ddb43487dc610fc89c1ae16de536a04714d3062fe67b","ssdeep":"192:2FZd7KNJtQae0S09YJFF2UXxx3HjmHHXpkauLPHMBNeSYpkYxSBrC7TlzUgrPND:2cVQae099YJT3DmHHMPrFtUhGxrPx","tlshash":"de620a8a796272344393b1e015bb0609773f9d6a3808405db67caeda7e32c19d12bff5","size":15567,"data":"","first_seen":"2026-02-24T14:23:51.358719Z","last_seen":"2026-02-26T17:03:57.766878Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"crm-lib.fasttrack-solutions.com/lib/js/fasttrack-crm-chunk-vendors.js?v=caaa61a","fqdn":"crm-lib.fasttrack-solutions.com","domain":"fasttrack-solutions.com","tld":"com"},"ip":{"addr":"172.67.73.148","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"a2363889186e23777b4b704661794f3d","sha1":"7f50ba76565cbebe1ce54ed6e30f3794fee96554","sha256":"f71def488c2fb369e417b84e2088a8c9c21a59a3d1dffe4a43f4dad196460b8c","sha512":"4fb51fd523149c9cb04134a77d41461736a1e832dbd48af01a71d47843a56fed5a4474275e8752a2460c3cd7203bbbe9fb897a4c027d81a6b446973169d3eea4","ssdeep":"12288:xF7gB5EvtEvEEvtEvud6Bg1qgn+w7b7EqGDeuPLK3c8WsIJS8oqIpCFaFIpSAJyO:xGBzd6BgJn+wT8ZI3I5Z7y+","tlshash":"688533582a6bf3849409d0d7f9373d84c59ed19aa44764d24fb24bf31bb2352eaacd03","size":1831195,"data":"","first_seen":"2025-03-04T03:23:02.060485Z","last_seen":"2026-04-13T13:13:58.719874Z","times_seen":95,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.recaptcha.net/recaptcha/api2/anchor?ar=1\u0026k=6LcKXcgUAAAAABnErUWDwYMpRiWUfgDhsWTkyPIJ\u0026co=aHR0cHM6Ly9tLWdhbGFiZXQxMTIzLmNvbTo0NDM.\u0026hl=en\u0026v=AWtrSI7lAmTAfV1rzWqEqz54\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=30000\u0026cb=6cuqg1jf8bo2","fqdn":"www.recaptcha.net","domain":"recaptcha.net","tld":"net"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"4ee174bb9db859dbb3259b533d891fcf","sha1":"e4e5aaba337d36a7dcc1bc350adae703dd56f3fb","sha256":"9815f9fd11fbc2ea23d77092bd6aafdddc9d973029a6cbae857842ab76ad7bfc","sha512":"5132a916e3e2b85f1e583bc78b9aefec7ad2c6605baf857ab81c903bc20b19488b1ded4f73c00630a8ec15d59e6bde902441d20479aedfa0ffcdb329341cf658","ssdeep":"1536:DnFwbXHUPdqyHY2+tvMMvPNaYIlErf7MNh23prmoU8eANfD:zySHY2+2uNaYdrTM723Bmn8lfD","tlshash":"6b73c02ef60334eedf7ecb511ad59b9e123dc5562a8329cd12f704c2896c9e6626d0cc","size":74597,"data":"","first_seen":"2026-02-26T14:54:53.931563Z","last_seen":"2026-02-26T14:54:53.931563Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"1e7680047100844388f5ae75375a0f63","sha1":"1f0afefd0057964e682caa95b830cc75eae2864c","sha256":"bfdc66bb39eb8a8652a5f1349ce595a27b8b7176d38b34fcd081617d3ea24b8d","sha512":"7944b2cbc1d7da79398377cf2dcbd62786c0c81fdb6b5441a90047be836222ba90c2d2da992e53ea0e267c3c538ab6e6a41f8ab18edaa400f48edbbef35a1ebf","ssdeep":"","tlshash":"ace07d6d2a40bd755383935b28b3ef1c3432702cd44da8219eef8c08190ce4e4415f5b","size":324,"data":"","first_seen":"2026-02-24T14:23:51.491585Z","last_seen":"2026-02-26T17:03:58.010824Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/WagmiConf-DcRD12Of.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"347fde358585510327d4cbde65cdf27c","sha1":"bcc43085e2128b4b3f13b3e3cb2a5ed36de68fa9","sha256":"4cb419c9f2956a83ad68b8f5ddc2add8a7e1aad05d56254bdf8e345ce1d9c066","sha512":"4106a31be84ecfe3f80e2350266a55d60aebf4ef67f4794bac22a7ff7465ecc92da7e01db1ef5014c1c2139d8eac287ab732b72e82b25457e7cafc9f2655f36a","ssdeep":"1536:/2Caz/SCdwD7ZajZlO7jMMDWOx6uxG7k8UhVxSuS7XUF3waGBfGYBgEytq2bPVAV:OCaSlx5xG7NU+WEy1bPuv1K/XGd","tlshash":"15a34ad07196b46103a74ae008bf440bf239ac34200e565cf269ecde79b96e99277f7d","size":100978,"data":"","first_seen":"2026-02-24T14:23:51.189846Z","last_seen":"2026-02-26T17:03:57.755082Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/69345a05c4e6ba197aefa96c/1jbq7v9mq","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"1cb8503928873fb0c37ddda8d9be2156","sha1":"5319387ef374c51d8602797090fed03402de834c","sha256":"f13f816cd905b4f21e6e1cb8f007a1a620bc765cc87dd54f77da47934cf78fad","sha512":"4dccac9b09a71eacf324e11bde2da2f4317c5360141051d7720cfdaa788e5987990302172d8af111afa579951c8a640cbd74266f563b35b073b5ad3c7fb7bc3c","ssdeep":"","tlshash":"8941ddea5b4f1c56b22410d90dbef90ef47620f749da6892870c085272657ad2f8ee38","size":2123,"data":"","first_seen":"2026-02-24T14:23:51.198663Z","last_seen":"2026-02-26T17:03:57.919065Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/GoogleTagManagerTracking-D0YNYPoP.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"7ba959810d4a9f7754c1811a32e116a2","sha1":"4ea9199a498728401fb02fc7a9f9b5705d7e96fb","sha256":"e3cd4a119c74e94648e229b1ccf657d25f63b948059b222f30a4adf5187c091d","sha512":"2ab8952eb3f12b16f8c4ea3d244d4da7d41281c83bf2a36a1a7b2a741c6ef5ad977478d3ca25cc1fbdbd8b60c91df2ab09096f4788a82d5af08b5ee30f5cf545","ssdeep":"384:oT5rzmJK7O+CQsGPsR9W+/kyMVVrkfknk/k9ktg7riGw7DUe:WrQiO+FQR97/kyMniKCuJ3SYe","tlshash":"f36295d7faa558a0b0bd4de81f9281c23ab1b56af58144707c7e3c0c6378e0af19596d","size":15790,"data":"","first_seen":"2026-02-24T14:23:51.041512Z","last_seen":"2026-02-26T17:03:57.813524Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/LiveChatInc-OVRSkU-M.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"386e892ab3803bf0ef0d5646d2308a0e","sha1":"bbdcd6f448c82c072ec8a85aaf94bc9535b65ad5","sha256":"e552579fd260888f85f2e29cd20c8c273cc94ffca451e80d79fce5f624465b54","sha512":"ffe631aa185f8a9db4a51fccbccee3cf40be2ffa228698cefb5d720f76cd3046f3858f6495c556212e84cc1454ec249017eb94c7a452a72f67f7e6bacbe635fe","ssdeep":"","tlshash":"975134dec43cb8b092aa67d1323f7b5f711a571ad4008d31656c4b0af61e4cbc467aca","size":2920,"data":"","first_seen":"2026-02-24T14:23:50.94711Z","last_seen":"2026-02-26T17:03:57.958513Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/BetslipButton-tfWg31Ws.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"3eac9758e461b39157cba1601935dac2","sha1":"a98041afc6e405b1feb514d42441787b6eb716f7","sha256":"c93e12cd7a9021b060876cbe4384088c2c2183d1617cffb509a17dd883f51d04","sha512":"a91e554873ed7ff7c4ae676e2fb3fd11f331d987f097d1b82f7ce55e45d95b1e99c534efee805ee87f54a34d314b8158c9c96f8887d987a4df027f9fa1c89d1b","ssdeep":"","tlshash":"16e0ab478888c2fe07425e82110682123c2795bca250e69180ae6c657e38646c81e52f","size":418,"data":"","first_seen":"2026-02-24T14:23:51.354145Z","last_seen":"2026-02-26T17:03:57.763051Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69967ba6a3b/js/twk-chunk-7941cc06.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"09a6b2a4fc1400ec37c1115e6aa1670f","sha1":"d703fbc76276de75b56fad5c189fb663146d116b","sha256":"59147272a66366aa00b1f3771a23f360ee90c3bcac88ad31f59d29562b2d3c28","sha512":"2af2fecb20cad761430bd295a3e8846ad7404f20c9610dc8e20010e4d941b9067a192e700a964b92fccd2289ae4a10eb0e2ae81db8323b49bc3c0543dfe0e457","ssdeep":"768:Vlxfu8+HYUmI+rTRWf2z+y+Um/+VRJWf/W+Hc1lt7Gj67IW8/JGvgLCBxf6stK43:xfurowf20UJWfO+Et7GZrC90k","tlshash":"a533c8c9b2d6f4258763632130af3006f27a4964a81dd155f334d9f6b9ece48a227f2d","size":53530,"data":"","first_seen":"2025-11-13T12:40:48.539817Z","last_seen":"2026-05-27T07:42:34.882187Z","times_seen":34008,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.recaptcha.net/recaptcha/api2/anchor?ar=1\u0026k=6LcKXcgUAAAAABnErUWDwYMpRiWUfgDhsWTkyPIJ\u0026co=aHR0cHM6Ly9tLWdhbGFiZXQxMTIzLmNvbTo0NDM.\u0026hl=en\u0026v=AWtrSI7lAmTAfV1rzWqEqz54\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=30000\u0026cb=6cuqg1jf8bo2","fqdn":"www.recaptcha.net","domain":"recaptcha.net","tld":"net"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"fb64e7eb7b5994f91b8e1ac317d588fb","sha1":"398895904d650890d8d11e48fdf5858ea99c58cc","sha256":"a6309211d7fa90443a2f1b63d7c74d5e21823b61110894329af081d0a9129ac2","sha512":"e6b375ed04e79ff9665123d4a566fcaea6c311731d29ee5b71f582e0a34c13679b4bc26751ab08ccde827c9e865f1c193df547e3158926b877de81bebefbdbb3","ssdeep":"","tlshash":"04700008ac882820002b3020020b000888a2a00020022280002088808c3000a200a808","size":22,"data":"","first_seen":"2026-02-26T08:01:34.990699Z","last_seen":"2026-02-28T07:59:07.883199Z","times_seen":2128,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69967ba6a3b/js/twk-main.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"da5bb1dc647470204df0e49f5afac2de","sha1":"f5cbf596ca5e4fe208e4c55af6e45b71f9febbe8","sha256":"705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c","sha512":"d9c0eda8c93df421f8147960ff4b00f8eacd8791b8386b020f04d0478c6b7a4328767a82b52b8cfbb7c3a44cb55cec488c2d1008670bee709d67d8bdbd887c39","ssdeep":"","tlshash":"d4b09b6c1057f86955e8064ed3b7f65d1d961050811104301658a1753321143c61c55b","size":121,"data":"","first_seen":"2023-03-07T01:02:45Z","last_seen":"2026-06-08T12:51:50.330923Z","times_seen":85431,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/events-Bn7gRKKo.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"090be51e82542a30e21e332ca13babfc","sha1":"b52ff723bc9b697d49472078276e7ec7dcbff8f4","sha256":"75312eb0c62a763d09fc4297b47a9432ff15df3e82e2398247716855e7d21583","sha512":"b8b9804b08e0ca7f898643e26e9277b1273e6a53b8a6dfc29f97ca560c5d4f91e23527d7120989911d65fdb3cfa467ddb2ae4986cd90f6adeff0cb8e406d66a1","ssdeep":"96:Pd9bkM29yWHs9qYfoJCOoRLRlqSpbDq6v3WZHbK3hMSNPaVqsVqH:P3IM2sWMtBq6n3PzH","tlshash":"27c143ccb38578b013e7d3abb07f520bf134a598740c5108b61aecf9696bd9a4126b78","size":6141,"data":"","first_seen":"2026-02-24T14:23:51.051447Z","last_seen":"2026-02-26T17:03:57.746676Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/DataspotTracking-BGnsxVvd.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"6eb0adb294d6e0b4be4655a714d18cf8","sha1":"a3f054659bf93aa2d3c363344c9d36aefa0a6965","sha256":"1903da0a3931978e3bf11cd481394054ee369eac77e1e9eb33dec25253c83ca9","sha512":"a704e987bddeddbfcf41a894099cab890cbc9b2499a6ba6e06f649e1f716331a64145953bc618d0da4f392ad06eb946e6679642593b509023ed2cdac75826b11","ssdeep":"192:a5xZqJXykg/uKb0n5OnB7tv1/3iYtWSsftQUs3:uZUXykg/b7ZFSXSsfDs3","tlshash":"2cf10355741e78bca033c6ac0d47616218387051e6329de476a6cf5aae3d8c28bf77cb","size":8032,"data":"","first_seen":"2026-02-24T14:23:50.919041Z","last_seen":"2026-02-26T17:03:57.92747Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/useJackpot-DIZu1EfL.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"f51e23fa741958fcc0acdce4b55fa46c","sha1":"6c5a17ada15a2ee108a351f4e8c6b7adb9a960f8","sha256":"7f255dbd2ebc95805077d7472e6cd99de2b6a488a4b6de2e3a50d6fa20a29d52","sha512":"2208a19286c5e3159732a8e30c75655fbd4bbd9fbaca53ea603e91996901533b4fefb57d23a5e7a859edacce3dfb03b856226dbdf2ac6d159600f466a254d577","ssdeep":"","tlshash":"8621264e5049e2f8f48988f20022537b7b3c3f29b590e0b094ed5d6da269d96fa30a46","size":1321,"data":"","first_seen":"2026-02-24T14:23:50.971725Z","last_seen":"2026-02-26T17:03:57.940737Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/HorizontalSportsList-BjU3O27Q.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"c73fa28cecd62ba3c31d6201e137d6a0","sha1":"613037010dab087777a8974502c79d92a15d3c49","sha256":"83b5ad3b3f3e009497b2dbde83af71ee19ab265c0027f0fb23504d2a209d2526","sha512":"5d6444f570ad2e892840f2e46a64d2d908a6989a8f5560eb63cb2058bef99bc9789030b9222e2f664de865261633e807a77b8df2f43637ec68bc118d8a3cbbbd","ssdeep":"","tlshash":"44e02bc6dc618af45a2b88efb95c24846112047cef47a671d29492281b7408bf62d04d","size":422,"data":"","first_seen":"2026-02-24T14:23:51.203754Z","last_seen":"2026-02-26T17:03:57.739299Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/gameDataProcessing-DtSnCvbE.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"dcecb2abe07ee9dcecc6f662e238bc7f","sha1":"bb8d4fd833aea5f378e2bf4851ae819f8a96f2c7","sha256":"c5a8f4dbc771b4c88e6f971277095f148539bb64a22ac65dfda70aafa878b60c","sha512":"8c7ec6fe241f990bbfddfdf77be07986ab02525eedebc159e614b1c19988df95932d3b1d854f3fa73b3077d14215f91339822ab543e09cbe89b47adccff7cd27","ssdeep":"384:WwphrrZxhxlVz12awqhvT7vsB4Pzendc0aw5K4A1nV:WCpt7ve8Q/AX1nV","tlshash":"0972750b8a024c52c97e4639c0aa15f1b9781b32e8b8cdd11a655c7afb5fa5b31e1738","size":17282,"data":"","first_seen":"2026-02-24T14:23:51.212877Z","last_seen":"2026-02-26T17:03:57.951321Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gstatic.com/recaptcha/releases/AWtrSI7lAmTAfV1rzWqEqz54/recaptcha__en.js","fqdn":"www.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.20.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"5d76c1cd54bfa6d632bdce4917dabe51","sha1":"8e6de70150687c9f54210ea7887f8d72a36a398c","sha256":"abcf7e70c37225416bc5c4dab4beb331be3e0a7fa478e267224af9b0d4c6855c","sha512":"558cc2e5c5baa8f91f3882ed43e1ad9241f88997d78cf53e5f70d3382eb3c661a5152fc05546baf9214c3db7e635ef3d38ddb5d1a8da00015dde503b32833e36","ssdeep":"12288:3XOybJb8FoAZFOlhDN4/6M4peznNwcLXtsnKrfPSekrMj1EL95LnAF+Om1L:sR46necLXz6kw5bM+n","tlshash":"12054adc75427661c322fcf6a067204ca37d95aac49c191db19ad8f02fb190da07afb7","size":861792,"data":"","first_seen":"2026-02-25T19:48:53.036897Z","last_seen":"2026-05-11T00:14:47.527289Z","times_seen":8685,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69967ba6a3b/js/twk-runtime.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"0beffdc96a1a1b35b5ce2759d6d1d51a","sha1":"8d9d42c92a1d18382b66ee353d3b81b8641ced00","sha256":"e27dcd41e84265874a28c43fa5780e5ddabc8cae4fa0d010d0ca18360e704389","sha512":"6c5f688f184fa65416108e0f6af9947e741b70ccce5053b318e8ed64858d9ccd6e6b2f905103bb3871e540ecfb7a85efb0503c539bb4545d6975c34aa58dc090","ssdeep":"","tlshash":"7f4183d936e8f9b6434318a1043f9016f6352976097be4c0531dd4f5bc78849815afb6","size":2306,"data":"","first_seen":"2026-02-19T03:13:10.681687Z","last_seen":"2026-04-15T01:21:42.763559Z","times_seen":11136,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/useOpenLiveChat-DW9DTPvg.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"e9ab582a29b68015b7e4ddf4398ef218","sha1":"ae616bc32d6364ad889332e33ee220b80b4cc854","sha256":"0f2ee7cc918524f36e5698ff96bf1d9a671b9cef7dbebc73cd1434e9e8cbd7cd","sha512":"ea403228177e00db134af06a47eced70c0a176ba505a98d37d158056b49443531257168c5aaff6e57543baad9cad1e990f2a9c29188801d9bae9ac5eaff1b3de","ssdeep":"","tlshash":"57f041da86804fbc81c0cec1405be5f45b2c0ae4700dc480a43fac985824c00467ac53","size":583,"data":"","first_seen":"2026-02-24T14:23:51.066851Z","last_seen":"2026-02-26T17:03:57.79217Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/usePriceChange-CQ4NeD1O.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"d734f3ff02b9a46256efc81b7db6485c","sha1":"7373bdc8979407b107b3fc9bb89d613befe67731","sha256":"fcd3434c3c2ba621778d372f19f8aaf5cb131adcac607bbcd2a765cda41ff091","sha512":"321e139a46f487a92e3a04e3f4ae7c7966058360ab75507b71e10bb3cb651faf57d4e0ea49bceb28278346ac20cc9186839cf7fc1909527b910069f62b40f8ea","ssdeep":"","tlshash":"9df05cbe54901823945f0cc8c26486571fd126d56bbdc31eb230c82d375c9af0a6ee66","size":470,"data":"","first_seen":"2026-02-24T14:23:50.894874Z","last_seen":"2026-02-26T17:03:57.782605Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.recaptcha.net/recaptcha/api2/anchor?ar=1\u0026k=6LcKXcgUAAAAABnErUWDwYMpRiWUfgDhsWTkyPIJ\u0026co=aHR0cHM6Ly9tLWdhbGFiZXQxMTIzLmNvbTo0NDM.\u0026hl=en\u0026v=AWtrSI7lAmTAfV1rzWqEqz54\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=30000\u0026cb=6cuqg1jf8bo2","fqdn":"www.recaptcha.net","domain":"recaptcha.net","tld":"net"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"79319ab3e9c36ae56ff092b8dbc39a01","sha1":"0d5aba683d2758f0b13bbde4b2507a3af9d6affd","sha256":"3469fd0960fcb85cb1849e364e4942084d3b7d02323f4d8cbb81def57ee6024c","sha512":"0221535620ad4cb44590d43b754fb93a7ed0bf7bce3ef7083aa3e4d42ab051b8e041c3437d129706d08672259c8292759b12bc9c8380eb2d02c909d84e5daa89","ssdeep":"384:0jTytTl8RrfWguizZq7JViU0m/EYNiaFxyrY/oXwA4b9naeIDY+oDvQ8BGf:0jA8Wkq3YaAY/oMaeaknBY","tlshash":"3692c6a8b552f41a85b3b1f55c2b1129e5bb6c906c0e245ce101c5e43e70ea9d12fe7b","size":19902,"data":"","first_seen":"2026-02-26T08:01:34.985187Z","last_seen":"2026-02-28T07:59:07.885376Z","times_seen":2129,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.livechatinc.com/global-mapper/lc_license_id/19330347/region?jsonp=__lc_region","fqdn":"api.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"b17346aced6298b7e1cadcd62f40003c","sha1":"c28b849fff4b4d9d006d803bc4d18368446ddce4","sha256":"a379b1707064386da00957301b6eb053249cfb462047d44e4fb6d52898f5b78b","sha512":"93be3c00856eedc8cedd0c7bd2b2a5873aa85dcf9e893d9e972421d122c568cbb1c9b4ca633497bc80900f688898040a218616dc69a4716fcd3d5a2dc93fb928","ssdeep":"","tlshash":"8080000e20002ae30a20ef3e8023ec0cb03e033223008288c302208228002b0822ae0b","size":35,"data":"","first_seen":"2025-05-16T12:26:33.454661Z","last_seen":"2026-06-07T08:09:45.682147Z","times_seen":27952,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.recaptcha.net/recaptcha/api2/anchor?ar=1\u0026k=6LcKXcgUAAAAABnErUWDwYMpRiWUfgDhsWTkyPIJ\u0026co=aHR0cHM6Ly9tLWdhbGFiZXQxMTIzLmNvbTo0NDM.\u0026hl=en\u0026v=AWtrSI7lAmTAfV1rzWqEqz54\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=30000\u0026cb=6cuqg1jf8bo2","fqdn":"www.recaptcha.net","domain":"recaptcha.net","tld":"net"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"158e87c784ce5f413bf7c51b2828f397","sha1":"29b7291d70ae95089a7a778c8286513feed561a9","sha256":"56b9b248c72d1ecc6abc11f4ad3e438e0cb4d2f5d321c8fd80d0db8f9ad337e3","sha512":"1fe7c884fee40de9739981e2596eeb834ded7dfb1e9078c6535d50c591b7404547594ae91daad055753acb3d4619a9a7be4cbefadb59e2736f99b393ede7372f","ssdeep":"","tlshash":"82a022c8f80e08200830320b080b0300e8aab882ea280c000023c830a33c80f08038bf","size":62,"data":"","first_seen":"2026-02-26T08:01:34.982237Z","last_seen":"2026-02-28T07:59:07.883716Z","times_seen":2126,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/tr/","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"73b8b49b4f5dd8adfdee877cd58546f0","sha1":"9f41caaee4b514ed017a6258c4a2166e6df5fad8","sha256":"b8ac084bd8c078db89ea019d31398c712a77cf27480be3b2aaaf7754615679ad","sha512":"b0dc33f21d8d930095dd34608c4cd501b4cecd139e1854fb636bb4e0d1722b22bda57425ebaf257860fc364a6ed9935865d391026a55c36bd7cbad695321d11e","ssdeep":"","tlshash":"6e4120b937867cb200f96633d6af771734f5d071d4018c10272adc896ab9d6a41a7c6d","size":2178,"data":"","first_seen":"2025-12-24T22:39:16.422871Z","last_seen":"2026-05-22T17:22:58.334241Z","times_seen":51,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/firebase-messaging-sw.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"44b92a7d10cb0970ced5798c2eb1b8ac","sha1":"819f60615624f025d1256efc408d8e576a909c7b","sha256":"a87215bfd90d96fb55335ce2b2411f38074588149c9e896505cb10b250e17e1e","sha512":"75c55da9e8afbd96b6219292c91fb88e01c15d20bafc974028763227220aa042f4b761895d44b0394baae53c225e9b0c109d2eca333aad6b382951a60448e8fe","ssdeep":"","tlshash":"5121cb124be2f8231e4104c7679f32186e290d2507b0f1de61bf56b86b0a57b206bbc5","size":1125,"data":"","first_seen":"2025-12-24T22:39:16.149326Z","last_seen":"2026-06-03T04:20:31.962446Z","times_seen":77,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69967ba6a3b/js/twk-chunk-common.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"d9deabdd1848c34f3ab46722f446c153","sha1":"ca3efc8a6fe26ae3556374b113dda96032edd201","sha256":"6a583970080e55cee4ced2fc7d5e5de94283f0e6eea428a50219b8e343ff0890","sha512":"d260841afedfa06bc864b92b64cf3bd1a323b2de447ce38cb1499cc6fccfab0da309a76814b6cfb20fae85fb5707fc72fec9996b64bfa31703445d6a933daa3c","ssdeep":"3072:I4MYggYqWzhT9dyWFW1Wn+fM4fOrcErQYIMPdLMz9o115:kyWFW1W+fM4fFkBLMz9215","tlshash":"7e34c69df186b47606a37130501f320af23a685ab45ac494f636d8e1bd789cea133f7d","size":240941,"data":"","first_seen":"2026-02-19T03:13:10.643204Z","last_seen":"2026-04-15T01:21:42.632515Z","times_seen":11130,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/___vite-browser-external_commonjs-proxy-A4ecGj_W.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"b0079630f69a9e2cdbe4b40abd97bff7","sha1":"40cfb09a153adbed8c82a17367fd114b0cec85f5","sha256":"63d661545d56e99771af0791fb8d64df0442fa66bf15c3cd130a4b9554809a5b","sha512":"df1a0c04bb298ac8e6b2bbe3f4b791a1d97597cebd1dfe507bebb9c6024dc97086dc2dc32eb2eb4add9184364d7c1ab3ba24eb3a6024a0c522b3963e0735fe78","ssdeep":"","tlshash":"63c080451a54ecb052871d828a159402d94c8d6d73f4f9d1bb4d8d55060258b627cf57","size":178,"data":"","first_seen":"2026-02-24T14:23:50.964464Z","last_seen":"2026-02-26T17:03:57.910946Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69967ba6a3b/js/twk-chunk-2d0c8092.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"77424425bd755d02077922d40a96c207","sha1":"9702eba70ac4506031d55a8c9cf6732a66853b2b","sha256":"1128f463d0038310bb65c71ee2bd50f52e40dd9dfc0489e127f3912a1aa728ce","sha512":"2ac723d6ab08dc1cf45141cc44966d9b0f01c892511f40148d785de61ac084e014799555bb3b574f6f8b78e9410df8c112fd437eafe0aa747babdc52b451d1a7","ssdeep":"96:zNC9Hqt7pEma7hY/rcKaJBPDRIv6hJQ7i16p3n4vkjvxQcsD:zKHhNYcLRIvgx43nVY","tlshash":"13b1859ef247b456c156225150ef3b1df33a281ca61ccdc8a66565f218784cba077b39","size":5261,"data":"","first_seen":"2026-02-19T03:13:10.646706Z","last_seen":"2026-04-15T01:21:42.571941Z","times_seen":8490,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"m-galabet1123.com/assets/TabItem-zqZt7Nh0.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:57.381Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/TabItem-zqZt7Nh0.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m-galabet1123.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:57 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=4,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"19d-L0tIOzDq25CRCzGLQ8i2iurkajU\"\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fGWIU2NOskTEDPKGE0uMpTWsNXBkbEUDtsQkFOlIyQA25iWNG3fU95hLdFKd%2BlQ0XFnEZMIKI075BKcNAvBCHpl%2BlRpPjpqwbOUN6KSZ4dtM\"}]}\r\ncf-ray: 9d4046615e48e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":413,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (412)","md5":"7399832e6d7898196fe5a4b445f58dea","sha1":"2f4b483b30eadb90910b318b43c8b68aeae46a35","sha256":"4d9195a229d1433eb80aa41cb3d5a1d41e315d57081e871c6ba0d6069b42159f","sha512":"103e8255fb328e1f8ad8edd4ec6dd2a1c36b1533e03b5286272b5f2f6c53ced739ea46c254fbd7e5008e6475b3e81ac6ce268df769c0c60c8593546176533ee0","ssdeep":"","tlshash":"25e02b42e020f3f5982b84d6d26ed4c7761249dcda9588e6e0a22054072e521fb4ff8e","first_seen":"2026-02-24T14:23:51.086077Z","last_seen":"2026-02-26T17:03:57.833559Z","times_seen":4,"resource_available":true,"data":null}},"time_used":44,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":44,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/payments.json?v=02/17/2026-15:58","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:54.602Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /payments.json?v=02/17/2026-15:58 HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:54 GMT\r\ncontent-type: application/json\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BZ5tRxQWvHjlkI5FRGVR5UJy5PCysEiZ8156aWD1a%2B40w3sXK%2F9xR%2Fh6pdUTr3M0GlcU9kYI1Fit1OgqimSyaFzEtISIDBMTYS4r09acVZIU\"}]}\r\nx-powered-by: Express\r\nx-cache: HIT\r\netag: W/\"1a32f-0Lqny4WyenkPn2EYXLfkGjdrqpU\"\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncf-ray: 9d40465048ece0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":107311,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"899cec3f4539dbc82bfec69820277045","sha1":"d0baa7cb85b27a790f9f61185cb7e41a376baa95","sha256":"5dd590b04e0f64bd25c7cfe0f62719faff654b7af1f5d60556d92f1648252a31","sha512":"47aeb8b43643a79311d6a9373b3bf9dc669fd40c22b8f4951f026108e13e94fb7029f89642f6ca1f83cf35feab25e46aff3529948cce5801499230bc9259666a","ssdeep":"384:dcL7tlZq1n7JNdjLV/6+34n7JkYPhiEmnXJJby50FA9ztQX3zpdYSutJirXuQirn:rjB62YME6b5Dr2r/jPMe/ZLv","tlshash":"16a3e094d8690ce7198572a468bf9207766086478e2dbd4eb75cc82d0fdec0fadb426c","first_seen":"2026-02-26T14:54:53.704792Z","last_seen":"2026-02-26T17:03:57.789411Z","times_seen":2,"resource_available":false,"data":null}},"time_used":77,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":48,"receive":29,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/menus/footer_menu_751_tur.json","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.509Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /menus/footer_menu_751_tur.json HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=1772117635494; twk_idm_key=1j_Pbe3wZINlDTDhzscRH\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: application/json\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xwQO0hcuzOvc2SvL7bLpRHQz%2BmGpDWobLaOXMntGCYLG0JhrYeMLUeiDmvAsY6TBG%2FgLbL%2FNFaiI9M5PhbKVv5RBRFBWPCZMHrxZRZPdaNpM\"}]}\r\nx-powered-by: Express\r\nx-cache: HIT\r\netag: W/\"2170-5YkIaEW1VPWbGxGytJjt0PCdLFA\"\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncf-ray: 9d404655fa7de0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":8560,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"cb7c741a547fc4a891e36f03de2f52fb","sha1":"e589086845b554f59b1b11b2b498edd0f09d2c50","sha256":"e1f2743754b756e617ee3307f8ac72f50f94263f3009f9aa90aec03edac6be73","sha512":"2d3da210a4cece77d8c2c5a21e57119c60f5010e02e3e86a8e7d3b1df68174b55f59be99ed140bf5760974abf623b8eaa24d96f0808498dffaae7723bf944482","ssdeep":"192:XSk0zkRSkukOkWkEkRSk36kphkpGkTSkEAkMlkk73kKUkwHknu4kQSkvIkWbkCOY:XvTNrLz5Rvn8xTvewIYfQQvVdqO3y/XV","tlshash":"c7024612f00d5576e7087e00bcc7ad0b84ce609dac5d49519d4d8bcecbda5af8ac62eb","first_seen":"2025-12-24T22:39:16.150949Z","last_seen":"2026-05-14T23:49:57.318125Z","times_seen":57,"resource_available":false,"data":null}},"time_used":46,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":46,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1052.com/svg/Mobile.json","fqdn":"icons.galabet1052.com","domain":"galabet1052.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.734Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1052.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:14:03 GMT","end":"Sun, 24 May 2026 11:13:59 GMT"},"fingerprint":{"sha1":"3B:14:63:FD:4D:69:AD:3E:AE:90:AC:62:75:5F:1C:3B:40:70:81:66","sha256":"67:D1:79:82:FD:52:DC:63:91:45:A6:57:3E:F7:D3:BE:95:EE:80:07:4E:A0:E0:43:F1:1C:9D:1B:E1:2E:48:79"}}},"request":{"raw":"GET /svg/Mobile.json HTTP/1.1\r\nHost: icons.galabet1052.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m-galabet1123.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nlast-modified: Mon, 30 Jun 2025 11:12:20 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=zcil4ljjEg.vdbZBh_MxiYxI_1peGn9tzqgiA1XpQDw-1772117635.8057988-1.0.1.1-J9PwYbuPQ8ot761xYZzHfcmMB30yITUuMzPt33CIu.pX.WXpZZgf4PfFwek0wTgpjl2R7EuNbZFWKaBnk0MFLsYnIed0IM8tTHptUtxWE1pIwu33irZDb45TqqsUx_LB; HttpOnly; Secure; Path=/; Domain=galabet1052.com; Expires=Thu, 26 Feb 2026 15:23:55 GMT\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KJHhfnUfKwW8G7fHPEze8eu9Ao5HofdccAOJ9asgvgjYAFnQJzTR0p3cJKJmJ9rnvMOeXxJQILtQsUOpziaBvZUQWR0v%2BGwdXx%2FYvqnCX8zfXB8Z9Q%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\netag: W/\"68627114-155\"\r\ncontent-encoding: br\r\ncf-ray: 9d404657cafb4c11-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":341,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"b140aef15c3a0e2328970dbf675bda24","sha1":"77f0fce91e82379b75340bef8bcf39509d1c55eb","sha256":"08c2a0b66d7c329ce1e9e957188e98e920311984544c6d824a29cb8c73d668c0","sha512":"06c19a313efcafa154900f41bd864dc6bc5764a82dfaee82c91ec6fb360d61e0da1a1bb8fa6c58dd8a14f6cde01b85fe25e0ab56a9ba3009f4be67f99eb1ddd5","ssdeep":"","tlshash":"dde078e5b250d40ab5557d53b3fcd5a35e69f0d1da940c39713e791e0fa3034128d14d","first_seen":"2025-10-24T05:32:28.297874Z","last_seen":"2026-05-14T23:49:57.513273Z","times_seen":55,"resource_available":false,"data":null}},"time_used":154,"timings":{"blocked":69,"dns":0,"connect":0,"send":0,"wait":85,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/FeaturedGames.BqGfbibX.css","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:56.393Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/FeaturedGames.BqGfbibX.css HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/tr/\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=0; twk_idm_key=1j_Pbe3wZINlDTDhzscRH; twk_uuid_69345a05c4e6ba197aefa96c=%7B%22uuid%22%3A%221.92R1qCgyJWowz2iTiEpRwBM0xZehlrdmh8bxgIdk3R7rbioXvAdL6Ij0M1frbRAs6Dh30m1oA1FRvNd3M7KvvDyVS879Xvfp17FFvDm7hE25401h5GP6zS56Sncq%22%2C%22version%22%3A3%2C%22domain%22%3A%22m-galabet1123.com%22%2C%22ts%22%3A1772117636060%7D\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:56 GMT\r\ncontent-type: text/css\r\npriority: u=2,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"1baa-UnbJe3DzrIMb4Ue9nTGE64Uyotw\"\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3yeXJewdeP9JXuWed4VIiHPX4Np0TB2K3xCmx90jiBNiEq95mKcHagEab7K9u3QNES9jgJ8KOicknPBiiUTJtii%2FmU5LmJLO%2BB%2B0n3yHB1VP\"}]}\r\ncf-ray: 9d40465b3c56e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":7082,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (7081)","md5":"b9d344659eda7f84d59b2ca785922590","sha1":"5276c97b70f3ac831be147bd9d3184eb8532a2dc","sha256":"e89b502316316e94643e2b764cf5688400f9359a0dce35ddb32f4d1b6025e20c","sha512":"56e9d6058b85b8fd878993b2ee6e6ed7f5acfe624e013631471f889e36f34543c3ec77987f452bd46ec2e5c5d93266f4e01a5f80662867760c46463fe4c7235d","ssdeep":"192:TYFnOFceEDvCElpcFpgZFcV3r90CCkPaifKLwp2xA:sFnOFceGrcFp+FcVRWg","tlshash":"cee13115710e3a387a23a1ff26905b8ef4dac0f1de2a2d3ea490272bcad63560535d58","first_seen":"2026-01-23T19:25:36.430155Z","last_seen":"2026-06-08T11:36:24.439872Z","times_seen":535,"resource_available":false,"data":null}},"time_used":118,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":118,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/HorizontalNavigationListItem-D8usqGBs.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:56.861Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/HorizontalNavigationListItem-D8usqGBs.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/assets/FeaturedGames-CmnWY5V8.js\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=0; twk_idm_key=1j_Pbe3wZINlDTDhzscRH; twk_uuid_69345a05c4e6ba197aefa96c=%7B%22uuid%22%3A%221.92R1qCgyJWowz2iTiEpRwBM0xZehlrdmh8bxgIdk3R7rbioXvAdL6Ij0M1frbRAs6Dh30m1oA1FRvNd3M7KvvDyVS879Xvfp17FFvDm7hE25401h5GP6zS56Sncq%22%2C%22version%22%3A3%2C%22domain%22%3A%22m-galabet1123.com%22%2C%22ts%22%3A1772117636060%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:56 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=3,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"2d9-WwdKMm2CY+BSr3kyBQxN1pb5XdY\"\r\nage: 0\r\ncontent-encoding: br\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QcD%2FfJJ8EDyyJYi%2BspUayYl6sd3nZkSqHOGEkevy4Pn2QFoxMvqnhLG7yG2XEqjs5LLfPlglfD4LgCDY3cl%2B7ENYOekYclo0jyD49psAq%2FIH\"}]}\r\ncf-ray: 9d40465e4d74e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":729,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (728)","md5":"2ee91c2a746e670fa0395e2402ebb652","sha1":"5b074a326d8263e052af7932050c4dd696f95dd6","sha256":"6bed6f8c738e862641eb57d60efd2be604d705024d3576fb68a1f6cc491e62f0","sha512":"15a2d3022a25b216582a549dda022b4de3fc8eecd4d2e519a047d4ff7abf1e3ea3767850c513f5cc800e846c071b7263da71e4dca1a299a8754660a8227a0291","ssdeep":"","tlshash":"f001c001e014dbbc9a2745ccab8d1089b5479afedf782ce190f4e12109794593a86f8e","first_seen":"2026-02-24T14:23:51.015813Z","last_seen":"2026-02-26T17:03:57.886757Z","times_seen":4,"resource_available":true,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"va.tawk.to/log-performance/v3","fqdn":"va.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:57.427Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 06 Jan 2026 07:50:57 GMT","end":"Mon, 06 Apr 2026 08:50:49 GMT"},"fingerprint":{"sha1":"76:A2:1D:87:6A:02:2B:AE:59:CF:63:88:47:0B:0E:A0:A4:71:2D:D7","sha256":"9E:00:F3:80:45:CF:47:97:9A:BA:39:F6:38:6F:52:DD:E7:5F:D6:9B:7E:89:F7:9D:B0:BD:98:6F:1F:45:64:2A"}}},"request":{"raw":"OPTIONS /log-performance/v3 HTTP/1.1\r\nHost: va.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://m-galabet1123.com/\r\nOrigin: https://m-galabet1123.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/3 200 OK\r\nx-served-by: visitor-application-preemptive-rk88\r\naccess-control-allow-origin: https://m-galabet1123.com\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 3600\r\naccess-control-allow-methods: POST,OPTIONS\r\naccess-control-allow-headers: content-type,x-tawk-token\r\ncache-control: public, s-maxage=600, max-age=600\r\ncontent-type: text/html; charset=utf-8\r\nvary: Accept-Encoding\r\ndate: Thu, 26 Feb 2026 14:53:57 GMT\r\npriority: u=4,i=?0\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\ncf-cache-status: DYNAMIC\r\nserver: cloudflare\r\ncontent-encoding: br\r\ncf-ray: 9d404661fe77e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T13:34:10.574604Z","times_seen":16240797,"resource_available":true,"data":null}},"time_used":136,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":136,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"crm-lib.fasttrack-solutions.com/wc/rewards-main.umd.cjs?v=492254","fqdn":"crm-lib.fasttrack-solutions.com","domain":"fasttrack-solutions.com","tld":"com"},"ip":{"addr":"172.67.73.148","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:57.433Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fasttrack-solutions.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 25 Jan 2026 02:49:52 GMT","end":"Sat, 25 Apr 2026 03:49:32 GMT"},"fingerprint":{"sha1":"AC:2D:A6:7A:37:80:2E:24:CB:68:71:7C:86:FC:30:1E:1E:D5:AC:5F","sha256":"BD:5F:72:18:CF:A9:84:64:5F:E2:CB:09:75:97:03:8D:AC:00:57:4C:64:66:E8:35:8B:BE:B8:14:A0:84:32:AF"}}},"request":{"raw":"GET /wc/rewards-main.umd.cjs?v=492254 HTTP/1.1\r\nHost: crm-lib.fasttrack-solutions.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m-galabet1123.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:57 GMT\r\ncontent-type: application/javascript\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET\r\naccess-control-expose-headers: ETag\r\naccess-control-max-age: 3000\r\nlast-modified: Fri, 20 Feb 2026 07:42:58 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: IozzF04B2G9OZI6CN1tvKkTzOeVdPorI\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ddWMnFdFc1MLTbcPLyxIF1bCYQofl4GEJl7Yxom2wdaxoKJFS5vwB4oqnc32qigninhXYho0m1uhmTCyjxVPIVOVio%2BB9M1sBeOYRQujWylJcanIRD9TyJD10PCIaA%3D%3D\"}]}\r\nserver: cloudflare\r\nvary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ca1ae3b3ff3d7a9e41b26e307972401e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: AMS1-P1\r\nx-amz-cf-id: Tt-pAdbd7iDyKbl_xwJLC1MaAmTRwh9BsaM--Il9FjJWntzOkKJyJw==\r\nage: 3229\r\ncache-control: max-age=31536000\r\ncf-cache-status: MISS\r\netag: W/\"609f8e6887e1889e72c4e96fbc3e3d39\"\r\ncontent-encoding: br\r\ncf-ray: 9d4046624c861ecb-ARN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":953208,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (35732)","md5":"609f8e6887e1889e72c4e96fbc3e3d39","sha1":"1a137f4ece5f1fcbdd412cbfe382d4d3af7b5fde","sha256":"c1fad91dd5a74216ffa996be3df2737e4d30239784d7e34b004b713b7a569dd3","sha512":"c991d488a6d36de33254d5ea509320fdebb96f9bbdbac34bfc624dda5d1cf3fa3665b1ec7f02b5d51affe3e534e03d4c75a70c9a3181effc79c4a88ffc4b35f5","ssdeep":"24576:5iHlTFInH0lTghey0pZOrBQL89IQn9AZNnHF9G+lTlsREuIA:MlJInH0lchey0bOrBQLAIQn90nHF9G+m","tlshash":"50157d9072567434c3b795b160be050db23c5b027806c698f2bc99ea1fd789662bbf7c","first_seen":"2026-02-24T14:18:16.990938Z","last_seen":"2026-03-02T21:59:07.354611Z","times_seen":10,"resource_available":true,"data":null}},"time_used":243,"timings":{"blocked":43,"dns":4,"connect":9,"send":0,"wait":154,"receive":0,"ssl":29},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69967ba6a3b/languages/tr.json","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:56.415Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 06 Jan 2026 07:50:57 GMT","end":"Mon, 06 Apr 2026 08:50:49 GMT"},"fingerprint":{"sha1":"76:A2:1D:87:6A:02:2B:AE:59:CF:63:88:47:0B:0E:A0:A4:71:2D:D7","sha256":"9E:00:F3:80:45:CF:47:97:9A:BA:39:F6:38:6F:52:DD:E7:5F:D6:9B:7E:89:F7:9D:B0:BD:98:6F:1F:45:64:2A"}}},"request":{"raw":"GET /_s/v4/app/69967ba6a3b/languages/tr.json HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m-galabet1123.com/\r\nOrigin: https://m-galabet1123.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:56 GMT\r\ncontent-type: application/json\r\nlast-modified: Thu, 19 Feb 2026 02:56:35 GMT\r\netag: W/\"b1c2a4d2b221a5c3df91a782a9958602\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\nvary: accept-encoding\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nx-content-type-options: nosniff\r\ncf-ray: 9d40465b5a054435-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":12522,"size_decoded":0,"mime_type":"application/json","magic":"Unicode text, UTF-8 text","md5":"d5c878b97a6e060ddcc4f14fac2c8f68","sha1":"8f1cfd2be7067d0f230c6a8e4e85f700611ac5d3","sha256":"205a43ac3282e1533a6f03102f07c4b6fdb957b777e85135585af927547dda82","sha512":"9f49e1e332fbfc76add070a561f936093d3c54d0c9e0de4bd92407fd31a6716053b5177d586f8300394c15f21d9d7b68c9f4a25abccb5190ec3255eb87be6ab1","ssdeep":"192:OyJZiyVI8zVt8yr174zUet94dgbIfCTLOSWhmiUSI8MRcM:Bil4r8yB0ZgcTLHcmiLMRL","tlshash":"49429519cd61dd5b0196a34bf4db1643b0a942871f20382dbb4c86bd1f8e9af60fa74d","first_seen":"2025-06-19T03:00:53.745119Z","last_seen":"2026-05-13T07:53:47.020299Z","times_seen":585,"resource_available":false,"data":null}},"time_used":383,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":382,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/useSportData-Bwuajn-p.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:56.830Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/useSportData-Bwuajn-p.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m-galabet1123.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:56 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=4,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"6ea-NvLNjakVi3cygO68mYfTK/QAk/8\"\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jzzgrVyLH%2FToqpTpHbLH0pDIYrrXunjBirbZSeVdytkwsutvTHNxHKAfg4vikDbCZyL84pOC49B9W8eBTouN3xWozeVSCCEIIF23C45a628%2F\"}]}\r\ncf-ray: 9d40465e1d5fe0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":1770,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (1769)","md5":"da8f7ebf8b11b7005cd6e2488d88fb68","sha1":"36f2cd8da9158b773280eebc9987d32bf40093ff","sha256":"a340fec9a35e98a62e30244c2de49edb6f7fe419bc358d2bdbf9ad2a803fc402","sha512":"027e8c487e0492b3be650de855b445a67fe1101ba9ab23a8e9603447b1f4f50e7b6173f5ef6b8619d39871b0bbcb37d0d8c2c6a8f152c64f955309d8ea16d5d9","ssdeep":"","tlshash":"1e31874c9164b070953948d6e0ad7a14d43415193b33eee2d85c0a297f6364a027ed7f","first_seen":"2026-02-25T02:34:32.60807Z","last_seen":"2026-02-26T17:03:57.798311Z","times_seen":3,"resource_available":true,"data":null}},"time_used":103,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":103,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"statistics.btcoservice27.com/images/e/s/0/466.png","fqdn":"statistics.btcoservice27.com","domain":"btcoservice27.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:58.179Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"btcoservice27.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 09:41:42 GMT","end":"Sun, 26 Apr 2026 10:41:35 GMT"},"fingerprint":{"sha1":"81:21:C1:62:6C:B3:8C:D6:3B:78:1C:03:98:EB:E4:B5:0B:08:13:4C","sha256":"86:BF:9F:A3:FE:30:F5:BD:7B:AD:63:3C:D7:11:72:E8:91:A7:06:23:A8:B5:1E:96:CD:28:18:3E:4C:48:4C:86"}}},"request":{"raw":"GET /images/e/s/0/466.png HTTP/1.1\r\nHost: statistics.btcoservice27.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:58 GMT\r\ncontent-type: image/png\r\ncontent-length: 984\r\nserver: cloudflare\r\nlast-modified: Tue, 17 Sep 2019 06:23:21 GMT\r\netag: \"87ce3667206dd51:0\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\nx-powered-by: ASP.NET\r\nexpires: Fri, 27 Mar 2026 20:17:18 GMT\r\ncache-control: max-age=2592000\r\npragma: public\r\nx-cache: MISS\r\naccept-ranges: bytes\r\nage: 66999\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nset-cookie: __cf_bm=4_.u3qMZvv88aKJ9OvGEGrr6WJCpri859UrOVLIT8ik-1772117638.1435812-1.0.1.1-SkW_7df0t3yYa1.oq.g8.dKHROGZipS4ynyPuHVQ79reUOVU0Q3g8aPWMr41Ukj2gs9X1o_4PTsUBSxHi6IiGSxoZBpCZ3o4HBOJAmPBOaUYSRwIVKVz7rXnDEDDS9xu; HttpOnly; Secure; Path=/; Domain=btcoservice27.com; Expires=Thu, 26 Feb 2026 15:23:58 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qwWQOcDM%2BjdQs9o5rZ8PFwVfWsrJXIcaQmVXpccGVtr3mxxm6E%2BQSvKcdfhvCK4xh7vhHXoKK51SnGWbw0J3WANeL25iTESDobKydNAiADc2ez180n0u3N9ztrw%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d4046666e8d4c11-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":984,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced","md5":"4c4c28d3f9e75ef444ae17cb2c1bf006","sha1":"7e13c88e0e2edd791fb4b29a0143ef50780b14bf","sha256":"baa07a18353d0ca2c4678611b30bba33757d8dad7467ac13dca933d02b43297f","sha512":"a2bf0f4fb8fcedd00ccab5436560a0696a23d632080acff482d64fd6b06b01f25e32f8dd86e0b24ab9d8f26ec68ab47ae6faf58c41086db8aa50ea0eb9f66bfc","ssdeep":"","tlshash":"5611c499e32c703cd7aa961a220e5263527fd4ffd528000c2abbca210727e5c372bd30","first_seen":"2023-09-23T15:54:58Z","last_seen":"2026-05-16T13:14:11.771567Z","times_seen":264,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Lato|Lilita+One","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:58.694Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 08:40:56 GMT","end":"Mon, 20 Apr 2026 08:40:55 GMT"},"fingerprint":{"sha1":"09:4B:1C:B6:64:C5:97:5E:E3:CF:D9:FF:1A:01:C4:D8:D7:10:82:7A","sha256":"2F:A7:09:04:89:72:33:DE:1D:F8:A7:A6:EC:9F:0C:74:15:D5:B0:87:85:BE:25:63:1A:0E:73:0C:72:E3:CD:C8"}}},"request":{"raw":"GET /css?family=Lato|Lilita+One HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://crm-lib.fasttrack-solutions.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Thu, 26 Feb 2026 14:53:58 GMT\r\ndate: Thu, 26 Feb 2026 14:53:58 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1586,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"2f31f582a62929942285136edb852eb4","sha1":"ade05009e3f52242452d23f325d0d60eb2f4945d","sha256":"86d1d33f6f9e190954cb9cf8f930c7ce03e60bb102b64f2ce0baab352285acab","sha512":"2e4b5ff5cb64ede4c3e63e2477f156c55597e1c3ddd83d888fd96c66bf7cc6716dcf522fad19cdde2a4a564f530022feaff488500797d01f3673e52e295ddabd","ssdeep":"","tlshash":"6e31bf92097ba80497930dc212ce7d32ef1e62406845a825afff18dcfc67c699362b0d","first_seen":"2025-09-20T10:36:49.753015Z","last_seen":"2026-06-06T23:43:56.083256Z","times_seen":146,"resource_available":false,"data":null}},"time_used":155,"timings":{"blocked":67,"dns":1,"connect":7,"send":0,"wait":20,"receive":0,"ssl":57},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69967ba6a3b/js/twk-app.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:54.549Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 06 Jan 2026 07:50:57 GMT","end":"Mon, 06 Apr 2026 08:50:49 GMT"},"fingerprint":{"sha1":"76:A2:1D:87:6A:02:2B:AE:59:CF:63:88:47:0B:0E:A0:A4:71:2D:D7","sha256":"9E:00:F3:80:45:CF:47:97:9A:BA:39:F6:38:6F:52:DD:E7:5F:D6:9B:7E:89:F7:9D:B0:BD:98:6F:1F:45:64:2A"}}},"request":{"raw":"GET /_s/v4/app/69967ba6a3b/js/twk-app.js HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m-galabet1123.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:54 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Thu, 19 Feb 2026 02:56:34 GMT\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\ncf-cache-status: MISS\r\netag: W/\"e736e189edb5d0d9d5b8e7f23dd9114a\"\r\ncontent-encoding: br\r\ncf-ray: 9d40464fed560b9c-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":151,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with no line terminators","md5":"e736e189edb5d0d9d5b8e7f23dd9114a","sha1":"bcabee193f13756fa9154fc492fe420c47140343","sha256":"13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd","sha512":"ea972884c185633ea238bdacea6ac9da0e0e92f88588cd85c214514c3597bc7d811c4dc4cd35b671dd2db97179bedceb38bd5d200abb9653fbcaeac2ca6ec7b5","ssdeep":"","tlshash":"a0c080ac1496fc9c1674154a8377f54a5cd510108055141015d851a11311546560c54d","first_seen":"2023-03-07T01:02:46Z","last_seen":"2026-06-08T12:51:50.307892Z","times_seen":85472,"resource_available":true,"data":null}},"time_used":150,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":150,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/ButtonWithAction-CMXROGdJ.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.829Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/ButtonWithAction-CMXROGdJ.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m-galabet1123.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=4,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"10b-eXiXj8eKnnTH7LYARpecfsMqjug\"\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wIO2g1UqUvQmpjwkEn5iNtYQDaWj%2BshEyO9bJiOUkYBAgS4eVBGLk9c4U9CegLwaPQPMOtuEbFewdZhxhprjQKHM5GSJHV8tLI%2BD%2FTaetIFW\"}]}\r\ncf-ray: 9d404657bafbe0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":267,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text","md5":"bf13c23ae777d4ece9a23dfcef5f8289","sha1":"7978978fc78a9e74c7ecb60046979c7ec32a8ee8","sha256":"19d6a58feecc49b55a1436e210bd8ca17e7780ef68dc2a3ca293af206cf4e296","sha512":"4c2c9eb3a48494f7983f30743d92ed973b84bffe515172c826831ebfa850de894088e30b0a294a845ba0ffb278d2853b40a5035198d4925c83482e2a33a3dc11","ssdeep":"","tlshash":"67d0950f98c1d2f503c1ff90512bc1112e16ada0f7e4c551c08d54543e3165ac42e637","first_seen":"2026-02-24T14:23:51.062944Z","last_seen":"2026-02-26T17:03:57.797516Z","times_seen":4,"resource_available":true,"data":null}},"time_used":104,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":104,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/__proxy-cms-api/casino/getGames?partner_id=751\u0026lang=tur\u0026is_mobile=0\u0026country=NO\u0026limit=10","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:56.424Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /__proxy-cms-api/casino/getGames?partner_id=751\u0026lang=tur\u0026is_mobile=0\u0026country=NO\u0026limit=10 HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/tr/\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=0; twk_idm_key=1j_Pbe3wZINlDTDhzscRH; twk_uuid_69345a05c4e6ba197aefa96c=%7B%22uuid%22%3A%221.92R1qCgyJWowz2iTiEpRwBM0xZehlrdmh8bxgIdk3R7rbioXvAdL6Ij0M1frbRAs6Dh30m1oA1FRvNd3M7KvvDyVS879Xvfp17FFvDm7hE25401h5GP6zS56Sncq%22%2C%22version%22%3A3%2C%22domain%22%3A%22m-galabet1123.com%22%2C%22ts%22%3A1772117636060%7D\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:54:00 GMT\r\ncontent-type: application/json; charset=utf-8\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS\r\naccess-control-allow-headers: X-Requested-With,Content-Type,Origin,Accept,Accept-Encoding,Accept-Response\r\nset-cookie: __cf_bm=xhyMzHE88.DcNX918Xs.VxPCghmh0oUzedK2Sji_mcs-1772117639-1.0.1.1-qiE8P69Cob7N4dhcYs3Wo6D_yP3JLay2TScu5USc759F9T4OEnElSIuY2.cBy_J.MPE55YoxtNThJv9V64PH9Sc4AsTwjl556JqOkNCf2oY; path=/; expires=Thu, 26-Feb-26 15:23:59 GMT; domain=.betcoapps.com; HttpOnly; Secure; SameSite=None\r\ncache-control: max-age=600\r\nvary: Accept-Encoding\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=50OE32KxyLg17mAbqFrdVde6FWzQvC9Hrgdha9BPM9k2RX4q0hhbBAeofXpXJTEsl6FVaCCrFGiuOskwh9HqiYyBNesrrI6O%2BB1JRcPdtNx8\"}]}\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncf-ray: 9d40465b5c7fe0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":20703,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"905b49a361e611165f3bbedb8f8315c3","sha1":"ec4fe35030bb1504cb813c309e629a2ae2e5aaf6","sha256":"74534389c7f7475e3189f09640e5eac89730392ab5fe114612960f4139794f87","sha512":"51690a01ac6369594a06a87d29fa0b6fae17b057a948ff2e52551164847095d309b4c59db06699b92abb874f9f4530fa6efaa6d9586d16944e0d78b9e04bf637","ssdeep":"384:F5cYY5SFPRy5Rw458bp5k1JK5q1XLJx14v51ar352gpRW5uYR:F5cYY5SFPRy5Rw458bp5k1JK5q1XLJxE","tlshash":"329275291b58fbf66b1b08a118eb3d1ec8ec26a7d545aec14dbed8f841e41c142b12d7","first_seen":"2026-02-26T14:54:53.715006Z","last_seen":"2026-02-26T17:03:57.965914Z","times_seen":2,"resource_available":false,"data":null}},"time_used":3663,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3635,"receive":28,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"statistics.btcoservice27.com/images/e/s/0/388.png","fqdn":"statistics.btcoservice27.com","domain":"btcoservice27.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:58.168Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"btcoservice27.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 09:41:42 GMT","end":"Sun, 26 Apr 2026 10:41:35 GMT"},"fingerprint":{"sha1":"81:21:C1:62:6C:B3:8C:D6:3B:78:1C:03:98:EB:E4:B5:0B:08:13:4C","sha256":"86:BF:9F:A3:FE:30:F5:BD:7B:AD:63:3C:D7:11:72:E8:91:A7:06:23:A8:B5:1E:96:CD:28:18:3E:4C:48:4C:86"}}},"request":{"raw":"GET /images/e/s/0/388.png HTTP/1.1\r\nHost: statistics.btcoservice27.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:58 GMT\r\ncontent-type: image/png\r\ncontent-length: 1167\r\nserver: cloudflare\r\nlast-modified: Wed, 18 Apr 2018 10:41:05 GMT\r\netag: \"37e12c11d7d31:0\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\nx-powered-by: ASP.NET\r\nexpires: Wed, 25 Mar 2026 22:23:42 GMT\r\ncache-control: max-age=2592000\r\npragma: public\r\nx-cache: MISS\r\naccept-ranges: bytes\r\nage: 232215\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nset-cookie: __cf_bm=i7c1ijRg2OyRh5hQAtiyE4msQD3mtTpPTORXKO0tXJg-1772117638.1378634-1.0.1.1-xyM1_V5jjHD5ggbano56DPtKnM.vl40fQGcrkGLNKbupkuF_VoCrJqj0EOliOCSuGWZ6yo_HVR8so03pkZsReX1bRgbClU_iq7I.s3grGwtpRnWlPxEy2Uhwac3aNbgX; HttpOnly; Secure; Path=/; Domain=btcoservice27.com; Expires=Thu, 26 Feb 2026 15:23:58 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6iUmyDCMgGSeTwmbHLrDfGf1fP00SK2CJPgPyyegUE8y6weT71AcZAszN691nqoxhrXy517G%2FjB4Ap9bBYAFCaYLEsnQgGr%2FyOa40wn3kbAOZr2LmHeTCTuUEGk%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d4046665e304c11-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":1167,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced","md5":"4dede86bd6f200b8dd86a70867ea889e","sha1":"06874c698e44e9c4daed9592ff11dc32b2828d51","sha256":"9a06c39bafe9ae19741d470f8008a0572bc72983272fa2bd9cba7fd7a3d2cffa","sha512":"39f1f0aead5c929af1c580e156cd44b92ed409e0e6960d976a2d27797f7d512828b6e269c5e5200cfbe7cfe4da492f9e3e00eb4eaa1f5971b662a826e9868bc4","ssdeep":"","tlshash":"bc2196abb50e9a2ada37451cb47730a4a563338e641ce3c4bf7a512021acd0b8563731","first_seen":"2023-05-28T18:20:13Z","last_seen":"2026-05-22T06:52:51.90158Z","times_seen":322,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statistics.btcoservice27.com/images/e/s/0/452.png","fqdn":"statistics.btcoservice27.com","domain":"btcoservice27.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:58.184Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"btcoservice27.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 09:41:42 GMT","end":"Sun, 26 Apr 2026 10:41:35 GMT"},"fingerprint":{"sha1":"81:21:C1:62:6C:B3:8C:D6:3B:78:1C:03:98:EB:E4:B5:0B:08:13:4C","sha256":"86:BF:9F:A3:FE:30:F5:BD:7B:AD:63:3C:D7:11:72:E8:91:A7:06:23:A8:B5:1E:96:CD:28:18:3E:4C:48:4C:86"}}},"request":{"raw":"GET /images/e/s/0/452.png HTTP/1.1\r\nHost: statistics.btcoservice27.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:58 GMT\r\ncontent-type: image/png\r\ncontent-length: 1284\r\nserver: cloudflare\r\nlast-modified: Tue, 17 Sep 2019 06:25:00 GMT\r\netag: \"fc421a2206dd51:0\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\nx-powered-by: ASP.NET\r\nexpires: Fri, 27 Mar 2026 20:17:18 GMT\r\ncache-control: max-age=2592000\r\npragma: public\r\nx-cache: MISS\r\naccept-ranges: bytes\r\nage: 66999\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nset-cookie: __cf_bm=4JRrNs4gPpOcRY3oEDUZpbDXDskqwzN4SWKFOVlhDTU-1772117638.145583-1.0.1.1-3j6qEMhVL1Ur7.9vzgBSSdTGvymAo1ZZVV1p1wjNYBoLVE5NIx1fztkK5IyrhiipLcMsWw4A_e4knEfOEGJTDrWDaKnoxoeAjpuz4iDZUSZPJlzPCwEN4H2WG.0iT7l5; HttpOnly; Secure; Path=/; Domain=btcoservice27.com; Expires=Thu, 26 Feb 2026 15:23:58 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gQscyHb2nVp9LkcAhnpZWr%2B6c%2B7J%2B0ju0Pjy5JFx2B7rduNG1%2Fq9QwYDxLZBxLloH49CZmrBTA9VbZookscluksHYd6Q9ejpMDr5KSIgcsn9NN2%2FsZlODGR%2FxHU%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d4046666ea14c11-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1284,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced","md5":"eb01c47f5fc2f6565d764b910d430c38","sha1":"77dde85dd0312b92ae6bf95a8f6a1a1399e7335f","sha256":"6a0cb222afd06076ed51176a67853ae68866afa937fba62bde62ae6aedae4c8d","sha512":"1c98fc9deb69e3273c6b3753feda298dfce5e2b37e2735189b186c4a1d27dcea33624de274955281266e45ea5e3f741b12f8111aeccb4939d721edf368d4190a","ssdeep":"","tlshash":"a121fbfa67e44d77bd067e4f0a6a32663626a4fb057453182b6dc01706403414c26e05","first_seen":"2023-07-17T10:48:36Z","last_seen":"2026-05-16T01:11:24.61605Z","times_seen":194,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/firebase-messaging-sw.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:53.632Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /firebase-messaging-sw.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:53 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=3,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"465-gZ9gYVYk8CXRJW78QI2OV2qQnHs\"\r\ncontent-encoding: br\r\ncf-cache-status: EXPIRED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=T%2FXeRH2rMxXsdYBaARwS2LdgeGLfnraujT3sY6hxQUPJul3%2BD43NVLXifNVikeILU9O9UAzlBW%2FtVw0dwmHT3YZ5KY6DxypM4sAciLSlkXps\"}]}\r\ncf-ray: 9d40464a2f22e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":1125,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text","md5":"44b92a7d10cb0970ced5798c2eb1b8ac","sha1":"819f60615624f025d1256efc408d8e576a909c7b","sha256":"a87215bfd90d96fb55335ce2b2411f38074588149c9e896505cb10b250e17e1e","sha512":"75c55da9e8afbd96b6219292c91fb88e01c15d20bafc974028763227220aa042f4b761895d44b0394baae53c225e9b0c109d2eca333aad6b382951a60448e8fe","ssdeep":"","tlshash":"5121cb124be2f8231e4104c7679f32186e290d2507b0f1de61bf56b86b0a57b206bbc5","first_seen":"2025-12-24T22:39:16.149326Z","last_seen":"2026-06-03T04:20:31.962446Z","times_seen":77,"resource_available":true,"data":null}},"time_used":121,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":121,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/pageBuilder/pageBuilderCssConfig.json?v=1772117700000","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:54.516Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /pageBuilder/pageBuilderCssConfig.json?v=1772117700000 HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:54 GMT\r\ncontent-type: application/json\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=x5kAyO1xK88RoCzqgU4P6oYodNrcp%2BfQEICiiyfwA40GB9YrP8jiy3qVvdnnmGenvcdTcJLwykYws98GbgHH56%2Fr5QFyA77FJ2KSfzN2IsVb\"}]}\r\nx-powered-by: Express\r\nx-cache: HIT\r\netag: W/\"115-/4ZOdO5b3KpOnXEwZOyebX8afDM\"\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncf-ray: 9d40464fb897e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":277,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"b840efc6276e4fd17616273698453549","sha1":"ff864e74ee5bdcaa4e9d713064ec9e6d7f1a7c33","sha256":"01976b4e4832d5fbf632314e6b12424691dce201138109710061a398178dad89","sha512":"35bb7dc6b4e44da9f15700eeebe04d122ddfdf41af0834f0329169c0fd98d3a9de79ca9c879d92f1727985ca07ad519870af961ba75a865a898cdc2d5035fd6c","ssdeep":"","tlshash":"c0d02b119679cf52235a51b2028becc1641bf207118086896485e2bd70c96581993f24","first_seen":"2025-12-24T22:39:16.255341Z","last_seen":"2026-04-04T19:51:35.016652Z","times_seen":24,"resource_available":false,"data":null}},"time_used":72,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":72,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1052.com/svg/JackpotMania.json","fqdn":"icons.galabet1052.com","domain":"galabet1052.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.716Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1052.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:14:03 GMT","end":"Sun, 24 May 2026 11:13:59 GMT"},"fingerprint":{"sha1":"3B:14:63:FD:4D:69:AD:3E:AE:90:AC:62:75:5F:1C:3B:40:70:81:66","sha256":"67:D1:79:82:FD:52:DC:63:91:45:A6:57:3E:F7:D3:BE:95:EE:80:07:4E:A0:E0:43:F1:1C:9D:1B:E1:2E:48:79"}}},"request":{"raw":"GET /svg/JackpotMania.json HTTP/1.1\r\nHost: icons.galabet1052.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m-galabet1123.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nlast-modified: Mon, 30 Jun 2025 11:10:26 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=HsUFmv.gXgHGN3Ai1hVh8spCYcCrux0UtxcUXjfqngg-1772117635.8122954-1.0.1.1-oCM28O5rZZlATfx_zUt2jeGSfkjGnhtGCWYs.p6QbyxOjH0CMZI4AoDdWVKo3KMyt8D99KbCqjPm.1OOm1cxvYBSuL31u4sWjCAenlpriSYIEQb7r8gYgI3pg0poi_tw; HttpOnly; Secure; Path=/; Domain=galabet1052.com; Expires=Thu, 26 Feb 2026 15:23:55 GMT\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vqD%2FoJA84Dkq6%2FnBED%2FMt%2BqmOTeSS0QjRoHm7Bo84exqZ9j%2B6FKmS35Kc0b6uO%2FZ7I5v6ygxu88yK1ty7EjmUkZAE3DBlU%2FO%2Bn%2Bah4Q%2BN72sGSw8aQ%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\netag: W/\"686270a2-1796\"\r\ncontent-encoding: br\r\ncf-ray: 9d404657db2e4c11-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6038,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"829680ca0f2f9d1f5faae192e8e40d75","sha1":"cb4c7ee7795a21eddbe36de36ff6c2e16e5f87cc","sha256":"05bca82b332ce5b8d3ab2c1e26331babd5f33d3ba924bf3e2b63b7fe44f8ed79","sha512":"173fad7120aeaf6cb2f7fb730a95b9af4587cb8804d09fd8a506e5eda8eeaa02d828a05e4c4e34bcc56f542e68abe6443792c891cfc8f2eebea59e21388b7a90","ssdeep":"96:NqjNrGLUu6fBaLQk9p0ZG7mi47U8/UA+5pRxq8uK/DUUt2TEojLdK7HiBe4I4erG:YprGYdqQkQE7mAQUv5p3q+DUU0Xqio3a","tlshash":"aec145fafb75a0f96ec753cadf223e3d79495d3d9e618794512e9a8907439c803018d0","first_seen":"2025-10-24T05:32:28.41634Z","last_seen":"2026-06-08T11:36:24.209341Z","times_seen":49,"resource_available":false,"data":null}},"time_used":198,"timings":{"blocked":-1,"dns":22,"connect":3,"send":0,"wait":91,"receive":0,"ssl":55},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1052.com/svg/X50Wheel.json","fqdn":"icons.galabet1052.com","domain":"galabet1052.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.717Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1052.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:14:03 GMT","end":"Sun, 24 May 2026 11:13:59 GMT"},"fingerprint":{"sha1":"3B:14:63:FD:4D:69:AD:3E:AE:90:AC:62:75:5F:1C:3B:40:70:81:66","sha256":"67:D1:79:82:FD:52:DC:63:91:45:A6:57:3E:F7:D3:BE:95:EE:80:07:4E:A0:E0:43:F1:1C:9D:1B:E1:2E:48:79"}}},"request":{"raw":"GET /svg/X50Wheel.json HTTP/1.1\r\nHost: icons.galabet1052.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m-galabet1123.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nlast-modified: Mon, 30 Jun 2025 11:10:25 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=981V27_iXkhGmPuCQS45eNjkQuYa3vjzaQphqgN93f4-1772117635.7912984-1.0.1.1-0l4BSSmLS3CJFok8awruY.kJUa_iHXFJ.vtPEWmr4.U63ZOW1Za4Zfk0yE6OCIwpm7rO9Ie3D5Q6ExeBkBaCwdMYLYwTQUqmKewre8v60sGvSXUzp9y9wkOwgWoRXii5; HttpOnly; Secure; Path=/; Domain=galabet1052.com; Expires=Thu, 26 Feb 2026 15:23:55 GMT\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Kgf6DcVgT%2FtxLRdvs1KNpu6hRiBYBAZmk7th3WkCd2SWLlezaED%2BfAARC%2FHr6w39dYsVBt60iB0cqbz%2F17IwuzFFY8kUvWNcOBvGmk0I%2FA9Lk%2BlBQA%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\netag: W/\"686270a1-65a\"\r\ncontent-encoding: br\r\ncf-ray: 9d404657ba8a4c11-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":1626,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"6a4e68d64ae400253c8553f277334db0","sha1":"9f4421a8ee6dbd94b15c62098a2808e7a9df443a","sha256":"c7d0844a8e2c9ee547a4b9c4927823c95fca71407aab9cfa85bc1175c01fc1e8","sha512":"3472f7072defa5f4f70e595969443c4310d2f86be210449dbebb88defac139a9bd68503f7cefce592b93b10f0910846e815b72ea960c2809326f390e1c0566cc","ssdeep":"","tlshash":"ba3122f5fff1ceb64c9413bf3a148ea82595c02d8e618b58c83a4d98215383c9f502aa","first_seen":"2025-07-09T12:38:57.780257Z","last_seen":"2026-05-19T18:11:41.346853Z","times_seen":162,"resource_available":false,"data":null}},"time_used":160,"timings":{"blocked":69,"dns":0,"connect":0,"send":0,"wait":91,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/bookingBet-BkIiazay.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.832Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/bookingBet-BkIiazay.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m-galabet1123.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=4,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"ed4-JuAEV1waNGxRCuW+OiVFSJx+X5A\"\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MRKFXpF3naz8PqM5pDcpBkmxLwGpHHCCqejqQRhymnzHQbepjJs2%2BErtQnKah8cTMrtOdHz8RdQZnP64lHRwy2g9qG016Aq9sK%2Bk2xgRfHxm\"}]}\r\ncf-ray: 9d404657cb02e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":3796,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (3795)","md5":"ff9453e086df71df36b0074794be5555","sha1":"26e004575c1a346c510ae5be3a2545489c7e5f90","sha256":"5d233e99dd55cbd6c4a6acd81c566dee1cb146166fc41726489d64c6b6a5ed0a","sha512":"309c579276d7680b59861354b688536af34279823f9396e3c5f122059ac7c50ea0b93cf70bf48989a7bf66a9915f7ddf366e722d109c72137e49752c1e6f92a9","ssdeep":"","tlshash":"2a71e664fd2090be67f2317df4de7b426b2c4ba871a19a40fb6b9d0841848cbb534638","first_seen":"2026-02-24T14:23:51.288648Z","last_seen":"2026-02-26T17:03:57.896099Z","times_seen":4,"resource_available":true,"data":null}},"time_used":113,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":113,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/InternalDataspotTracking-DB2Ht68F.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.876Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/InternalDataspotTracking-DB2Ht68F.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/assets/index-Dm17uEDJ.js\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=1772117635494; twk_idm_key=1j_Pbe3wZINlDTDhzscRH\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=3,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"f66-7nzjmPMHKKxUpAXaSrEXvMWmk+k\"\r\nage: 0\r\ncontent-encoding: br\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=w9R8ME9IxHe0sxz5RIKTWsR9%2BlCs1wBa%2B8Esp%2BOln1Inq70knV1aFYNFxcNpG%2Fi1IZerYWwdGwMLDgJ8bjx%2FbQtdnT0LA5UgR1cGk2D9sK7m\"}]}\r\ncf-ray: 9d404657eb2be0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":3942,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (3941)","md5":"28d8d80edd5ad66eefb0fc684755c355","sha1":"ee7ce398f30728ac54a405da4ab117bcc5a693e9","sha256":"2e8b31d05474087678a43335a1ae8e9257fe9a1a690b7d7fbe36e74c4d12c5f2","sha512":"c7a4ae165f4e0f5bf2b1331d3881ef08b3940022b8a5a9319657b7ede16edfdb12b37f16020ee2bb3ba6f2e1e7a7ee9064c197d5c51b121be530edba74832e5a","ssdeep":"","tlshash":"f681741fd83c08b070a0cad9583bc957857d3cc9a590d8f06037de6a660fe09d6f1a9b","first_seen":"2026-02-24T14:23:51.294039Z","last_seen":"2026-02-26T17:03:57.827934Z","times_seen":4,"resource_available":true,"data":null}},"time_used":88,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":88,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/InformativeWidget-BAwOKhPq.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:56.389Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/InformativeWidget-BAwOKhPq.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/assets/index-Dm17uEDJ.js\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=0; twk_idm_key=1j_Pbe3wZINlDTDhzscRH; twk_uuid_69345a05c4e6ba197aefa96c=%7B%22uuid%22%3A%221.92R1qCgyJWowz2iTiEpRwBM0xZehlrdmh8bxgIdk3R7rbioXvAdL6Ij0M1frbRAs6Dh30m1oA1FRvNd3M7KvvDyVS879Xvfp17FFvDm7hE25401h5GP6zS56Sncq%22%2C%22version%22%3A3%2C%22domain%22%3A%22m-galabet1123.com%22%2C%22ts%22%3A1772117636060%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:56 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=3,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"43f-vAppp6uZ211eglVg1BBFVnEyye8\"\r\nage: 0\r\ncontent-encoding: br\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vO1hUE511NU65x3n9WUum0u%2F6Js7HDYHY%2Bf5IP98x%2FlfY8%2FZPzhzb3rhtwGKMKt%2Bl8jQl9eGoL6Ysu1Pk4EokZ2oeOLfGdDgh5GcH5%2BzG%2FVA\"}]}\r\ncf-ray: 9d40465b3c4de0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":1087,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (1086)","md5":"bfe68e52383a846bcc852d13693ec99a","sha1":"bc0a69a7ab99db5d5e825560d41045567132c9ef","sha256":"ad6a0e54fb28450de78b863bf168d8664be8ae14ffd118032cc0dbb0aaf41642","sha512":"bbbe591918823d2e09b2fb24ebed7a12934e6d15f40e2f5ffedbf4eeeb766157ebf3346da3b0bc7421b552d4376106ca98b5184aa01a99e89893473d5889a48a","ssdeep":"","tlshash":"ca117947f550d5bdf0354dc44616d0946d212dd4df39d4e998f57008a83410bb6db7ad","first_seen":"2026-02-24T14:23:50.926006Z","last_seen":"2026-02-26T17:03:57.765598Z","times_seen":4,"resource_available":true,"data":null}},"time_used":109,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":109,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/JackpotPoolDetailsItem-DOBnH8RK.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:56.764Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/JackpotPoolDetailsItem-DOBnH8RK.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/assets/JackpotPoolsWidgetContainer-CG5gkeJb.js\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=0; twk_idm_key=1j_Pbe3wZINlDTDhzscRH; twk_uuid_69345a05c4e6ba197aefa96c=%7B%22uuid%22%3A%221.92R1qCgyJWowz2iTiEpRwBM0xZehlrdmh8bxgIdk3R7rbioXvAdL6Ij0M1frbRAs6Dh30m1oA1FRvNd3M7KvvDyVS879Xvfp17FFvDm7hE25401h5GP6zS56Sncq%22%2C%22version%22%3A3%2C%22domain%22%3A%22m-galabet1123.com%22%2C%22ts%22%3A1772117636060%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:56 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=3,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"3803-0t3mrE+I6Wl1MbazqG0GOCgKFrU\"\r\nage: 0\r\ncontent-encoding: br\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CuFE4GcaJpaUK9fd1%2BfNqkblwQBLZARemMyuGoFff7UsDnZq8IEKYq3dgrb3EELUAc28X4WjxeCSN4hUeIVO4jyFAunovG3Pi9DFvRih8JtK\"}]}\r\ncf-ray: 9d40465dbd4ce0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":14339,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (14338)","md5":"3889e481ab1adf9f96a132846c0801d3","sha1":"d2dde6ac4f88e9697531b6b3a86d0638280a16b5","sha256":"64d0d773fcd389193d64f215cd0bc6f25d7bccef8282d0fcd309aa7298595108","sha512":"b4e0162884cabb644a2fdd77844e44fecf63b090206b2739478fe152ec719ea2cbe19be56520249c097335a5951319d25dfcb62c62c23c3f400b083fd9578f0c","ssdeep":"384:xm6srKqqF3EjFOFEGOpOpeHMtGRxeG/PcyKxV6baPFFWB:xmB7CEGOpyts/UofB","tlshash":"5a524c05f012f7edbca954f7487ee0687a5e1aa9c71808acd1bd6c313d2c455760bbac","first_seen":"2026-02-24T14:23:51.244561Z","last_seen":"2026-02-26T17:03:57.821746Z","times_seen":4,"resource_available":true,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/dynamicallyStructuredPages.json?v=1772117700000","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:54.515Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /dynamicallyStructuredPages.json?v=1772117700000 HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:54 GMT\r\ncontent-type: application/json\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Mv4Z3OLdK1bE1XywN5ukkhfv7r%2BtogtPGAZ6UBtxq2OC5GI%2BUb3oESmoHZ%2B9mw3hxWvsKtqOUO3VHjhyB%2B3ryl3BEk96Twnam0GicYuXlyYg\"}]}\r\nx-powered-by: Express\r\nx-cache: HIT\r\netag: W/\"2fc-kUiJY6kVdVRjg3WtqCHEu0SxLdI\"\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncf-ray: 9d40464fb895e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":764,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"61ff5ed77b867ea7b436a21eb8e5ab4e","sha1":"91488963a9157554638375ada821c4bb44b12dd2","sha256":"8329002355bc98821e6757dc86bd87104c3f79ab3fa48db2435c5d3baf0ec870","sha512":"e93a660a89166b2b4f17735c7ed67f95b3b333006596634a735da5159f605181c8a74bffe6924a82feef888aea5bab127c2aaf77685cd27efbd0d71b9d888456","ssdeep":"","tlshash":"2001493d3c10ceb4f7a08862d58167809992e576c7880c5c2cdeeb19c3ad24e1441b7b","first_seen":"2025-05-24T17:16:20.011585Z","last_seen":"2026-06-08T11:36:24.275836Z","times_seen":2738,"resource_available":false,"data":null}},"time_used":73,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":73,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/GameSuggestedEventsWidget.B3VqF5zK.css","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.655Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/GameSuggestedEventsWidget.B3VqF5zK.css HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=1772117635494; twk_idm_key=1j_Pbe3wZINlDTDhzscRH\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: text/css\r\npriority: u=2,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"1ee-X27EksX9+CXe1JEPOARmuyOlAzI\"\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bf6LteMRv7mNs8%2FNnUjCzlD04Ajp6jeeBTTY7uy%2FfgiVeU9O5HA9WQmFzqKaPsa8Io5Aut2T%2B%2BETGJZoYvSxC1GNMSp13SfvmigmEw82pKwe\"}]}\r\ncf-ray: 9d404656eab4e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":494,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (493)","md5":"3d3f0fe9e1a11530bcc5b93d9a483aa6","sha1":"5f6ec492c5fdf825ded4910f380466bb23a50332","sha256":"bee73c23ba614c70cddd4a90715357b4e5247e83db72e74289f80e59f6349fc9","sha512":"3fe221c3be766eda2e1f32ce4d86509e3766421cde94b5098cce1e9a4dd253c550901190f197e517d10e96322ac66e357e727e78382480d92bad2d1efd53d670","ssdeep":"","tlshash":"a0f0e9218f34ed35a4ac03ed2a77005a5760e195bc5039f86fe1bf158a087e61ce82cf","first_seen":"2025-08-13T22:32:23.57413Z","last_seen":"2026-04-29T13:47:02.73876Z","times_seen":41,"resource_available":false,"data":null}},"time_used":119,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":119,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/DisabledMarketEvent.BUY5t_rR.css","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:56.392Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/DisabledMarketEvent.BUY5t_rR.css HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/tr/\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=0; twk_idm_key=1j_Pbe3wZINlDTDhzscRH; twk_uuid_69345a05c4e6ba197aefa96c=%7B%22uuid%22%3A%221.92R1qCgyJWowz2iTiEpRwBM0xZehlrdmh8bxgIdk3R7rbioXvAdL6Ij0M1frbRAs6Dh30m1oA1FRvNd3M7KvvDyVS879Xvfp17FFvDm7hE25401h5GP6zS56Sncq%22%2C%22version%22%3A3%2C%22domain%22%3A%22m-galabet1123.com%22%2C%22ts%22%3A1772117636060%7D\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:56 GMT\r\ncontent-type: text/css\r\npriority: u=2,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"2c4-BlCcUkj/wUUFtw/bsj+lE5hutQw\"\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=c11xCAUq5RoJ9U%2BEkBj0V6zvFvk%2FCcwkDpYZOSuys8Htd6TamLPC9MCgPS699ferrgo%2FpUXpjKY8USqUeV4RyNH6fjDwBSMqrHdWndcuMkQ%2B\"}]}\r\ncf-ray: 9d40465b3c55e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":708,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (707)","md5":"c0742f5af30b5e1ab1e9e3184a8d4adb","sha1":"06509c5248ffc14505b70fdbb23fa513986eb50c","sha256":"4b6712623061506cf21b8296602cd61def3d0a81b5cee16bd0d245e7275715df","sha512":"7050ab375c9e4b209bda0bd7ce449e76da69f00d56d7a9504a52eef1e36fabfb8b36f9f560d810edb4522247e15d17cf736e929f40503802df2035007d1494ab","ssdeep":"","tlshash":"4701d4c4f98a25344c3a9d0c9abc8fee560a93705ca15d33789a113a4bce08a4a20d26","first_seen":"2026-01-18T14:34:50.585531Z","last_seen":"2026-06-08T11:36:24.478587Z","times_seen":490,"resource_available":false,"data":null}},"time_used":102,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":102,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1052.com/storage/medias/galabet10/content_751_0670e1e298db4e3676c189eae3bf7645.webp","fqdn":"icons.galabet1052.com","domain":"galabet1052.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:57.793Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1052.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:14:03 GMT","end":"Sun, 24 May 2026 11:13:59 GMT"},"fingerprint":{"sha1":"3B:14:63:FD:4D:69:AD:3E:AE:90:AC:62:75:5F:1C:3B:40:70:81:66","sha256":"67:D1:79:82:FD:52:DC:63:91:45:A6:57:3E:F7:D3:BE:95:EE:80:07:4E:A0:E0:43:F1:1C:9D:1B:E1:2E:48:79"}}},"request":{"raw":"GET /storage/medias/galabet10/content_751_0670e1e298db4e3676c189eae3bf7645.webp HTTP/1.1\r\nHost: icons.galabet1052.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:57 GMT\r\ncontent-type: image/webp\r\ncontent-length: 174590\r\nserver: cloudflare\r\nlast-modified: Wed, 18 Feb 2026 11:33:43 GMT\r\npriority: u=4,i=?0\r\netag: \"6995a397-2a9fe\"\r\nexpires: Thu, 05 Mar 2026 14:53:57 GMT\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nset-cookie: __cf_bm=inIEmlV5I377VXkhk67W4zY0pSeq69L88tfmHeU6gGM-1772117637.7913258-1.0.1.1-OLR4ukYTgXRLs3XWhV4wNhfDVlxUMq4rXrCzQkPfhK0.uEtV4_qgaIH5wQhQvbvkUG0VyiD98.omUfEM8.lK7ac22YMWJPU4EBSzB3U9fVCeetkSJWBh_FvQ4bPidmUC; HttpOnly; Secure; Path=/; Domain=galabet1052.com; Expires=Thu, 26 Feb 2026 15:23:57 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Gj3%2F1E49dcqUyNtkR61t8GesnTbKJcM%2FTeSS4FSDPq99uhvBBPBJXkBruRh63Ib6nlAaS1kRwHgiA8bKPoN%2F86yOfjl5BD%2FgbUsCnFFk03M6y8k7cg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d4046643cdb35a6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":174590,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 2600x662, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"99388d47d1982024e2f2f097c808dee9","sha1":"277197d758908a3732f728a80c9048b3807db603","sha256":"74875b31d103f55d0c7d90e1c78d2173afe25299d470fce8a4b6343fe218a29c","sha512":"7e6a8080ce3447e1798e68f5e65726d16d3b7f68a9c244fa6bd0222d766f24097ca8321dcfdc1fd27d4f98f31ccf3d18e9dc352b1adc3651d371156b2c449c60","ssdeep":"3072:CSntruqJH6zGWJ1rTex7Yr1S0A5uZA//Cu6GkCf3ceozglZmcsC2JHSmZokIE:CShu6HiGWjrix6S0A4ZAXCu6xC0eoU7s","tlshash":"e204133a97c7451f0f2e65fd198d60348bb85843299c7b28d82ff16797d0be0b8c4a46","first_seen":"2026-02-24T14:23:51.320746Z","last_seen":"2026-02-26T17:03:57.983564Z","times_seen":4,"resource_available":false,"data":null}},"time_used":116,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":48,"receive":68,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statistics.btcoservice27.com/images/e/s/0/406.png","fqdn":"statistics.btcoservice27.com","domain":"btcoservice27.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:58.047Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"btcoservice27.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 09:41:42 GMT","end":"Sun, 26 Apr 2026 10:41:35 GMT"},"fingerprint":{"sha1":"81:21:C1:62:6C:B3:8C:D6:3B:78:1C:03:98:EB:E4:B5:0B:08:13:4C","sha256":"86:BF:9F:A3:FE:30:F5:BD:7B:AD:63:3C:D7:11:72:E8:91:A7:06:23:A8:B5:1E:96:CD:28:18:3E:4C:48:4C:86"}}},"request":{"raw":"GET /images/e/s/0/406.png HTTP/1.1\r\nHost: statistics.btcoservice27.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T13:34:10.574604Z","times_seen":16240797,"resource_available":true,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statistics.btcoservice27.com/images/e/s/0/456.png","fqdn":"statistics.btcoservice27.com","domain":"btcoservice27.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:58.166Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"btcoservice27.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 09:41:42 GMT","end":"Sun, 26 Apr 2026 10:41:35 GMT"},"fingerprint":{"sha1":"81:21:C1:62:6C:B3:8C:D6:3B:78:1C:03:98:EB:E4:B5:0B:08:13:4C","sha256":"86:BF:9F:A3:FE:30:F5:BD:7B:AD:63:3C:D7:11:72:E8:91:A7:06:23:A8:B5:1E:96:CD:28:18:3E:4C:48:4C:86"}}},"request":{"raw":"GET /images/e/s/0/456.png HTTP/1.1\r\nHost: statistics.btcoservice27.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:58 GMT\r\ncontent-type: image/png\r\ncontent-length: 1061\r\nserver: cloudflare\r\nlast-modified: Sat, 09 Apr 2016 09:04:21 GMT\r\netag: \"2e222cce3e92d11:0\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\nx-powered-by: ASP.NET\r\nexpires: Fri, 27 Mar 2026 20:17:18 GMT\r\ncache-control: max-age=2592000\r\npragma: public\r\nx-cache: MISS\r\naccept-ranges: bytes\r\nage: 66999\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nset-cookie: __cf_bm=H7B1CDaVvGF40YPTipnZCMwCovU0y.rtq1tQfgS46qo-1772117638.1342106-1.0.1.1-_bAzY6jp.meDvOuprPTb9UmP_hvLOOOz1wsxRyMRhXY_KiV0QnqHSMttOShkSgImogD8RtPOdlijU1WnkMHySiHDjFEMBMTWs0oXy.WTtVC87sQCHjhHLtJCeYYZho_G; HttpOnly; Secure; Path=/; Domain=btcoservice27.com; Expires=Thu, 26 Feb 2026 15:23:58 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=OchzoIjs%2FqgIpbXeUP%2BGSXuceX4uFUzQYYRiWP7SfAN0E%2Brv1oJXH4FM74XctlfRdMK47%2By1eixOHLK0gI7ACutquPR0DlDfAAmeWUiKxsCgwpAR8%2BPn6yoryac%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d4046665e144c11-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]}],"data":{"size":1061,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced","md5":"dc142b4286c2f4c542da122edb7851e9","sha1":"d20c2d8239843bf6425c414ddc5482e59a591a54","sha256":"0af21af658044292876f71a35dfe316b9dbef457850d6c671c617e06ec680da6","sha512":"d2c1775972d49129037507f0a17113ca9f42997707fbd705b018a87dd57bc4758b6942602fee3c9dfb2faee3baf26b174d16f4d6dbde638770625ea2a66467a1","ssdeep":"","tlshash":"6c1186d2bdf8302da5a8212bea435d95a591736526931844af59ea1c0307d48c487594","first_seen":"2023-11-25T15:41:35Z","last_seen":"2026-05-08T19:17:56.083287Z","times_seen":204,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtm.js?id=GTM-WL4QZ2GQ\u0026gtm_auth=\u0026gtm_preview=\u0026gtm_cookies_win=x","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.178.72","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:54:02.361Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:36:44 GMT","end":"Mon, 27 Apr 2026 08:36:43 GMT"},"fingerprint":{"sha1":"60:4D:15:F0:37:85:71:03:3A:5F:40:31:C7:D1:01:D3:83:25:3A:02","sha256":"67:C0:9E:02:17:D8:19:0D:DC:84:B7:81:9F:AA:72:31:D5:26:0D:A6:E0:AB:41:AD:C9:26:05:57:7C:19:35:3A"}}},"request":{"raw":"GET /gtm.js?id=GTM-WL4QZ2GQ\u0026gtm_auth=\u0026gtm_preview=\u0026gtm_cookies_win=x HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Thu, 26 Feb 2026 14:54:02 GMT\r\nexpires: Thu, 26 Feb 2026 14:54:02 GMT\r\ncache-control: private, max-age=900\r\nlast-modified: Thu, 26 Feb 2026 12:00:00 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 125050\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":383074,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (25267)","md5":"51d980ed0519e3393b722f982c4a18ca","sha1":"f20e020835fd8b748c9b72fe55da4b9ed66eea31","sha256":"0b802ece8599be19c07c2b77ced60170b41b868d4cbe817e54ad9ed45cb6a9ee","sha512":"abf8767fbcb35823f058b50bd1c34b972ba5e2e25c46bac244bcc34afce1c36124737b66fa288971f8e53c5c82c2f03f1b4364d4eccb06f17aed74ce825da546","ssdeep":"6144:o95ukIVdclYZfJDbvGj8JLgoQ99orRUO+N8h14+c:o9BY+lYZfJPq8ON8v4p","tlshash":"c78429cdb7d6b46643a3a478403f014bb17a28e2b84cd894f186d8d42e70aae5177f7d","first_seen":"2026-02-26T14:54:53.726415Z","last_seen":"2026-02-26T14:54:53.726415Z","times_seen":1,"resource_available":true,"data":null}},"time_used":123,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":60,"receive":63,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1052.com/storage/medias/galabet10/content_751_fec0ce3fb838228909c143d4c2cd0907.webp","fqdn":"icons.galabet1052.com","domain":"galabet1052.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:54:02.526Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1052.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:14:03 GMT","end":"Sun, 24 May 2026 11:13:59 GMT"},"fingerprint":{"sha1":"3B:14:63:FD:4D:69:AD:3E:AE:90:AC:62:75:5F:1C:3B:40:70:81:66","sha256":"67:D1:79:82:FD:52:DC:63:91:45:A6:57:3E:F7:D3:BE:95:EE:80:07:4E:A0:E0:43:F1:1C:9D:1B:E1:2E:48:79"}}},"request":{"raw":"GET /storage/medias/galabet10/content_751_fec0ce3fb838228909c143d4c2cd0907.webp HTTP/1.1\r\nHost: icons.galabet1052.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Feb 2026 14:54:02 GMT\r\ncontent-type: image/webp\r\ncontent-length: 49090\r\nserver: cloudflare\r\nlast-modified: Sat, 23 Nov 2024 09:10:12 GMT\r\npriority: u=4,i=?0\r\netag: \"67419bf4-bfc2\"\r\nexpires: Thu, 05 Mar 2026 14:54:02 GMT\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nset-cookie: __cf_bm=6GAZbQmqM31N7JXHaBFxFNoTnD5oFdKnk.7nFPp1Rf4-1772117642.5319834-1.0.1.1-MkJBUbNvFFBBNKu7OEPiyPP1iZCqeyfHMk3l8AqAZrI8RFhBjGjoQ7OemXTczstyKUHC8VBqEcszLIklvNE8T6MFBRIgi2_oqPJwh9xmiOPmnPd19YMd4a76xmewVTvl; HttpOnly; Secure; Path=/; Domain=galabet1052.com; Expires=Thu, 26 Feb 2026 15:24:02 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=d72W%2BPz98iVejBmMnYjwgts1S6i3GcNFbWHU%2ByJZYvCw4JOPR2j3cmQNoTy4cuG6hO9VQKsZcbDpuZNudF8wODdGDOS69rHRV%2FILYgvVnV%2FevQqQJg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d404681cc1335a6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":49090,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1600x160, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"554a6a60b6ffca448ba10b49245ef022","sha1":"ba0918260a1d0c6637a1aacbceb9e00ae51426f4","sha256":"072b206ca7103452a85057bb9b4e7cef928ab648bca6458ac244f8ef86be5d9b","sha512":"79847851f93587d1aea114fc35dbd63b6b3882e932bb5469240f4fc2f28a01a866e883ad3440cd0ea3c641210821304a34031889973a3c0d3d75df70982baef7","ssdeep":"768:F093GeFzB7B+3nq/0hWz3f2O8euie3REnwUuaXPdTBvETOP2x1RkILzP+81dzNI1:F0NjFzeachqJleBEwUTETOux1KQ28dZ2","tlshash":"e9230233c0f23a3c236f235e6f4f4be42998a54ec7a79158a8428737631f0944f995da","first_seen":"2026-02-24T14:23:51.345694Z","last_seen":"2026-06-06T23:43:56.099179Z","times_seen":37,"resource_available":false,"data":null}},"time_used":125,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":51,"receive":74,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/localConf.json?v=1772117700000","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:54.513Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /localConf.json?v=1772117700000 HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:54 GMT\r\ncontent-type: application/json\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RHmWNKqqW0ZiepAXa2xTE%2FuOvB%2FeTwu9wa%2BKVEAY0lyYEhoWQ%2B2BDyAeJGAutVJOkdM4mFDyPgOXMvASuaxlxOgsCB4yT045Ftb%2F0u9Owx6O\"}]}\r\nx-powered-by: Express\r\nx-cache: HIT\r\netag: W/\"1177-VN35mVLPmw+r2CmSgSUCavRXJAw\"\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncf-ray: 9d40464fb894e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":4471,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"b406e9c7fcaf80e5ab91f27ea0f0294c","sha1":"54ddf99952cf9b0fabd829928125026af457240c","sha256":"a327cfe81199467e7773a331449db596ff5a5da012ace64d4ae1889c757bdf15","sha512":"50bb2149cb4177578ffd52d275d2f399922cf5dc4fe93ec9e32b840532d1dc7cbf148a136fc965a7e353fab249d5849f33dba3146a47b9f8053a574661b71f4d","ssdeep":"48:YuTyTbGhzyQnA8qA+9nIok/we+NPhwxbwPAjgCfk/wWp3Copi279lMFDQJSLhHan:xu2ByQA8qAHTwAsAjgCuE56szUn","tlshash":"7391cc9d31458cfec75eeac3788b679f3042811387982c06c27cef4c5676f19650a2ab","first_seen":"2025-12-24T22:39:16.189594Z","last_seen":"2026-06-03T04:20:31.881043Z","times_seen":82,"resource_available":false,"data":null}},"time_used":74,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":74,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/if-defined-CWaLTnLW.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.523Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/if-defined-CWaLTnLW.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m-galabet1123.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=4,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"cff9-3CQS8BSHCmzdXT/mRzShI3Ky5mw\"\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8xjqIm%2B07WSkkKayXGg0eO0F%2BtnHyK%2FX7LHVyoslV9Gbrw2K2ZFJ8yIx0Ucqej9EPraN%2BHSgQLPhAy2sSjyqhersfyuP0ARiF0rFqWg4C9Xe\"}]}\r\ncf-ray: 9d4046560a84e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":53241,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (18566)","md5":"a3b110c47aadc250e8c08286a3927c90","sha1":"dc2412f014870a6cdd5d3fe64734a12372b2e66c","sha256":"ff1673476716b35b4481265e15bbbf19e034f23574e163b4f79ab7e39ee93d55","sha512":"a4b3491b2b16d7c8346d302b6c57643dfd39947c2bd5292310d2f86940fd9980430abd20062b49151f9417afc5d133f9056f0da838e0afe5e1c0b3b561b5580e","ssdeep":"1536:vMetjKG9nc1EM27QiZmqog9o/LxGRbVkT68QEC07G8:v5UZg9o/LxGRbVkT68Qup","tlshash":"203308d472d671a243d386e5843b001bf3753824382d846cba2de9dbbd35a4691bbf39","first_seen":"2025-06-12T05:59:20.504038Z","last_seen":"2026-06-06T21:30:11.633829Z","times_seen":639,"resource_available":true,"data":null}},"time_used":151,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":102,"receive":49,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/ButtonWithAction-CMXROGdJ.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.866Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/ButtonWithAction-CMXROGdJ.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/assets/index-Dm17uEDJ.js\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=1772117635494; twk_idm_key=1j_Pbe3wZINlDTDhzscRH\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=3,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"10b-eXiXj8eKnnTH7LYARpecfsMqjug\"\r\nage: 0\r\ncontent-encoding: br\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gOv9AwwSUQFbJeDjUIpx4c%2F25Lk6wMYCslnGZyx%2F%2BVKlH5v2LmnTqV%2FffwZpjkF47Hne2I4L8QF6OfW%2BmjZtFshKBsRpVFGjWiGJSv4NQS6Z\"}]}\r\ncf-ray: 9d404657db20e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":267,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text","md5":"bf13c23ae777d4ece9a23dfcef5f8289","sha1":"7978978fc78a9e74c7ecb60046979c7ec32a8ee8","sha256":"19d6a58feecc49b55a1436e210bd8ca17e7780ef68dc2a3ca293af206cf4e296","sha512":"4c2c9eb3a48494f7983f30743d92ed973b84bffe515172c826831ebfa850de894088e30b0a294a845ba0ffb278d2853b40a5035198d4925c83482e2a33a3dc11","ssdeep":"","tlshash":"67d0950f98c1d2f503c1ff90512bc1112e16ada0f7e4c551c08d54543e3165ac42e637","first_seen":"2026-02-24T14:23:51.062944Z","last_seen":"2026-02-26T17:03:57.797516Z","times_seen":4,"resource_available":true,"data":null}},"time_used":87,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":87,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/withPanelButton-h06qeZmb.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:56.426Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/withPanelButton-h06qeZmb.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/assets/ButtonWithAction-CMXROGdJ.js\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=0; twk_idm_key=1j_Pbe3wZINlDTDhzscRH; twk_uuid_69345a05c4e6ba197aefa96c=%7B%22uuid%22%3A%221.92R1qCgyJWowz2iTiEpRwBM0xZehlrdmh8bxgIdk3R7rbioXvAdL6Ij0M1frbRAs6Dh30m1oA1FRvNd3M7KvvDyVS879Xvfp17FFvDm7hE25401h5GP6zS56Sncq%22%2C%22version%22%3A3%2C%22domain%22%3A%22m-galabet1123.com%22%2C%22ts%22%3A1772117636060%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:56 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=3,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"441-LWBOtd77nT3oKQgrlf/bFPUt0tI\"\r\nage: 0\r\ncontent-encoding: br\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=L3ntbsejHrPckLtihKaQUm7AK4yBOvteNk%2FBTO7PNoUiqriEOPedarHpN%2F3uqk%2BStTpw9BGbPi8z4hE19c3GOL0OhFxraibVHQUpvMjOJ%2Bml\"}]}\r\ncf-ray: 9d40465b6c82e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1089,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (1088)","md5":"dc9a073bc116168bb1ccb3db6362b167","sha1":"2d604eb5defb9d3de829082b95ffdb14f52dd2d2","sha256":"b2a956b6195a69a32dceb99f54f6ed7835b54ec4a5c855ca7bdedd26536e97b1","sha512":"05c7a6f302c209e94029ef151d80b3ee05d9d20e6398ec5a3515584fe9bdab6cc7a305803e23110d3233ef57f2925ace9d82d67f74be4b530563b2f9a809fa8b","ssdeep":"","tlshash":"5311fce5f584a9b2e0c41188577b2cb6759a32c9dce114d031b6c8ea5fa80489a1e9ae","first_seen":"2026-02-24T14:23:50.979064Z","last_seen":"2026-02-26T17:03:57.873198Z","times_seen":4,"resource_available":true,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"va.tawk.to/log-performance/v3","fqdn":"va.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:57.565Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 06 Jan 2026 07:50:57 GMT","end":"Mon, 06 Apr 2026 08:50:49 GMT"},"fingerprint":{"sha1":"76:A2:1D:87:6A:02:2B:AE:59:CF:63:88:47:0B:0E:A0:A4:71:2D:D7","sha256":"9E:00:F3:80:45:CF:47:97:9A:BA:39:F6:38:6F:52:DD:E7:5F:D6:9B:7E:89:F7:9D:B0:BD:98:6F:1F:45:64:2A"}}},"request":{"raw":"POST /log-performance/v3 HTTP/1.1\r\nHost: va.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m-galabet1123.com/\r\nContent-Type: application/json; charset=utf-8\r\nContent-Length: 96\r\nOrigin: https://m-galabet1123.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":96,"data":"{\"logData\":\"{\\\"socket\\\":1256,\\\"register\\\":0,\\\"widget\\\":3355,\\\"script\\\":2174,\\\"download\\\":1181}\"}"}},"response":{"raw":"HTTP/3 200 OK\r\nx-served-by: visitor-application-preemptive-z7nl\r\naccess-control-allow-origin: https://m-galabet1123.com\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 3600\r\naccess-control-allow-methods: POST,OPTIONS\r\naccess-control-allow-headers: content-type,x-tawk-token\r\ncontent-type: text/html; charset=utf-8\r\nvary: Accept-Encoding\r\ndate: Thu, 26 Feb 2026 14:53:57 GMT\r\npriority: u=4,i=?0\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\ncf-cache-status: DYNAMIC\r\nserver: cloudflare\r\ncontent-encoding: br\r\ncf-ray: 9d404662cea1e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"ASCII text, with CRLF line terminators","md5":"fda44910deb1a460be4ac5d56d61d837","sha1":"f6d0c643351580307b2eaa6a7560e76965496bc7","sha256":"933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9","sha512":"57dda9aa7c29f960cd7948a4e4567844d3289fa729e9e388e7f4edcbdf16bf6a94536598b4f9ff8942849f1f96bd3c00bc24a75e748a36fbf2a145f63bf904c1","ssdeep":"","tlshash":"0e3000000000000000000000000000000000000000000000300000000000000000000c","first_seen":"2023-04-06T02:18:46Z","last_seen":"2026-05-10T02:19:39.188302Z","times_seen":38514,"resource_available":false,"data":null}},"time_used":139,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":139,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/assets/images/Tawky_16x16.svg","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:58.610Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 06 Jan 2026 07:50:57 GMT","end":"Mon, 06 Apr 2026 08:50:49 GMT"},"fingerprint":{"sha1":"76:A2:1D:87:6A:02:2B:AE:59:CF:63:88:47:0B:0E:A0:A4:71:2D:D7","sha256":"9E:00:F3:80:45:CF:47:97:9A:BA:39:F6:38:6F:52:DD:E7:5F:D6:9B:7E:89:F7:9D:B0:BD:98:6F:1F:45:64:2A"}}},"request":{"raw":"GET /_s/v4/assets/images/Tawky_16x16.svg HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:58 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Fri, 29 Jul 2022 11:35:20 GMT\r\netag: W/\"383b2c032d2e683a6e0e929ba7a9c25d\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\nage: 16676\r\nvary: accept-encoding\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nx-content-type-options: nosniff\r\ncf-ray: 9d4046695ff4e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":16312,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"383b2c032d2e683a6e0e929ba7a9c25d","sha1":"245ba3df690e5743e3f73a0e62ae77d48c1d4c74","sha256":"982b9f89de8ddb517d81a1e199ded4cde7434a191c5ba01cd53bf7fb3822fa56","sha512":"8691ae5fc6e5d2ffe594c12543a84088743eb414acdd532de508a59d07eb39df19d9e32e1bdec69302a8f2495c653e500420e3fe6838c1434b9a9878c3d499cb","ssdeep":"384:kQ0CSXaXHFlHfLoM6x207TS13La1BEZbM9xnFKaagL:N0aTfLoMBNAjnEad","tlshash":"b772dbbb23acd1dcba1602a18d3d2ae33ae77cfb9282c548c1673d376406db4494c765","first_seen":"2023-05-08T21:15:27Z","last_seen":"2026-06-02T00:27:04.661388Z","times_seen":500,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":16,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.recaptcha.net/recaptcha/api2/anchor?ar=1\u0026k=6LcKXcgUAAAAABnErUWDwYMpRiWUfgDhsWTkyPIJ\u0026co=aHR0cHM6Ly9tLWdhbGFiZXQxMTIzLmNvbTo0NDM.\u0026hl=en\u0026v=AWtrSI7lAmTAfV1rzWqEqz54\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=30000\u0026cb=6cuqg1jf8bo2","fqdn":"www.recaptcha.net","domain":"recaptcha.net","tld":"net"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:54:00.059Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"misc.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:37:13 GMT","end":"Mon, 27 Apr 2026 08:37:12 GMT"},"fingerprint":{"sha1":"1D:B7:FF:F3:A7:EB:04:37:58:20:FF:70:42:4E:C5:27:15:FA:1E:C7","sha256":"CE:EC:8F:31:12:28:68:A1:3F:33:BC:6A:1F:2C:39:6D:D7:D2:B3:C1:C2:F9:18:2D:36:38:44:E9:CB:9C:88:A0"}}},"request":{"raw":"GET /recaptcha/api2/anchor?ar=1\u0026k=6LcKXcgUAAAAABnErUWDwYMpRiWUfgDhsWTkyPIJ\u0026co=aHR0cHM6Ly9tLWdhbGFiZXQxMTIzLmNvbTo0NDM.\u0026hl=en\u0026v=AWtrSI7lAmTAfV1rzWqEqz54\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=30000\u0026cb=6cuqg1jf8bo2 HTTP/1.1\r\nHost: www.recaptcha.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/html; charset=utf-8\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-embedder-policy: require-corp\r\nreport-to: {\"group\":\"recaptcha\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/recaptcha\"}]}, {\"group\":\"coop_38fac9d5b82543fc4729580d18ff2d3d\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d\"}]}\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: Mon, 01 Jan 1990 00:00:00 GMT\r\ndate: Thu, 26 Feb 2026 14:54:00 GMT\r\ncontent-security-policy: script-src 'nonce-xPPw4dmjbcLGDqAMj-TYDA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"coop_38fac9d5b82543fc4729580d18ff2d3d\"\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":93010,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (47145)","md5":"d216774deaf0b736b0e2f53eb03dfc0b","sha1":"6a6feef5670f66f6ff971234dac520e5a001eb82","sha256":"f2d58b9b7c51f7b1f2cfc21e947dd76228e24a3cf6ccbc7cb7c81e3f917d28d7","sha512":"3aa69e3549afb98daf1ccd29ec5efb8e098f2f12615e8fbfca8d0ed71d40d05d98ef3ded89b7efce4686995f21a369cdd44b4eda99974f1f90536bdda0e44f61","ssdeep":"1536:y+kYLpcnFwbXHUPdqyHY2+tvMMvPNaYIlErf7MNh23prmoU8eANfa:y+kY6ySHY2+2uNaYdrTM723Bmn8lfa","tlshash":"06939e1955032089dfabced223c96f79e63e8215324354e923fe0787dd9ace6526d2cc","first_seen":"2026-02-26T14:54:53.73099Z","last_seen":"2026-02-26T14:54:53.73099Z","times_seen":1,"resource_available":false,"data":null}},"time_used":74,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":50,"receive":24,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/translations/tur.json?v=1772117700000","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.012Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /translations/tur.json?v=1772117700000 HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: application/json\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vvS8xdP7ld6vn0iB03%2Bs4UTs5Xgj4WKCAGPDBKyh04bcMODbxfpfSZ14z%2FKXrQ9eJZVdxfZS967TwRspS170T%2BrcuqEZjjfrpKv9DO70FLp2\"}]}\r\nx-powered-by: Express\r\nx-cache: HIT\r\netag: W/\"30c65-htuOwqGOttnKHLeceXfLGttEfwg\"\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncf-ray: 9d404652d99fe0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":199781,"size_decoded":0,"mime_type":"application/json","magic":"Unicode text, UTF-8 text, with very long lines (63253), with no line terminators","md5":"7499d2c4cc10b630a7dcdf3675b6bbea","sha1":"daf386a5c150077370cb5dc388c45b06c2cff2c1","sha256":"a4911bafde6acbafcb7a903a8d376f401bd82dba417c1300fa9482023659b09d","sha512":"76b3005225473b90c68cf8e6db4f03861c861961c3c35edcc1d12662350b9d372d3910b4fcc2c1f14760d827db8f91cd2b2960f09b990a039bbc2284440160ce","ssdeep":"6144:6u+a3k6PQoW83TLEBfM7/k3pPkPk/KqdpVyKjscQz:b+Ak6I62PZvdpMz","tlshash":"2d144b01682e3cfd4ba107ca749aaeb674f62183d190d867ec9dc73d138c766916b9c8","first_seen":"2026-02-26T14:54:53.732101Z","last_seen":"2026-02-26T14:54:53.732101Z","times_seen":1,"resource_available":false,"data":null}},"time_used":82,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":49,"receive":33,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/Odometer.Dtmtuu8d.css","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:56.390Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/Odometer.Dtmtuu8d.css HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/tr/\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=0; twk_idm_key=1j_Pbe3wZINlDTDhzscRH; twk_uuid_69345a05c4e6ba197aefa96c=%7B%22uuid%22%3A%221.92R1qCgyJWowz2iTiEpRwBM0xZehlrdmh8bxgIdk3R7rbioXvAdL6Ij0M1frbRAs6Dh30m1oA1FRvNd3M7KvvDyVS879Xvfp17FFvDm7hE25401h5GP6zS56Sncq%22%2C%22version%22%3A3%2C%22domain%22%3A%22m-galabet1123.com%22%2C%22ts%22%3A1772117636060%7D\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:56 GMT\r\ncontent-type: text/css\r\npriority: u=2,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"ac6-Ca9TICZiffJinxqYoEnujFAZRjE\"\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=76jhjbPM%2Bd%2Bk7lJ2Trf%2BAn5dXiFCKYBvl1Oqh2R1FdYT18MuDtZTP3AqzesjhIxjlVqrqVJuC3nP84AlPojpVgWKxTt3Ko7XvSQ%2BL2TZ1Ygc\"}]}\r\ncf-ray: 9d40465b3c51e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":2758,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2757)","md5":"e60bd0b6b84d162ff84ef731b11ed036","sha1":"09af532026627df2629f1a98a049ee8c50194631","sha256":"8d2a9d2617a60055e91c6b16f4cabd14851836edec7bf90fc8760e1d31a39df3","sha512":"a85638b5f89d49c50da5f9dc0cfaceec033c45f524a51bbf266fe9cf67f9ce63ef157745964b9ab7c1811f8e2f2d2c5d6348efebe6818d6fa5beb8291e36c725","ssdeep":"","tlshash":"2451e1154f910364633a7906b5c81b51bfece5415223c58e7329a447cf83db9e398e1b","first_seen":"2025-05-18T15:21:59.195484Z","last_seen":"2026-06-07T06:35:51.628424Z","times_seen":250,"resource_available":false,"data":null}},"time_used":120,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":118,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1052.com/storage/medias/galabet10/content_751_9d7a3472a72a545588ee02e8633f0a2c.webp","fqdn":"icons.galabet1052.com","domain":"galabet1052.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:57.683Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1052.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:14:03 GMT","end":"Sun, 24 May 2026 11:13:59 GMT"},"fingerprint":{"sha1":"3B:14:63:FD:4D:69:AD:3E:AE:90:AC:62:75:5F:1C:3B:40:70:81:66","sha256":"67:D1:79:82:FD:52:DC:63:91:45:A6:57:3E:F7:D3:BE:95:EE:80:07:4E:A0:E0:43:F1:1C:9D:1B:E1:2E:48:79"}}},"request":{"raw":"GET /storage/medias/galabet10/content_751_9d7a3472a72a545588ee02e8633f0a2c.webp HTTP/1.1\r\nHost: icons.galabet1052.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:57 GMT\r\ncontent-type: image/webp\r\ncontent-length: 24730\r\nserver: cloudflare\r\nlast-modified: Mon, 15 Dec 2025 14:02:23 GMT\r\npriority: u=4,i=?0\r\netag: \"694014ef-609a\"\r\nexpires: Thu, 05 Mar 2026 14:53:57 GMT\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nset-cookie: __cf_bm=HsmghoYsbpzulnKdwlg5z_4Km9wIOYLzOUvVLdvmpnU-1772117637.6732786-1.0.1.1-YT8dy7XHcNu64JW3a9cmMVDwkkXqpQGcGan8uGWG6mwMPVUE2WBOHVvimu.NRGefNl991ostGiKJKrvwtunv.RPIlX2ch22xGgt18wbbucFBnbxozDRm3WgCYeKmbHXq; HttpOnly; Secure; Path=/; Domain=galabet1052.com; Expires=Thu, 26 Feb 2026 15:23:57 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=25c5V%2BQ%2FI13eEtHpsTsHziTyqVWs8pnfBQG%2F0eUddu1v98bWJMYttM9XbdYa3AsOjPf0i3Wb6laJ49erhgwyjzB%2FZDByutAXDVGaO6Yisli4RPB6uw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d40466378c535a6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":24730,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"1a684d3e1bc93c1bd3a25d9983b83c43","sha1":"716d0144a9feb5a701d5eb48133f155c97a47946","sha256":"8b8e3b62b691c235c3aa5aa0ca6bd0eaea4a188271006aa9b8fdff49c9a06f94","sha512":"b66cfd7a78af400a5375c747bd08f6d230798eca3fb7fb7e623a10694901475ffacc21eb5c6edadbecb1234bb751d2c62f06eadc0192731abcb5422d13d18980","ssdeep":"384:pFhktnLa9HrvO+y3t9oDMTjRsENmQFyUzDm8kNRfxv/xvr5c8JPH+UlX:etLaZ/sPj3NmQ7ToRfx3lr5c8JPH+WX","tlshash":"f1b2f1045efc293755f843d01dfcee680e5441af12980c20814e77f9faa9a3ba81ea5a","first_seen":"2025-12-24T22:39:16.21561Z","last_seen":"2026-06-03T04:20:31.835501Z","times_seen":63,"resource_available":false,"data":null}},"time_used":115,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":83,"receive":32,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statistics.btcoservice27.com/images/e/s/0/508.png","fqdn":"statistics.btcoservice27.com","domain":"btcoservice27.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:58.089Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"btcoservice27.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 09:41:42 GMT","end":"Sun, 26 Apr 2026 10:41:35 GMT"},"fingerprint":{"sha1":"81:21:C1:62:6C:B3:8C:D6:3B:78:1C:03:98:EB:E4:B5:0B:08:13:4C","sha256":"86:BF:9F:A3:FE:30:F5:BD:7B:AD:63:3C:D7:11:72:E8:91:A7:06:23:A8:B5:1E:96:CD:28:18:3E:4C:48:4C:86"}}},"request":{"raw":"GET /images/e/s/0/508.png HTTP/1.1\r\nHost: statistics.btcoservice27.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T13:34:10.574604Z","times_seen":16240797,"resource_available":true,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statistics.btcoservice27.com/images/e/s/0/395.png","fqdn":"statistics.btcoservice27.com","domain":"btcoservice27.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:58.214Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"btcoservice27.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 09:41:42 GMT","end":"Sun, 26 Apr 2026 10:41:35 GMT"},"fingerprint":{"sha1":"81:21:C1:62:6C:B3:8C:D6:3B:78:1C:03:98:EB:E4:B5:0B:08:13:4C","sha256":"86:BF:9F:A3:FE:30:F5:BD:7B:AD:63:3C:D7:11:72:E8:91:A7:06:23:A8:B5:1E:96:CD:28:18:3E:4C:48:4C:86"}}},"request":{"raw":"GET /images/e/s/0/395.png HTTP/1.1\r\nHost: statistics.btcoservice27.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:58 GMT\r\ncontent-type: image/png\r\ncontent-length: 1660\r\nserver: cloudflare\r\nlast-modified: Tue, 17 Sep 2019 07:25:33 GMT\r\netag: \"7236d817296dd51:0\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\nx-powered-by: ASP.NET\r\nexpires: Sun, 22 Mar 2026 10:26:07 GMT\r\ncache-control: max-age=2592000\r\npragma: public\r\nx-cache: MISS\r\naccept-ranges: bytes\r\nage: 534470\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nset-cookie: __cf_bm=D1.uOB0kTh0R743wGEuMdNv9fCB39OyUu2OgHMHXdtc-1772117638.1625254-1.0.1.1-CSQbq6gXPF5VJT9Tqi2CmnmDWGUp5pLRlthqKuJRcMHgjs.TrDoU_slO9quYuk_6mFyhUzdddXVD7j34MMg7WKfl47e1jmdBjsRMvysVun2L_xV8gEVRywt_UopSwAjl; HttpOnly; Secure; Path=/; Domain=btcoservice27.com; Expires=Thu, 26 Feb 2026 15:23:58 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fMzGjOOaNICowI%2F4MPQ96e3wxac0iv2kW1zlwuMcvF%2B7Bho%2FiMpNkD%2FthOx3AGPuLDjTYYgnFbFpJdwUQsWfzPBAMyfECcGn4wTXoQGDLiHm0zoRHr80KvbWfCQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d4046668f3d4c11-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1660,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced","md5":"f4a3b310319ed2ae5f85de6f9259caed","sha1":"f0401b7ba86e03deee5260b17fadc26036e4fb6b","sha256":"42ab1bfd61a2009272bbad6a2f59f7c17f5043e4345eb73ac93fede514f06aba","sha512":"a507f234ed64a600dabcb1f9d1db6e6d7e956150db2e850bffc3569d23ea31dd7beffc293aefafffa8081660f0828c7466a0d809066cd1b5db548b3360801cb6","ssdeep":"","tlshash":"1831f8e57c64d1fffe0e39a3a81c43c6d3735b9a99a28b569e70c8f5506d4885312431","first_seen":"2023-05-16T07:21:41Z","last_seen":"2026-05-22T06:52:51.960612Z","times_seen":543,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"my.rtmark.net/p.js?f=sync\u0026lr=1\u0026partner=139a886e39fc38c92e86d82c241e5af2bdde29b6844bc7ddeb0c099f62648e4a","fqdn":"my.rtmark.net","domain":"rtmark.net","tld":"net"},"ip":{"addr":"104.18.41.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:54:02.667Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"my.rtmark.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 21 Feb 2026 19:28:29 GMT","end":"Fri, 22 May 2026 20:28:25 GMT"},"fingerprint":{"sha1":"36:C6:D1:CA:01:47:A4:1B:73:8E:62:DB:CB:24:79:4D:06:01:3B:B5","sha256":"11:41:34:A5:A1:10:2F:10:C6:7F:8A:F2:77:75:66:AA:39:99:F9:E7:00:8D:1E:EE:4E:30:42:B7:A3:82:28:31"}}},"request":{"raw":"GET /p.js?f=sync\u0026lr=1\u0026partner=139a886e39fc38c92e86d82c241e5af2bdde29b6844bc7ddeb0c099f62648e4a HTTP/1.1\r\nHost: my.rtmark.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 26 Feb 2026 14:54:02 GMT\r\ncontent-type: text/javascript\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token\r\naccess-control-expose-headers: Authorization\r\naccess-control-allow-credentials: true\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ntiming-allow-origin: *\r\ncf-cache-status: DYNAMIC\r\nserver: cloudflare\r\ncf-ray: 9d404682daed49c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":697,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text","md5":"cebc7667967e601f02df39ba19712d86","sha1":"c7d3677008d76115cc41ba1b734aad112c743dbf","sha256":"089867e58a1de5998b0d74b779119d8a30fe54616ea3ce76063a5530163febea","sha512":"80a26888852e4a15ef49580494958b710628b404f4026c5b218daa918280b24a8f2fcc698ac49ee66c6e9b91954c54f5f296abfd4645d71cc32c83d4ba199378","ssdeep":"","tlshash":"2b01c07d5b86312454f634906b2bbb4a743b12be5c535808848d0414a3a8bafa21add8","first_seen":"2025-12-24T22:39:16.348988Z","last_seen":"2026-05-22T17:22:58.055376Z","times_seen":51,"resource_available":true,"data":null}},"time_used":103,"timings":{"blocked":30,"dns":6,"connect":1,"send":0,"wait":42,"receive":0,"ssl":21},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/index.es-B9MYE6-3.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.502Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/index.es-B9MYE6-3.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/assets/WagmiConf-DcRD12Of.js\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=1772117635494; twk_idm_key=1j_Pbe3wZINlDTDhzscRH\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=3,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"48144-WeOErzKLy+DHzlJSZ5nisPERz7Q\"\r\nage: 0\r\ncontent-encoding: br\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qWNY4jGDmzdTcwpg5mULJPUC%2FwU0r4wKtjf4dDh%2FjoQD%2FZztqpDXHSCNHsWe%2BQnTgiyqMoqXYgFIRAuY6iTChwCKmsTifFsxBSiOAXACQq2K\"}]}\r\ncf-ray: 9d404655ea76e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":295236,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (49514)","md5":"a71206a48931c8ca241fd0483be9917b","sha1":"59e384af328bcbe0c7ce52526799e2b0f111cfb4","sha256":"4fc8231f3b89b71260c8ee9fd5a048df864e54f3e54f968fa3bf7f795c8d73dc","sha512":"e35fd45c940d6d6898583f6f9a0582034184f1a392fa74f9fe38e9be216d64c27db00d61de5e9d2dfa06c8a137f911000103f9bc2e4452a39be41745f27501e3","ssdeep":"3072:fzCw7+KZdQZv/7VXKAMJtSu7vYK9u6INz8P1jXJphlzfl8FnN1Nd6UGh:fz77jdU/7sJJMcvYisoljSFN1Nd6UGh","tlshash":"3b54fa8472a7f47543d665a8943b1542f23a5c64700c902cf6acfceebdac4499a3bf78","first_seen":"2026-02-24T14:23:51.310714Z","last_seen":"2026-02-26T17:03:57.86364Z","times_seen":4,"resource_available":true,"data":null}},"time_used":216,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":105,"receive":111,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/events-Bn7gRKKo.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:56.386Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/events-Bn7gRKKo.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/assets/index.es-B9MYE6-3.js\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=0; twk_idm_key=1j_Pbe3wZINlDTDhzscRH; twk_uuid_69345a05c4e6ba197aefa96c=%7B%22uuid%22%3A%221.92R1qCgyJWowz2iTiEpRwBM0xZehlrdmh8bxgIdk3R7rbioXvAdL6Ij0M1frbRAs6Dh30m1oA1FRvNd3M7KvvDyVS879Xvfp17FFvDm7hE25401h5GP6zS56Sncq%22%2C%22version%22%3A3%2C%22domain%22%3A%22m-galabet1123.com%22%2C%22ts%22%3A1772117636060%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:56 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=3,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"17fd-tS/3I7ybaX1JRyB4J25+x9y/+PQ\"\r\nage: 0\r\ncontent-encoding: br\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xNJJr4XwW8CXWzdW0EnueAiqwQk4VOwGF2FbIRY2qan6Kfz9ZJdFcaV6HtIiTln%2F37aGo6cChC%2BLg7SeAZBr43vlkQ6jMF8ZKPAa5XHXeyY9\"}]}\r\ncf-ray: 9d40465b2c4ae0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":6141,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (6140)","md5":"090be51e82542a30e21e332ca13babfc","sha1":"b52ff723bc9b697d49472078276e7ec7dcbff8f4","sha256":"75312eb0c62a763d09fc4297b47a9432ff15df3e82e2398247716855e7d21583","sha512":"b8b9804b08e0ca7f898643e26e9277b1273e6a53b8a6dfc29f97ca560c5d4f91e23527d7120989911d65fdb3cfa467ddb2ae4986cd90f6adeff0cb8e406d66a1","ssdeep":"96:Pd9bkM29yWHs9qYfoJCOoRLRlqSpbDq6v3WZHbK3hMSNPaVqsVqH:P3IM2sWMtBq6n3PzH","tlshash":"27c143ccb38578b013e7d3abb07f520bf134a598740c5108b61aecf9696bd9a4126b78","first_seen":"2026-02-24T14:23:51.051447Z","last_seen":"2026-02-26T17:03:57.746676Z","times_seen":4,"resource_available":true,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/getLiveGameAdditionalInfo-wT1MfhKJ.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:56.858Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/getLiveGameAdditionalInfo-wT1MfhKJ.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/assets/FeaturedGames-CmnWY5V8.js\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=0; twk_idm_key=1j_Pbe3wZINlDTDhzscRH; twk_uuid_69345a05c4e6ba197aefa96c=%7B%22uuid%22%3A%221.92R1qCgyJWowz2iTiEpRwBM0xZehlrdmh8bxgIdk3R7rbioXvAdL6Ij0M1frbRAs6Dh30m1oA1FRvNd3M7KvvDyVS879Xvfp17FFvDm7hE25401h5GP6zS56Sncq%22%2C%22version%22%3A3%2C%22domain%22%3A%22m-galabet1123.com%22%2C%22ts%22%3A1772117636060%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:56 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=3,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"47e-rGhFPxKkcT4wt/6F5CTbuyZv+3A\"\r\nage: 0\r\ncontent-encoding: br\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=D0TQ%2BA4T1%2FPu7uf7FepH%2BqcM5APCbIhK2B0ttMdT6c5gCdrqmPG%2BTjG7%2BQjDGCECHQJ%2BOzvTrHfRGkbhTmPlToS7a7vmwRxAUZQcDhZgFbZw\"}]}\r\ncf-ray: 9d40465e4d71e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":1150,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, Unicode text, UTF-8 text, with very long lines (1148)","md5":"8bb6d48e0059b4a0993ea7f2f68ad297","sha1":"ac68453f12a4713e30b7fe85e424dbbb266ffb70","sha256":"7f7d09c366f8afbb43e1439ce81afcdaf76f9f8d9aab83a3338c7b13e18e944f","sha512":"ff5ff2ccf22ad1c8f7d89b02340c0352025c54b019538a2633b759e620a36526188ed63dfc4dbecccdff53d6f723d2814e679da801fa29843fabb2e223625c19","ssdeep":"","tlshash":"aa2144b2606e92bbe5c94d945ab01b31e2b5ba05380445ccbb3cc9191877480a7e203a","first_seen":"2026-02-24T14:23:51.176176Z","last_seen":"2026-02-26T17:03:57.783484Z","times_seen":4,"resource_available":true,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-26T14:53:53.288Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:53 GMT\r\ncontent-type: text/html; charset=utf-8\r\nserver: cloudflare\r\nx-powered-by: Express\r\nx-cache: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=53C0wmE1d%2BP2%2BTovrQdfcqRf0u9CQ4X0311FwHwqa%2FcR4OFCi4cwsEyNNI%2Belrt7VvoawJsWnYDre5HarKzuwbdNYvDh5j94t6H4lmwClgtO\"}]}\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9d4046485ff13483-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11923,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (371)","md5":"aeb52fd3254239ae79a6bf0a42aec177","sha1":"42b1570e023b713b2aa8edb87bc3b04b019b56f8","sha256":"8b0dfd73975b77241163da05069229634bf67e22fc4f7b490fcb72f3d09f7f26","sha512":"f12822c3e5fc6806fb8ccfc913ec82a66f1afbf6cf904f93615f1d7bf6c69b372f23108bcc4bb019d5676c5ed1eb97efa7df31a0138c99706d77e81e57a24d74","ssdeep":"192:EAcaDNTFx46K0ChiQeBIRws5JLyVZurJEpO2rKqmx0OPSE0g1QECNzieRpL:EIBTFx4709IRx5nrOrdxU1QxL","tlshash":"e232824ba5a2b4351313607a6bd7f0083b22a1079904fc947d9e47d81fc5399d2bbafb","first_seen":"2026-02-26T14:54:53.73922Z","last_seen":"2026-02-26T14:54:53.73922Z","times_seen":1,"resource_available":false,"data":null}},"time_used":198,"timings":{"blocked":37,"dns":6,"connect":8,"send":0,"wait":123,"receive":0,"ssl":21},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/GoogleAnalyticsTracking-DmBvxHyZ.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.873Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/GoogleAnalyticsTracking-DmBvxHyZ.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/assets/index-Dm17uEDJ.js\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=1772117635494; twk_idm_key=1j_Pbe3wZINlDTDhzscRH\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=3,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"3588-+3Qi3GVO+LuMi8G1QnpVfRZLfw8\"\r\nage: 0\r\ncontent-encoding: br\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=G%2Bg7e2ms%2FUQ7WfPZMuo05cepOXtPbTtT%2F7Cz8V4paqH04qtpIRqihpWC1yAtidrDSbTwNk3fon5uezESW6IZy4mRFX%2FGXjyP9QbEM7pM9ttH\"}]}\r\ncf-ray: 9d404657eb24e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":13704,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (10208)","md5":"8cd4ae15064f7954689f3a7849a73b53","sha1":"fb7422dc654ef8bb8c8bc1b5427a557d164b7f0f","sha256":"243564d221706adbe127ee98e3bceb0859347bb88ebafd4c342e67e1d1609b6b","sha512":"546ce01ea7b40447f0a0ae6bc1b4eebcb7d349bde18015cbc22a079eaa3d219a0f4585413a77ddd79127711a864164951fa124040f10b930ca774a14f9b368d5","ssdeep":"192:bfWWYceR0SE+m/CTb3bHXCT76hoxGE0VK7D6L7kBNrnPWh52Lz2PM7mBE:jLYcoE/CzCIEP3Byy2PdBE","tlshash":"1152b55c32adb0b682df6054487f720bf1755910a458f480a265edf46ef8caf026bf36","first_seen":"2026-02-24T14:23:51.075102Z","last_seen":"2026-02-26T17:03:57.730432Z","times_seen":4,"resource_available":true,"data":null}},"time_used":120,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":102,"receive":18,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"explorer-api.walletconnect.com/w3m/v1/getAssetImage/692ed6ba-e569-459a-556a-776476829e00?projectId=45f4062f4f6427f9e6eab952d2452b3c\u0026sdkType=w3m\u0026sdkVersion=js-2.7.1","fqdn":"explorer-api.walletconnect.com","domain":"walletconnect.com","tld":"com"},"ip":{"addr":"172.66.147.126","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:57.103Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"walletconnect.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 05 Feb 2026 12:00:46 GMT","end":"Wed, 06 May 2026 13:00:31 GMT"},"fingerprint":{"sha1":"0B:75:F6:C4:1F:5C:D6:FA:A0:CD:3E:89:69:B2:43:70:98:34:EB:71","sha256":"A7:6F:DB:DB:DF:40:40:BC:E0:FA:21:6A:0A:3B:17:05:37:B7:17:6E:6E:BC:B2:89:3D:F4:E2:7C:EB:48:E6:5E"}}},"request":{"raw":"GET /w3m/v1/getAssetImage/692ed6ba-e569-459a-556a-776476829e00?projectId=45f4062f4f6427f9e6eab952d2452b3c\u0026sdkType=w3m\u0026sdkVersion=js-2.7.1 HTTP/1.1\r\nHost: explorer-api.walletconnect.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m-galabet1123.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:57 GMT\r\ncontent-type: image/webp\r\ncontent-length: 628\r\ncf-ray: 9d40465fec598a18-ARN\r\ncf-cache-status: HIT\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=86400\r\netag: \"cfaRKjj98wG78-Q94g8ciN3whHfmDcyauXnchu_YTSDQ\"\r\nserver: cloudflare\r\nvary: Accept\r\nx-wc-r2-status: HIT\r\ncf-bgj: imgq:86,h2pri\r\ncf-images: internal=ok/- q=0 n=1019+1 c=0+1 v=2025.6.1 l=628 f=false c2=0\r\ncontent-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'\r\nx-content-type-options: nosniff\r\nx-robots-tag: noindex\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":628,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 120x120, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"07a8ca43077147f4b93899efbe31ed8d","sha1":"bb87180866adc635991e4867c8222fc4387331ba","sha256":"b22b238c613c9bfcf13e8340213b734fea3bd0b9b2fe67648e3ba6decc104e89","sha512":"6d9a2235c65c224e78bd78025eacb630cca9bc9c4a838fd540de031cca2e8c442460eae186359cb98dcb1f1eb867414c6b5b77c78a2f3e1be6f6f36b254111c4","ssdeep":"","tlshash":"90f062be0d21c29ae04842881a0c6c5da472a9b9fb4424c4eaa5f7a67c0319433a54b0","first_seen":"2024-06-15T18:00:08Z","last_seen":"2026-06-08T09:35:28.577918Z","times_seen":2279,"resource_available":false,"data":null}},"time_used":307,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":306,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/index.6hr6LgI6.css","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:57.318Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/index.6hr6LgI6.css HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/tr/\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=0; twk_idm_key=1j_Pbe3wZINlDTDhzscRH; twk_uuid_69345a05c4e6ba197aefa96c=%7B%22uuid%22%3A%221.92R1qCgyJWowz2iTiEpRwBM0xZehlrdmh8bxgIdk3R7rbioXvAdL6Ij0M1frbRAs6Dh30m1oA1FRvNd3M7KvvDyVS879Xvfp17FFvDm7hE25401h5GP6zS56Sncq%22%2C%22version%22%3A3%2C%22domain%22%3A%22m-galabet1123.com%22%2C%22ts%22%3A1772117636060%7D\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:57 GMT\r\ncontent-type: text/css\r\npriority: u=2,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"4e4-6s/qza/fhzjzJcukzZNSutKCmk0\"\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RUT81GsFVfj%2BardTN6c7fmnzX2aU4zFNEqGWkbfds6vXCIM3PstiXoN9w0i2ao%2BECowDU0o8Ur7boTZSgJiyZ9tu%2FU%2Fgz9KOOfpChwUMqBMV\"}]}\r\ncf-ray: 9d4046614e44e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":1252,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1251)","md5":"d03ad7d634db584e4aed770123954f9b","sha1":"eacfeacdafdf8738f325cba4cd9352bad2829a4d","sha256":"7dc01c1d9e89862143b3c4cc81a2255e63cdb8412bf7421061819919fc2c6bf5","sha512":"e4641ddc5f100aec535f0f87f4b4cf617ff4fe450de4ed993b3681bec62023646689f9f12edc7b03c4dbf21e0b98081e4e8dd5b0b0a13970fd25946f953bde37","ssdeep":"","tlshash":"f0218ad7190b14feba73a6bf454346ebe5238c5bce63114ab6c21729c4827a2422245c","first_seen":"2025-10-29T09:08:38.623149Z","last_seen":"2026-06-08T11:36:24.390416Z","times_seen":1241,"resource_available":false,"data":null}},"time_used":110,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":110,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1052.com/storage/medias/galabet10/content_751_7a00a9ba3ed19ed581ac0d151250f19c.webp","fqdn":"icons.galabet1052.com","domain":"galabet1052.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:54:03.063Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1052.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:14:03 GMT","end":"Sun, 24 May 2026 11:13:59 GMT"},"fingerprint":{"sha1":"3B:14:63:FD:4D:69:AD:3E:AE:90:AC:62:75:5F:1C:3B:40:70:81:66","sha256":"67:D1:79:82:FD:52:DC:63:91:45:A6:57:3E:F7:D3:BE:95:EE:80:07:4E:A0:E0:43:F1:1C:9D:1B:E1:2E:48:79"}}},"request":{"raw":"GET /storage/medias/galabet10/content_751_7a00a9ba3ed19ed581ac0d151250f19c.webp HTTP/1.1\r\nHost: icons.galabet1052.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Feb 2026 14:54:03 GMT\r\ncontent-type: image/webp\r\ncontent-length: 149710\r\nserver: cloudflare\r\nlast-modified: Wed, 18 Feb 2026 11:22:48 GMT\r\npriority: u=4,i=?0\r\netag: \"6995a108-248ce\"\r\nexpires: Thu, 05 Mar 2026 14:54:03 GMT\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nset-cookie: __cf_bm=MwmK3DnsqD6WhYP2NRjvDdElRkENAvxADz.nS55hb10-1772117643.0685356-1.0.1.1-v6qDjPg3q6xerb_918tygWpYh48f6VHMmWM8m6xbHpSEaMdEUECfx4QWO4cVUJ1CJzGBaVTOwNhxwpGktm.PGLpv5ASd277D9lhAC0lfNi2hT6jT1T94fe9DVqzzavmJ; HttpOnly; Secure; Path=/; Domain=galabet1052.com; Expires=Thu, 26 Feb 2026 15:24:03 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZT4p29ciLCT2KobvsD9VJLPH0US5wL7o7RSmwltRl0Bb9uDv9jEfohmaxtGhDy2qJmXnzfbBaznWTsvoT%2Fv0AXPNnLTImLzy3GMHdXpQYOhwRjKZkA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d4046852dba35a6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":149710,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 2600x662, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"4bd3b06b62de9f54f88de72e421482f6","sha1":"800cc09c853c7b79b30b368e1620a4b3c1d0c006","sha256":"f7ef74951567cb4af32eaa15aa9ab19facb45cf8ab31c5de1fd6905ce5e3bfd3","sha512":"ceff09e932f0f56c87a6532c4a14db3725760502c76e80a4f563ad0728ad6a1e84125047e9063558b466dccec6689f99e680c20a2afcfedaff168b2d539a2cf5","ssdeep":"3072:dNgHge7Ttktg1bCH+QcD0SZd+7JNblkag7fymaY/6h:dYge7TatOvDSJ10ymaY/I","tlshash":"68e312720224b71997d93bac586c188c888b7d892bfa87fbb3bc5d059741046491b3ff","first_seen":"2026-02-24T14:23:51.322196Z","last_seen":"2026-02-26T17:03:57.857502Z","times_seen":4,"resource_available":false,"data":null}},"time_used":154,"timings":{"blocked":3,"dns":0,"connect":0,"send":0,"wait":46,"receive":105,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69967ba6a3b/css/bubble-widget.css","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:56.833Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 06 Jan 2026 07:50:57 GMT","end":"Mon, 06 Apr 2026 08:50:49 GMT"},"fingerprint":{"sha1":"76:A2:1D:87:6A:02:2B:AE:59:CF:63:88:47:0B:0E:A0:A4:71:2D:D7","sha256":"9E:00:F3:80:45:CF:47:97:9A:BA:39:F6:38:6F:52:DD:E7:5F:D6:9B:7E:89:F7:9D:B0:BD:98:6F:1F:45:64:2A"}}},"request":{"raw":"GET /_s/v4/app/69967ba6a3b/css/bubble-widget.css HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:56 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 19 Feb 2026 02:56:34 GMT\r\netag: W/\"ce7c2f1d3256f84d0760bd9f400963fc\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\nage: 16508\r\nvary: accept-encoding\r\ncf-cache-status: HIT\r\npriority: u=2,i=?0\r\nx-content-type-options: nosniff\r\ncf-ray: 9d40465e2d65e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":23063,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (23017)","md5":"ce7c2f1d3256f84d0760bd9f400963fc","sha1":"1375bb0f0223b374f9805cb441970de2cb004591","sha256":"ff92cac16c5ea67e7df480d38f6fd806385a85e69d13da5317ceb3acc469af62","sha512":"3f33f2cf811797404a3bdd12ab6af60b5356bdd577c82e8a97ad7d4cf81dcd1b24bf87c1256e175a6ae6f44d0d2f9c9daf8c29316bc60b370288f98e78e5716e","ssdeep":"384:Wgfco+ziLwH0Lg26/tFTiBB6TXngxYe4fbFU3xi7Ur3K:B+ziLwH0Lg261F2BBCXrsr3K","tlshash":"efa2dbf5e47b10d87363c02293d4f2685499f370ca8adea1f52b661c49e52763682efc","first_seen":"2025-04-29T09:54:46.086393Z","last_seen":"2026-06-08T12:51:50.341082Z","times_seen":34593,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1052.com/storage/medias/galabet10/content_751_9ebd89d4b7e272eb1d283c8014d5776d.webp","fqdn":"icons.galabet1052.com","domain":"galabet1052.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:57.257Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1052.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:14:03 GMT","end":"Sun, 24 May 2026 11:13:59 GMT"},"fingerprint":{"sha1":"3B:14:63:FD:4D:69:AD:3E:AE:90:AC:62:75:5F:1C:3B:40:70:81:66","sha256":"67:D1:79:82:FD:52:DC:63:91:45:A6:57:3E:F7:D3:BE:95:EE:80:07:4E:A0:E0:43:F1:1C:9D:1B:E1:2E:48:79"}}},"request":{"raw":"GET /storage/medias/galabet10/content_751_9ebd89d4b7e272eb1d283c8014d5776d.webp HTTP/1.1\r\nHost: icons.galabet1052.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:57 GMT\r\ncontent-type: image/webp\r\ncontent-length: 37486\r\nserver: cloudflare\r\nlast-modified: Fri, 17 Oct 2025 08:37:47 GMT\r\npriority: u=4,i=?0\r\netag: \"68f2005b-926e\"\r\nexpires: Thu, 05 Mar 2026 14:53:57 GMT\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nset-cookie: __cf_bm=G_f9k8ycsjyR54Zl9564ouI2ATH8Mi819BrHSbiutRg-1772117637.261554-1.0.1.1-bWmDZ6HJRCepy.nVTNw47e1S37fk2uFCVlX17tDKPyOuN9VdiotPadOB0Xmrt959xBmRMikqQxUbLuBagqyU8U30ewmPyEmylUreDqT6KEdK74WJvZXWH45cQzxNzLzf; HttpOnly; Secure; Path=/; Domain=galabet1052.com; Expires=Thu, 26 Feb 2026 15:23:57 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=VBwx%2FAKcBnD3niyuiAMENtyYOTqLpHq0DPdX3R63mjPb1WP6m8VXdhCRI7AlgEnfwIS6XHOSy8HVZOEPvEqot%2BghABeauzZ7m9MRMRH8m5SC8apqyw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d404660dc5035a6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":37486,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1600x160, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"9ac9c7309c1e3ad08e40dd34bc454d67","sha1":"b54c720aa9b62e91c1e00db7ae81d10eb9c927e4","sha256":"640800f3344f29c8b95ceb80f1f18aac2f2ffe62262bb82011568b4bc67d64b2","sha512":"d1a2159808eff2f6b9fd0072bdeceb566cd349518779f82a9166afb4a5c879c2fc51c523794341a33e9e5d784bb0a5a9ea0294e9e07c5d575819ef951b69aaf8","ssdeep":"768:IcaczNfC9tDfLhOgCk2HVAtL8VWbxJbOL6Cew4fxNpT8hxuK:Icac58zLcLkuGbqWCe75jwPuK","tlshash":"16f2e14fb3792174723d7d8b686cacbf6a473215b6bc1c4e44b37121a697f3819268c2","first_seen":"2025-12-24T22:39:16.389829Z","last_seen":"2026-06-06T23:43:56.102638Z","times_seen":13,"resource_available":false,"data":null}},"time_used":87,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":53,"receive":34,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gstatic.com/recaptcha/releases/AWtrSI7lAmTAfV1rzWqEqz54/styles__ltr.css","fqdn":"www.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.20.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.recaptcha.net/recaptcha/api2/anchor?ar=1\u0026k=6LcKXcgUAAAAABnErUWDwYMpRiWUfgDhsWTkyPIJ\u0026co=aHR0cHM6Ly9tLWdhbGFiZXQxMTIzLmNvbTo0NDM.\u0026hl=en\u0026v=AWtrSI7lAmTAfV1rzWqEqz54\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=30000\u0026cb=6cuqg1jf8bo2","date":"2026-02-26T14:54:00.200Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 08:40:56 GMT","end":"Mon, 20 Apr 2026 08:40:55 GMT"},"fingerprint":{"sha1":"C0:70:82:EC:9D:28:B5:4B:51:02:7A:C7:BE:63:94:B1:DC:64:29:FF","sha256":"5E:E3:2A:C0:F5:10:AE:D1:9D:11:A4:88:D0:66:44:3B:31:B7:05:05:0D:A7:35:66:17:B5:35:88:23:3C:E3:F1"}}},"request":{"raw":"GET /recaptcha/releases/AWtrSI7lAmTAfV1rzWqEqz54/styles__ltr.css HTTP/1.1\r\nHost: www.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.recaptcha.net/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha-scs\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"recaptcha-scs\"\r\nreport-to: {\"group\":\"recaptcha-scs\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/recaptcha-scs\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 42575\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 24 Feb 2026 22:48:21 GMT\r\nexpires: Wed, 24 Feb 2027 22:48:21 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Tue, 24 Feb 2026 17:02:26 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\nage: 144339\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":83366,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"8081059d17280404e9332246fc61aacc","sha1":"823f6b420459aac94b143cc67663dbe5779d78f7","sha256":"b0f795bf7d49effab5126f24fa1929587751db252a83bfb5b108212dd3a2f45e","sha512":"6469dbdcc103bf04dd5293bf2c6ad59ffa434d825b2432379a5aca6dcd381bcf5f8cfff0a6830179cc646e282f51382586f88116dc4652590e16c4c19437d1d3","ssdeep":"1536:k7Rpgh9C9ToL9gTNfWNfK4RxNDldthXwW5l1Dx7:k7ArC9ULiTYNC4RXLX1","tlshash":"e3838e7338913a1afc2b8b616196bdfdf21cc923e5515bfaa5497a20c3cb0978213747","first_seen":"2026-02-25T19:48:53.039074Z","last_seen":"2026-04-08T03:49:47.871246Z","times_seen":7269,"resource_available":false,"data":null}},"time_used":49,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":23,"receive":26,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69967ba6a3b/languages/en.json","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.222Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 06 Jan 2026 07:50:57 GMT","end":"Mon, 06 Apr 2026 08:50:49 GMT"},"fingerprint":{"sha1":"76:A2:1D:87:6A:02:2B:AE:59:CF:63:88:47:0B:0E:A0:A4:71:2D:D7","sha256":"9E:00:F3:80:45:CF:47:97:9A:BA:39:F6:38:6F:52:DD:E7:5F:D6:9B:7E:89:F7:9D:B0:BD:98:6F:1F:45:64:2A"}}},"request":{"raw":"GET /_s/v4/app/69967ba6a3b/languages/en.json HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m-galabet1123.com/\r\nOrigin: https://m-galabet1123.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: application/json\r\nlast-modified: Thu, 19 Feb 2026 02:56:35 GMT\r\netag: W/\"4662c7c182dfe30065936bfa05f8c773\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\nvary: accept-encoding\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nx-content-type-options: nosniff\r\ncf-ray: 9d40465418934435-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":11595,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"4662c7c182dfe30065936bfa05f8c773","sha1":"d1f155c335c31be5947ef8ebf82be1eee2782fc2","sha256":"2d2d85dfc80ec4f42d12bea574d59879d269b5c06557cf888367fbfa9036fe47","sha512":"abd2530371ef02602814b0bed360225c0530615c5db002d61511bca5e8cda0d8da2bd288631ee02da5fbf952b31bd4380284dcd56838277b52654f7d13dc6229","ssdeep":"192:wmr65/bLHzPrquLUVid+BCzfF+npqpe9svKGC6KEt1aZwf1E:fCbLHzxUVid+BEfF+np59L3Zwfi","tlshash":"ed323169ce504ea702d29646399f35437624829b1f54342eb78c91ac0f8ec6fa1f77ce","first_seen":"2025-06-18T04:11:24.033166Z","last_seen":"2026-05-27T07:42:34.836287Z","times_seen":49915,"resource_available":false,"data":null}},"time_used":141,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":141,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/CasinoGame-9WoCdzkb.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:56.766Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/CasinoGame-9WoCdzkb.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/assets/AiPromotedGamesWidget-DayfNQl4.js\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=0; twk_idm_key=1j_Pbe3wZINlDTDhzscRH; twk_uuid_69345a05c4e6ba197aefa96c=%7B%22uuid%22%3A%221.92R1qCgyJWowz2iTiEpRwBM0xZehlrdmh8bxgIdk3R7rbioXvAdL6Ij0M1frbRAs6Dh30m1oA1FRvNd3M7KvvDyVS879Xvfp17FFvDm7hE25401h5GP6zS56Sncq%22%2C%22version%22%3A3%2C%22domain%22%3A%22m-galabet1123.com%22%2C%22ts%22%3A1772117636060%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:56 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=3,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"1711-3g/7tiv5gKanaT0XABGV8MoCUA0\"\r\nage: 0\r\ncontent-encoding: br\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7DGJHTj%2F0hWwhIWcWiazfJFelxe%2BCIL6GbC2ANzbQjlTxGSC0GiuvxRSdv28NSPB%2B6n10e8%2BF34xFp%2BNYUaQ0phQzY%2BzJ8D7zjpv45MZScHh\"}]}\r\ncf-ray: 9d40465dbd51e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":5905,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (5630)","md5":"9394597a4dd6f86f5e43d734a073d194","sha1":"de0ffbb62bf980a6a7693d17001195f0ca02500d","sha256":"3d3c7b4dbc38c7c892cd346771c606bfbcc9ccf8d621bc8f4396ac7eb76a7227","sha512":"9c17ba1fbc81d094106907fd547a69faf5febd87bc4c795dad206094a9d355c27d89cdba231a68f340c25d1bd1821343fedce2a70308c9ceb3aa63883383a323","ssdeep":"96:jx1BM8Xcl/jL5p8u+m+9Z87/ORx2CZZ9Lm7nxT+xmZ97vaycesDa+e:V1BMJl/jPIm+k7jKq7nxKx005e","tlshash":"f7c18504e014efbdb8360cca986f202978191fa2de198565f47da839367c11db627bdf","first_seen":"2026-02-24T14:23:51.033613Z","last_seen":"2026-02-26T17:03:57.889854Z","times_seen":4,"resource_available":true,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/SliderMarket-CiXvKW3i.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:56.831Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/SliderMarket-CiXvKW3i.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/assets/index-Dm17uEDJ.js\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=0; twk_idm_key=1j_Pbe3wZINlDTDhzscRH; twk_uuid_69345a05c4e6ba197aefa96c=%7B%22uuid%22%3A%221.92R1qCgyJWowz2iTiEpRwBM0xZehlrdmh8bxgIdk3R7rbioXvAdL6Ij0M1frbRAs6Dh30m1oA1FRvNd3M7KvvDyVS879Xvfp17FFvDm7hE25401h5GP6zS56Sncq%22%2C%22version%22%3A3%2C%22domain%22%3A%22m-galabet1123.com%22%2C%22ts%22%3A1772117636060%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:56 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=3,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"4fd-xF9+NuV39qOFjH+xfBQrUxfHpww\"\r\nage: 0\r\ncontent-encoding: br\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zy0YJAYLDt6s7mHIgmmJV0sEHUnNDmqUMsZYmU8a1TvAVVHX1WHfE5038v4XTUrmukQphvOYvfMeEmljjQUbNiH5tKcTbdSGdf%2Bb8Z4bPNhE\"}]}\r\ncf-ray: 9d40465e2d63e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":1277,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (1276)","md5":"a35dee8833cc3474941c8ae9f42ab0d0","sha1":"c45f7e36e577f6a3858c7fb17c142b5317c7a70c","sha256":"4e199e3e49aa35595c65e4b71e7f7afeab3c7136689cc49166647cb309090206","sha512":"e990db021995ea83acd1e1e9669e3b1b254c29951d151d0aa8ae905c94c41c9b4d81890245dad72d344d34a888022948803d8941e73b41e0fa73fea2406c7ef9","ssdeep":"","tlshash":"0421404af120e5b0326a8cccc034272230352aa2dbb4e2c1e1afc7111f38259f71eb16","first_seen":"2026-02-25T02:34:32.612974Z","last_seen":"2026-02-26T17:03:57.930846Z","times_seen":3,"resource_available":true,"data":null}},"time_used":99,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":99,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/FavoriteGamesContent-BWhyATt4.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:57.329Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/FavoriteGamesContent-BWhyATt4.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m-galabet1123.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:57 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=4,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"ac3-8yWCTrNLVrF3D4CWPHctjyMyETM\"\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DMXeX5ve25mecJBRU%2B52vQwviBsXIWtHVqIPjod8IkFECR2WrdN%2FBiJp1Ev0pGqUjAfEhyF9gCsvyIQNdNISN4ZYH85nsBNE6VIktJswqQt9\"}]}\r\ncf-ray: 9d4046615e47e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":2755,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (1704)","md5":"520492d6f1f44fba5d1f5afca843fae8","sha1":"f325824eb34b56b1770f80963c772d8f23321133","sha256":"c7d7349a97d49fe38ecb60e29f790b95bc64e28929fcaf25d26507769c95df54","sha512":"5e4491318fc800e80ae25f817e14c02f4787708539b9ef5ae96597170f432fe6a924209bbd0450631434b4c53d711a93ed68c09cca99a30f893e60eb80d54508","ssdeep":"","tlshash":"5151c51140415ff8bb9e5eda2e27c064196a438ca286c17da87c4f3e3818640713bffa","first_seen":"2026-02-24T14:23:50.928734Z","last_seen":"2026-02-26T17:03:57.788556Z","times_seen":4,"resource_available":true,"data":null}},"time_used":104,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":104,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.recaptcha.net/recaptcha/api.js?render=6LcKXcgUAAAAABnErUWDwYMpRiWUfgDhsWTkyPIJ","fqdn":"www.recaptcha.net","domain":"recaptcha.net","tld":"net"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:59.267Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"misc.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:37:13 GMT","end":"Mon, 27 Apr 2026 08:37:12 GMT"},"fingerprint":{"sha1":"1D:B7:FF:F3:A7:EB:04:37:58:20:FF:70:42:4E:C5:27:15:FA:1E:C7","sha256":"CE:EC:8F:31:12:28:68:A1:3F:33:BC:6A:1F:2C:39:6D:D7:D2:B3:C1:C2:F9:18:2D:36:38:44:E9:CB:9C:88:A0"}}},"request":{"raw":"GET /recaptcha/api.js?render=6LcKXcgUAAAAABnErUWDwYMpRiWUfgDhsWTkyPIJ HTTP/1.1\r\nHost: www.recaptcha.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/javascript; charset=utf-8\r\nexpires: Thu, 26 Feb 2026 14:53:59 GMT\r\ndate: Thu, 26 Feb 2026 14:53:59 GMT\r\ncache-control: private, max-age=300\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"coop_38fac9d5b82543fc4729580d18ff2d3d\"\r\nreport-to: {\"group\":\"coop_38fac9d5b82543fc4729580d18ff2d3d\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d\"}]}\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1054,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (1054), with no line terminators","md5":"efb36ea213c503be7335c4a384a422c9","sha1":"ebe0551c40e4f788ef7c8f4c1a71555d3ef3c630","sha256":"ec2aa95ab136705fc63d35438499ad8c86af1f1a48d3e8d34936d29f72745bf7","sha512":"957665016446d19c9f132b76b4b47ec4c06f88acf70c972d649344d99600865c01f79769cf98b3806545b9d32152a803e303a4b299a3ab5b0b3d4d31df06e5cf","ssdeep":"","tlshash":"aa111fb21708a0394b321de1a2ffd7b5e482701cf15845e8a512ead82f7edd7ce05945","first_seen":"2026-02-26T14:54:53.747705Z","last_seen":"2026-02-27T17:06:15.668461Z","times_seen":3,"resource_available":true,"data":null}},"time_used":301,"timings":{"blocked":114,"dns":25,"connect":29,"send":0,"wait":48,"receive":0,"ssl":83},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/index.es-B9MYE6-3.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.497Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/index.es-B9MYE6-3.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m-galabet1123.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=4,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"48144-WeOErzKLy+DHzlJSZ5nisPERz7Q\"\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=m1uk%2BktTLSrI%2F%2BwQ7mcKKc%2Ffip2%2FykPi7EQ04GE8dJcBSjH%2Ft%2B72zsPh47BoGXQgcNmbmGRUeHQeuggBHzTsQ95%2F8lFozYBztthK%2FnXS2rA2\"}]}\r\ncf-ray: 9d404655ea6fe0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":295236,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (49514)","md5":"a71206a48931c8ca241fd0483be9917b","sha1":"59e384af328bcbe0c7ce52526799e2b0f111cfb4","sha256":"4fc8231f3b89b71260c8ee9fd5a048df864e54f3e54f968fa3bf7f795c8d73dc","sha512":"e35fd45c940d6d6898583f6f9a0582034184f1a392fa74f9fe38e9be216d64c27db00d61de5e9d2dfa06c8a137f911000103f9bc2e4452a39be41745f27501e3","ssdeep":"3072:fzCw7+KZdQZv/7VXKAMJtSu7vYK9u6INz8P1jXJphlzfl8FnN1Nd6UGh:fz77jdU/7sJJMcvYisoljSFN1Nd6UGh","tlshash":"3b54fa8472a7f47543d665a8943b1542f23a5c64700c902cf6acfceebdac4499a3bf78","first_seen":"2026-02-24T14:23:51.310714Z","last_seen":"2026-02-26T17:03:57.86364Z","times_seen":4,"resource_available":true,"data":null}},"time_used":225,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":109,"receive":116,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"galabet.winwingames.io/","fqdn":"galabet.winwingames.io","domain":"winwingames.io","tld":"io"},"ip":{"addr":"172.67.157.158","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.675Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"winwingames.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 08 Feb 2026 19:47:04 GMT","end":"Sat, 09 May 2026 20:45:41 GMT"},"fingerprint":{"sha1":"5F:A1:45:1D:4B:B7:61:A8:B4:5F:25:27:8B:2E:35:9F:B2:AE:4E:72","sha256":"80:69:5A:6E:C6:E7:5E:F3:BF:B1:27:9B:EC:BD:81:46:6D:C9:B0:59:00:CC:90:C4:6D:BC:45:CE:D4:38:E5:01"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: galabet.winwingames.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NP%2FPlOEC3ndeA5s6KSbei61s943tgTzuTG2dQKALbRBPTc%2FJSXe44mIPUFlq%2BJYgO48empUWkm2kJK5hDyFFRrwolX3Iha6bDq4SC7GrzYO%2FCyf5mqE%3D\"}]}\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 9d404657edb0be94-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2821,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"ed84599d293d187c97aa6f88754332ce","sha1":"f950f5294b5fa13bd1c3950e5cb28b1a2ee241fc","sha256":"599500c94c302ac02594dd87a6652eb51a9f45042f0fc5fc2bd2f3935f8fab81","sha512":"d94fbe4938b707b2595582d942cfd27ada4874b5be459851f77dc5371f705af81eada3ddc170697813c2657a8404f1303b8777279f716eef4ebe08fdce284cd7","ssdeep":"","tlshash":"71514f3646b21421436710683babf31ab23ad2433689e9447edd93005f85f68d9b3bde","first_seen":"2026-02-24T14:23:51.260409Z","last_seen":"2026-06-03T04:20:31.871571Z","times_seen":60,"resource_available":false,"data":null}},"time_used":363,"timings":{"blocked":143,"dns":75,"connect":11,"send":0,"wait":83,"receive":0,"ssl":40},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/GoogleTagManagerTracking-D0YNYPoP.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.842Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/GoogleTagManagerTracking-D0YNYPoP.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m-galabet1123.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=4,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"3dae-TqkZmkmHKEAfsC/Hqfm1cF1+lvs\"\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=igNBTVYOPsn7B8bLd%2FAgi%2BwCST2nmiMw%2B5euhWJua2S8nRONK6lv6vbg48yiLiSKl59gb78qPIv0h0T%2F15lTjBw3HJEQvPNq0VbhJiMN2Twa\"}]}\r\ncf-ray: 9d404657db12e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":15790,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (14494)","md5":"7ba959810d4a9f7754c1811a32e116a2","sha1":"4ea9199a498728401fb02fc7a9f9b5705d7e96fb","sha256":"e3cd4a119c74e94648e229b1ccf657d25f63b948059b222f30a4adf5187c091d","sha512":"2ab8952eb3f12b16f8c4ea3d244d4da7d41281c83bf2a36a1a7b2a741c6ef5ad977478d3ca25cc1fbdbd8b60c91df2ab09096f4788a82d5af08b5ee30f5cf545","ssdeep":"384:oT5rzmJK7O+CQsGPsR9W+/kyMVVrkfknk/k9ktg7riGw7DUe:WrQiO+FQR97/kyMniKCuJ3SYe","tlshash":"f36295d7faa558a0b0bd4de81f9281c23ab1b56af58144707c7e3c0c6378e0af19596d","first_seen":"2026-02-24T14:23:51.041512Z","last_seen":"2026-02-26T17:03:57.813524Z","times_seen":4,"resource_available":true,"data":null}},"time_used":130,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":111,"receive":19,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/gameDataProcessing-DtSnCvbE.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:56.407Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/gameDataProcessing-DtSnCvbE.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m-galabet1123.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:56 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=4,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"4382-u41P2DOupfN44r9IUa6Bn4qW8sc\"\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yN1otyURNAqEwTWpRAmX1i5K66fIEOkcaxeCKrkDbdnj%2F4AJR%2Bo3mRtW3pdVLE8TKrtXsqojJ51BjfnhAOMCxL3ZHhCHOL8YYuLcIZOSg9lV\"}]}\r\ncf-ray: 9d40465b4c65e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":17282,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (17281)","md5":"dcecb2abe07ee9dcecc6f662e238bc7f","sha1":"bb8d4fd833aea5f378e2bf4851ae819f8a96f2c7","sha256":"c5a8f4dbc771b4c88e6f971277095f148539bb64a22ac65dfda70aafa878b60c","sha512":"8c7ec6fe241f990bbfddfdf77be07986ab02525eedebc159e614b1c19988df95932d3b1d854f3fa73b3077d14215f91339822ab543e09cbe89b47adccff7cd27","ssdeep":"384:WwphrrZxhxlVz12awqhvT7vsB4Pzendc0aw5K4A1nV:WCpt7ve8Q/AX1nV","tlshash":"0972750b8a024c52c97e4639c0aa15f1b9781b32e8b8cdd11a655c7afb5fa5b31e1738","first_seen":"2026-02-24T14:23:51.212877Z","last_seen":"2026-02-26T17:03:57.951321Z","times_seen":4,"resource_available":true,"data":null}},"time_used":131,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":109,"receive":22,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/gameDataProcessing-DtSnCvbE.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:56.856Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/gameDataProcessing-DtSnCvbE.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/assets/FeaturedGames-CmnWY5V8.js\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=0; twk_idm_key=1j_Pbe3wZINlDTDhzscRH; twk_uuid_69345a05c4e6ba197aefa96c=%7B%22uuid%22%3A%221.92R1qCgyJWowz2iTiEpRwBM0xZehlrdmh8bxgIdk3R7rbioXvAdL6Ij0M1frbRAs6Dh30m1oA1FRvNd3M7KvvDyVS879Xvfp17FFvDm7hE25401h5GP6zS56Sncq%22%2C%22version%22%3A3%2C%22domain%22%3A%22m-galabet1123.com%22%2C%22ts%22%3A1772117636060%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:56 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=3,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"4382-u41P2DOupfN44r9IUa6Bn4qW8sc\"\r\nage: 0\r\ncontent-encoding: br\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=whX2cqfSGDZuiAJYZd9WkYUxaxOaKYy9WLyjCrsqRhASuV5lH112mBmeyrr09PrlhgxlY6nyM6GjbkDA6Ugms8rzssMy0%2BA0i2uroQdcJPGS\"}]}\r\ncf-ray: 9d40465e4d6ee0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":17282,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (17281)","md5":"dcecb2abe07ee9dcecc6f662e238bc7f","sha1":"bb8d4fd833aea5f378e2bf4851ae819f8a96f2c7","sha256":"c5a8f4dbc771b4c88e6f971277095f148539bb64a22ac65dfda70aafa878b60c","sha512":"8c7ec6fe241f990bbfddfdf77be07986ab02525eedebc159e614b1c19988df95932d3b1d854f3fa73b3077d14215f91339822ab543e09cbe89b47adccff7cd27","ssdeep":"384:WwphrrZxhxlVz12awqhvT7vsB4Pzendc0aw5K4A1nV:WCpt7ve8Q/AX1nV","tlshash":"0972750b8a024c52c97e4639c0aa15f1b9781b32e8b8cdd11a655c7afb5fa5b31e1738","first_seen":"2026-02-24T14:23:51.212877Z","last_seen":"2026-02-26T17:03:57.951321Z","times_seen":4,"resource_available":true,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"statistics.btcoservice27.com/images/e/s/0/394.png","fqdn":"statistics.btcoservice27.com","domain":"btcoservice27.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:58.199Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"btcoservice27.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 09:41:42 GMT","end":"Sun, 26 Apr 2026 10:41:35 GMT"},"fingerprint":{"sha1":"81:21:C1:62:6C:B3:8C:D6:3B:78:1C:03:98:EB:E4:B5:0B:08:13:4C","sha256":"86:BF:9F:A3:FE:30:F5:BD:7B:AD:63:3C:D7:11:72:E8:91:A7:06:23:A8:B5:1E:96:CD:28:18:3E:4C:48:4C:86"}}},"request":{"raw":"GET /images/e/s/0/394.png HTTP/1.1\r\nHost: statistics.btcoservice27.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:58 GMT\r\ncontent-type: image/png\r\ncontent-length: 916\r\nserver: cloudflare\r\nlast-modified: Thu, 07 Nov 2024 08:42:16 GMT\r\netag: \"f872c2f2f030db1:0\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\nx-powered-by: ASP.NET\r\nexpires: Sun, 22 Mar 2026 10:26:07 GMT\r\ncache-control: max-age=2592000\r\npragma: public\r\nx-cache: MISS\r\naccept-ranges: bytes\r\nage: 534471\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nset-cookie: __cf_bm=Fq5C2wPbuT6vdAudy0hyrEkOmX3Q0pdhBjd3bYSnJAc-1772117638.1580608-1.0.1.1-GYzM2k9fdv0C95on5KL4CO97E8zwDvcPL.T8eI_TvdkNlBxC0_Sa3lQDGJndGdNaixsCpH6J.rnaj_DaWSLrXF_bKRBpYO0RzMk7rzeFwF3eUNfl4VCi4DirfcsdkRrG; HttpOnly; Secure; Path=/; Domain=btcoservice27.com; Expires=Thu, 26 Feb 2026 15:23:58 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=cX8TyfEoHwomSLSXWoNxm3WtwYJJ7iAKaYT3L6NvpMDPC2Ti1j6PDE5x2GWJincSCYltBHSIgax6C6UXfQQ9DzYNmApDYCcFXA0O8YmFcYRF6Co34XXpOeFSWMY%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d4046667f124c11-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]}],"data":{"size":916,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced","md5":"737fb19a08ae1d731bedd5fc8264e4dd","sha1":"6e3cf0e7c217e8346857210d23f036011b4fa00a","sha256":"57810209eed114e8483f454fac0d630e02d7f6f1e0d54f9b103626aeb5506570","sha512":"99e05107acb190015478dab6800a7980ce9f44db949122e2e2c74b9b253b9b10f6a57839a6e03b9842db972e99b8608be64278ec7310c70a615557b436bbadcc","ssdeep":"","tlshash":"551184e2127899becc3a36f42255d300a2d474fe98536e04783087440549ab34185392","first_seen":"2024-12-25T02:52:53.605729Z","last_seen":"2026-03-18T12:31:46.554253Z","times_seen":385,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/header.json?v=02/17/2026-15:58","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.701Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /header.json?v=02/17/2026-15:58 HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/tr/\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=1772117635494; twk_idm_key=1j_Pbe3wZINlDTDhzscRH\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: application/json\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HKD6kUyImKasiy71qs43nD0SNM%2FT4RlgTh2zE%2BLrbZCviXI3uTna2SKUvbg7%2BrdinB0yNgUr1fLyAFnmByCeQ3yWTfXqhmbTv4j7Yjcy2f%2Fb\"}]}\r\nx-powered-by: Express\r\nx-cache: HIT\r\netag: W/\"e1-o5bX8SfuIDtHHxp+UHGEMY50Fj0\"\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncf-ray: 9d4046571ac9e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":225,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"4fbc119c5c8514e3587fdfa01f205866","sha1":"a396d7f127ee203b471f1a7e507184318e74163d","sha256":"10279aa2fbd66a0c0140d4b4cf9a39b0c9bd14b18bb35f1bd6eb26eab355b9d9","sha512":"9eef97111b2474b705b496860ecd29c7c591ddcb79887d755e5ea7bcf2d578a68bbecdc54ce4f11954f679ff2b8b5cf060da8cd4287a78a1fc3a92fdfc6125b7","ssdeep":"","tlshash":"cdd0a73aec10da7073a0c413c18067801140e514d644485c9cddea5a93dd7891180b67","first_seen":"2025-12-24T22:39:16.192168Z","last_seen":"2026-06-03T04:20:31.884146Z","times_seen":75,"resource_available":false,"data":null}},"time_used":50,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":50,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1052.com/svg/Info.json","fqdn":"icons.galabet1052.com","domain":"galabet1052.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.735Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1052.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:14:03 GMT","end":"Sun, 24 May 2026 11:13:59 GMT"},"fingerprint":{"sha1":"3B:14:63:FD:4D:69:AD:3E:AE:90:AC:62:75:5F:1C:3B:40:70:81:66","sha256":"67:D1:79:82:FD:52:DC:63:91:45:A6:57:3E:F7:D3:BE:95:EE:80:07:4E:A0:E0:43:F1:1C:9D:1B:E1:2E:48:79"}}},"request":{"raw":"GET /svg/Info.json HTTP/1.1\r\nHost: icons.galabet1052.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m-galabet1123.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nlast-modified: Mon, 30 Jun 2025 11:11:30 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=OJPoKDPI2Y4A_L6elwfXoaGH.LKHSqmPiOfVnSpGcyQ-1772117635.8091204-1.0.1.1-fDq94ExnYbRk3wF5Io8dzV99vZ0B3fKO6MABoXvL56bnX5FKHWoiUbsRfHZRPrYDOLJR30xxZdeMyZwq1fliTTyBXH65p71WqQ8_PgapYBODK6GiCDD2THEVcIRI6dtd; HttpOnly; Secure; Path=/; Domain=galabet1052.com; Expires=Thu, 26 Feb 2026 15:23:55 GMT\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=So1e2PkNBWLWlYcoKX2GlJI3fY7wXUngdSOSaD3wEsThTadpw%2FL0Lki5Ck6aLnjS%2BiImF0KVXJ2yJz76vdyUcaG0oo0tAid6VNAlfVj5%2BMe9YZOZuw%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\netag: W/\"686270e2-1bc\"\r\ncontent-encoding: br\r\ncf-ray: 9d404657cb144c11-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":444,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"64a19d948a311d44a85ed7a0cef3e5cd","sha1":"1822d828ac00f2c60ee66a2c9acf5c84dcc7a962","sha256":"038925d678f609d6307e50af1575af63018358c6c100599ec118de6bca31334d","sha512":"4cf650a02c477a06f907ec26c15777cc0b651ddd6e95d890e5d4dd880fdf4458504415332280efe72b091ebdbd8844c60fcd0a2e7bd9bea4ded7c6dc47de8d92","ssdeep":"","tlshash":"fdf0e528953096bccfae22ff911828a2200f642bc87e1575e23d938c5f1b81492e8c19","first_seen":"2025-12-24T22:39:16.23478Z","last_seen":"2026-03-04T19:25:33.595252Z","times_seen":6,"resource_available":false,"data":null}},"time_used":153,"timings":{"blocked":72,"dns":0,"connect":0,"send":0,"wait":81,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/index-E_Qw-LwW.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.835Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/index-E_Qw-LwW.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m-galabet1123.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=4,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"173c-gZvawifXu22PBlRooPZe1ml9MTI\"\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RRSTsjG53%2BIL1GvM3WDHHxEUMuPwVbtNZ3hbX61iuVs8e%2Fqi8ZpTE%2BX%2BJcnp2ptuHVZCxTEuXGGpWRluYZT0dQ3CHaWjgad5%2FsoXF3YyW5oG\"}]}\r\ncf-ray: 9d404657cb0ee0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":5948,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (3085)","md5":"9a5934fdbf3896c23908942c6ec28e8c","sha1":"819bdac227d7bb6d8f065468a0f65ed6697d3132","sha256":"83fa3f48a7e001a7d28471b096a8806e83653854e7aeeb15c4dd979cf31ef3a4","sha512":"5cc79da26050a6c76f22fedbe2e38373849eb51337ed406c5d035935c348268dbd172717a209a97b8388223f9c8dce07018b7ccdfa043716b518ebe1fc61663e","ssdeep":"96:q1SCtCFV0h7FhpokS73sjlsv2InwLRiTvHUgAaQKFJ0FdWpA6u6PEDdxrOq+IHWE:J0ljijHvN0FdIuSEDdxP+Vj8Eu","tlshash":"ebc1a65631907534c6d204a6914f82aeef3e7638f00f50a0b23f9c6d3ba1115daa3ebd","first_seen":"2026-02-24T14:23:51.109809Z","last_seen":"2026-02-26T17:03:57.724952Z","times_seen":4,"resource_available":true,"data":null}},"time_used":113,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":113,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/DisabledMarketEvent-h1nKsvD1.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:56.405Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/DisabledMarketEvent-h1nKsvD1.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m-galabet1123.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:56 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=4,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"980-yamny25TsjAicdaEPHvlc8BbJJw\"\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=N8PcU5jg%2FSfV68sgSgsFYV0kvBkM%2FqrA1DO7v2sUxVLbpCnV1vdke9zK7HGDWjXgckoGYRZQLv1QekGTxmBsTwejpjmUk95%2FngHlSqn0Lb3%2B\"}]}\r\ncf-ray: 9d40465b4c63e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":2432,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (2431)","md5":"cafa2204750e6c428d8d41b6352c085d","sha1":"c9a9a7cb6e53b2302271d6843c7be573c05b249c","sha256":"24de6c529bd7bdafa022cf861a72397ca443c76bfa60e98475c9bbaa32d2ecf3","sha512":"1cf092dccfc5de91708958ba521a58df056c8d34bb1b490e1e12418e6775872817a2e9be50f976b8a0de0f97b09043a52096b7df9b425a86c5d4d384a37efc14","ssdeep":"","tlshash":"df415469e3a0fb7d653608dcd33f1a2a740906b1eb650992d07e0c3d1a1814e751ef9d","first_seen":"2026-02-24T14:23:51.276124Z","last_seen":"2026-02-26T17:03:57.830269Z","times_seen":4,"resource_available":true,"data":null}},"time_used":122,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":122,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"statistics.btcoservice27.com/images/e/s/0/292.png","fqdn":"statistics.btcoservice27.com","domain":"btcoservice27.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:58.165Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"btcoservice27.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 09:41:42 GMT","end":"Sun, 26 Apr 2026 10:41:35 GMT"},"fingerprint":{"sha1":"81:21:C1:62:6C:B3:8C:D6:3B:78:1C:03:98:EB:E4:B5:0B:08:13:4C","sha256":"86:BF:9F:A3:FE:30:F5:BD:7B:AD:63:3C:D7:11:72:E8:91:A7:06:23:A8:B5:1E:96:CD:28:18:3E:4C:48:4C:86"}}},"request":{"raw":"GET /images/e/s/0/292.png HTTP/1.1\r\nHost: statistics.btcoservice27.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:58 GMT\r\ncontent-type: image/png\r\ncontent-length: 1410\r\nserver: cloudflare\r\nlast-modified: Thu, 19 Apr 2018 17:42:50 GMT\r\netag: \"166e10d65d8d31:0\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\nx-powered-by: ASP.NET\r\nexpires: Sat, 28 Mar 2026 01:14:30 GMT\r\ncache-control: max-age=2592000\r\npragma: public\r\nx-cache: MISS\r\naccept-ranges: bytes\r\nage: 49167\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nset-cookie: __cf_bm=GYZ2agYr6kR0OXzIX4nel7tQC9vIbQrxKns.wdetieU-1772117638.1330252-1.0.1.1-OshPKFfdpxqrHKrGs6Gh3XcxNTJqVGDvYOE1Ekbg8RNSPoz6pUE7qYSrLsJbmiQWPN2FtHSv37MkemNJXWiOD.PbEE5YmuJfQVVSxmR4BMUoAwTqaghbMKL2ldY6Kjna; HttpOnly; Secure; Path=/; Domain=btcoservice27.com; Expires=Thu, 26 Feb 2026 15:23:58 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=56V0beXJehOF9EBFN9cv%2Fy%2Fd%2FQ4sunn%2FVSkS%2Bq8zDYo0dt1rA5GgRYzdeldlWHjMstokrHjMs3p%2F2yd86PgdVPoZp9mCPq8LhU%2FnhMGg1Sod5QDlxgrUtKgU30o%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d4046665dfa4c11-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]}],"data":{"size":1410,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced","md5":"b7b911a17fbfcdd38252cd954cc196e7","sha1":"cd87b2fb8a31209aca52863035d4fb13367f5d20","sha256":"d814a31b6d2af3bc9d2e71095bfca1cf6a4e037a0593679480e556edee7e1b08","sha512":"245e884549ff39fc582002589b348963c43dc9a815e1ad16ab142abbf5e2b9497cf35f76020765962ba041c232bf49efecded275d27287540ee9b929259e30a3","ssdeep":"","tlshash":"742108c8032864ecf92f8b5d226ec0a4c76513fd23b030d83081fca261029c84ae88ce","first_seen":"2024-08-19T17:43:20.936919Z","last_seen":"2026-05-30T18:23:45.181246Z","times_seen":35,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.segment.com/v1/projects/lilPWXhBdHIJK2XkMZqV7SFa8UZQZd0D/settings","fqdn":"cdn.segment.com","domain":"segment.com","tld":"com"},"ip":{"addr":"3.164.239.145","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:54:02.803Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segment.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 16 Sep 2025 00:00:00 GMT","end":"Thu, 15 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"90:3F:7C:B8:04:2E:CD:A4:E1:F1:8C:5D:DB:17:18:85:E6:C0:E9:98","sha256":"18:9C:5C:43:17:4C:C1:EA:72:5A:8E:DD:37:64:4C:DF:83:99:F4:51:8E:85:20:61:7F:A0:40:01:DC:6F:65:43"}}},"request":{"raw":"GET /v1/projects/lilPWXhBdHIJK2XkMZqV7SFa8UZQZd0D/settings HTTP/1.1\r\nHost: cdn.segment.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m-galabet1123.com/\r\nOrigin: https://m-galabet1123.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 740\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, HEAD\r\naccess-control-max-age: 3000\r\nx-amz-replication-status: COMPLETED\r\nlast-modified: Tue, 17 Feb 2026 05:37:14 GMT\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: wSQ7leGkMZEupC3bQNtebP5w7SuPxS7K\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\ndate: Thu, 26 Feb 2026 14:54:02 GMT\r\ncache-control: public, max-age=120\r\netag: \"556e2fef94fd6cbe6ed83771f215828c\"\r\nvary: accept-encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ec47ad650ce8b90cf8852923bd4f4320.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P2\r\nx-amz-cf-id: sIJK7c-nR0JLz9fNRvhzDdd58QbgWXXWSi-VP2nvGxhjrKpD0yAVqA==\r\nage: 117\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":740,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"556e2fef94fd6cbe6ed83771f215828c","sha1":"01d1ec8eb30db250cd96b175514a47442b8e29c1","sha256":"02e42c6d7678511fc5d27402ef5fbc93d015c9ce4f87d6f856cdaba0056ee45a","sha512":"3281558a218b65e59837390bb0ee260ea85303158b7adcb745237adf93631d33d64a786ed480cc60908f6f6c7cda9a10581ce44c457a4bff204f1879a4b232ba","ssdeep":"","tlshash":"2e01c0cd3420b1b38d4a8b23c9197d037ef58878198a653054be6b4c00badad03dada3","first_seen":"2026-02-24T14:23:51.349331Z","last_seen":"2026-02-26T17:03:57.974607Z","times_seen":4,"resource_available":false,"data":null}},"time_used":125,"timings":{"blocked":43,"dns":0,"connect":8,"send":0,"wait":39,"receive":0,"ssl":32},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/walletConnect-CiycSUBb.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.230Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/walletConnect-CiycSUBb.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m-galabet1123.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=4,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"7ce-4NL9XQUE1X1LJPUYsilS0smIp/4\"\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Ofe2yvJ3xSde6cggDxsm2sernpiq5Qvoo7nfvBspg4o6R4oP0dAtqZR23i9bPWvEj7v2xouPMU28SqjKEckaFCikOj5E3l6B1tdqTF8j3hEM\"}]}\r\ncf-ray: 9d40465429eae0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":1998,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (1997)","md5":"da47465662d5f1b88313ef72ebb29b9b","sha1":"e0d2fd5d0504d57d4b24f518b22952d2c988a7fe","sha256":"3bab1d05ac548fa6a9da34691fb10a9952e78e39de56d9db8e707490f5693803","sha512":"0caccce9e0a63d128acb707352cf961d8f203ab6088a491971a415a6902229d366a19c5983aa951831611446a97d432ac6eb2fa0aaba7cafee0d82e68688bcb2","ssdeep":"","tlshash":"cc4153ed9a14e4fccd74d1801ac9a709a0268ec6b40d40cb71cd912f0ffd4aad546b27","first_seen":"2025-03-03T02:49:15.275081Z","last_seen":"2026-06-06T21:30:11.623634Z","times_seen":1659,"resource_available":true,"data":null}},"time_used":98,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":98,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/SystemBetCalculatorContainer-BmSNbe1d.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.813Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/SystemBetCalculatorContainer-BmSNbe1d.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m-galabet1123.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=4,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"378-C6Zo3ldTKpnUnpq0AXY/6IvtP7c\"\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zf4BvsnHyQoUrt54JKPr0defO7QqqwtP7F1EQUvKXOXYZLExKRu9V4r5VGvfeE%2F8WnwU08qBZGDP77O5zlLb7gCf19WTscaE5%2BICd2igY0F4\"}]}\r\ncf-ray: 9d404657baf2e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":888,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (544)","md5":"690145235a675d77bd5d22c88fdecc1e","sha1":"0ba668de57532a99d49e9ab401763fe88bed3fb7","sha256":"de4489e163ab1a989441ebac43016178c8c04ab7a9915ca5bd58da750b0c8caf","sha512":"e788679931673924ed51a6cf036cf5edfce7f1c8f4d6c13f36176b4400cc89b91e51b0355acd38c7706775f1569c52f84f6f21a06bb9369eeca5ea85a3957593","ssdeep":"","tlshash":"a1119c539718ce75848a0f660945a0541db54618a918f668b6e58c3cf51408387fffbb","first_seen":"2026-02-24T14:23:51.314888Z","last_seen":"2026-02-26T17:03:57.912547Z","times_seen":4,"resource_available":true,"data":null}},"time_used":117,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":117,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/__proxy-cms-media/storage/medias/galabet10/media_751_609aa2021173dbc7867be74ac403fadb.png","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:56.383Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /__proxy-cms-media/storage/medias/galabet10/media_751_609aa2021173dbc7867be74ac403fadb.png HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/tr/\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=0; twk_idm_key=1j_Pbe3wZINlDTDhzscRH; twk_uuid_69345a05c4e6ba197aefa96c=%7B%22uuid%22%3A%221.92R1qCgyJWowz2iTiEpRwBM0xZehlrdmh8bxgIdk3R7rbioXvAdL6Ij0M1frbRAs6Dh30m1oA1FRvNd3M7KvvDyVS879Xvfp17FFvDm7hE25401h5GP6zS56Sncq%22%2C%22version%22%3A3%2C%22domain%22%3A%22m-galabet1123.com%22%2C%22ts%22%3A1772117636060%7D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:56 GMT\r\ncontent-type: image/png\r\ncontent-length: 2609\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: Content-Type\r\ncache-control: public, max-age=315360000\r\nvary: Accept-Encoding\r\nlast-modified: Wed, 23 Aug 2023 05:40:21 GMT\r\netag: \"64e59bc5-a31\"\r\nexpires: Sun, 24 Feb 2036 14:53:56 GMT\r\naccept-ranges: bytes\r\nage: 596636\r\ncf-cache-status: BYPASS\r\nset-cookie: __cf_bm=jkSpyClDIngwBnuVI7g7RjRRYiXZvCCAY_juTclsyVs-1772117636-1.0.1.1-Y_LYvkSleyaorAFbXKsZifObXY_3GKCQXymLHfZ3SlXhLITO_hxw8CasMpNy01kN3eL0y7Gg1flHuMiILNQj5_0vyZPyhGPYn1Q7OAkUrVo; path=/; expires=Thu, 26-Feb-26 15:23:56 GMT; domain=.betcoapps.com; HttpOnly; Secure; SameSite=None\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=V356No5I0X%2FFcym4iEMuNyZ2oubP4Ok5oCWwhf3IsHv2M49Khji2LIUS9I3NXW%2BuRTqKQ7a%2BaZFaOJv3jYcnFtvkIUQEDS01EccAPs2SOSvv\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9d40465b1c44e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":2609,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced","md5":"7081c9d3ea2a6fa19a82d1f725a61d11","sha1":"3c161f97bafb034eb192b0ef890a5f2e4b3d39cb","sha256":"61390467d0ee7bf0ac7253d9128af3b18943ddc4effe0ef415b1d0ab9e4da2d1","sha512":"0c2e13235adef124de8c8fef5009e25cd362690a5865db9e3ac68b80d9bc4f6e30f13880416a42206ea81cd932ca17912a2bfeee7ade6f647b0c00f46b376a39","ssdeep":"","tlshash":"ab511cf531120e38d6a470339d16dec67804b445c4afc416f992eb2d3da61a478cbdb9","first_seen":"2025-12-24T22:39:15.996531Z","last_seen":"2026-06-06T23:43:56.124757Z","times_seen":54,"resource_available":false,"data":null}},"time_used":94,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":94,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/GameSuggestedEventsWidget-C1YjPNkk.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:56.479Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/GameSuggestedEventsWidget-C1YjPNkk.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/assets/DataspotTracking-BGnsxVvd.js\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=0; twk_idm_key=1j_Pbe3wZINlDTDhzscRH; twk_uuid_69345a05c4e6ba197aefa96c=%7B%22uuid%22%3A%221.92R1qCgyJWowz2iTiEpRwBM0xZehlrdmh8bxgIdk3R7rbioXvAdL6Ij0M1frbRAs6Dh30m1oA1FRvNd3M7KvvDyVS879Xvfp17FFvDm7hE25401h5GP6zS56Sncq%22%2C%22version%22%3A3%2C%22domain%22%3A%22m-galabet1123.com%22%2C%22ts%22%3A1772117636060%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:56 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=3,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"e8e-Os1anBER2O3YZQKJmZxNEEaJ5jM\"\r\nage: 0\r\ncontent-encoding: br\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=M2cVXDCk6wwYI4aqvRfmRp630IHerKTssvrPHpXz8wyHSN%2FMbKvmmaiKhgCTuV4N3BrjWUv5X5XAOmhlXtute3gl%2BmxFokJ8YwV3d22k%2BNST\"}]}\r\ncf-ray: 9d40465bccb8e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":3726,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (3725)","md5":"43787a45f5cfe74078cbc565e4521f6d","sha1":"3acd5a9c1111d8edd8650289999c4d104689e633","sha256":"cd5da6dea240ba73bfe9cc022b7d9453583f2101b409e94833a3aae12cec1a1f","sha512":"090bda22324787190a13f5acbea2eceaad19784af2d260ac172a2927898e787ecdfacf87d12a74f6ab5fbf3b8b2cd2e18a9d8c970aec4dba4dbd4c7e5eb443aa","ssdeep":"","tlshash":"7071e74ae010aa39a13740d82bef3219153632b4b94353c1b63fca7123f55926b5bbdf","first_seen":"2026-02-24T14:23:51.248389Z","last_seen":"2026-02-26T17:03:57.756743Z","times_seen":4,"resource_available":true,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1052.com/storage/medias/galabet10/content_751_81708316ae460e2d7c097fe8bfca6077.webp","fqdn":"icons.galabet1052.com","domain":"galabet1052.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:57.684Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1052.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:14:03 GMT","end":"Sun, 24 May 2026 11:13:59 GMT"},"fingerprint":{"sha1":"3B:14:63:FD:4D:69:AD:3E:AE:90:AC:62:75:5F:1C:3B:40:70:81:66","sha256":"67:D1:79:82:FD:52:DC:63:91:45:A6:57:3E:F7:D3:BE:95:EE:80:07:4E:A0:E0:43:F1:1C:9D:1B:E1:2E:48:79"}}},"request":{"raw":"GET /storage/medias/galabet10/content_751_81708316ae460e2d7c097fe8bfca6077.webp HTTP/1.1\r\nHost: icons.galabet1052.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:57 GMT\r\ncontent-type: image/webp\r\ncontent-length: 39974\r\nserver: cloudflare\r\nlast-modified: Mon, 15 Dec 2025 14:02:35 GMT\r\npriority: u=4,i=?0\r\netag: \"694014fb-9c26\"\r\nexpires: Thu, 05 Mar 2026 14:53:57 GMT\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nset-cookie: __cf_bm=46WXdUJYI911PIQMRfOHghD9kl.IHKRFw6EOrEndk3I-1772117637.6743233-1.0.1.1-yfpbQkSeJZh2ffPe.qcBxmz3Inn8X.EZ0UqmtKZLR8Os_5RSD4KpgsmWrHVfvyIuHMcSLbSE4bvr2LELHbUdPR1.pbjzqkd.0fTyR0B8ovsrpVwmVm06XELRB_xMj2.h; HttpOnly; Secure; Path=/; Domain=galabet1052.com; Expires=Thu, 26 Feb 2026 15:23:57 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=AbReCCmYSJ3Nbq441MCsaEn6WFZdBn0MRZGyzREw004GEAvtuatwA4AqZIQQHtVo15GMrg7VdigvafO7XWQilR8dsfN59FQplr9fAg%2FxylpYAzzaAw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d40466378d535a6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":39974,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"86013b42eae428e11372f049516b7ff9","sha1":"225a913e812a35bbd292b3316c359967757f3801","sha256":"e55c587494457c03fdc8be31a70077cbab07905855cdf253454ab76b7b069271","sha512":"524cd729a736a3cea55239e8a2cc8d1434bda345dc35a6e663552ba59db3be7adb4419ed21cfda32a1468a0dd735e910482186438c6cc119f70064e1d854771b","ssdeep":"768:IEmoxuaqs5NSF/H1M1photHZYN+MeKRlSGifuJvy2UbLWIKp8mkx+:xdxuUgFm1pmHOsMHlSms2P8mkx+","tlshash":"790302a130ad0760f79a56ebb11d8d3a91167fc149be3c782c780c5cf379fe64658650","first_seen":"2025-12-24T22:39:16.381848Z","last_seen":"2026-06-03T04:20:31.952385Z","times_seen":63,"resource_available":false,"data":null}},"time_used":130,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":96,"receive":34,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.recaptcha.net/recaptcha/api2/webworker.js?hl=en\u0026v=AWtrSI7lAmTAfV1rzWqEqz54","fqdn":"www.recaptcha.net","domain":"recaptcha.net","tld":"net"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.recaptcha.net/recaptcha/api2/anchor?ar=1\u0026k=6LcKXcgUAAAAABnErUWDwYMpRiWUfgDhsWTkyPIJ\u0026co=aHR0cHM6Ly9tLWdhbGFiZXQxMTIzLmNvbTo0NDM.\u0026hl=en\u0026v=AWtrSI7lAmTAfV1rzWqEqz54\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=30000\u0026cb=6cuqg1jf8bo2","date":"2026-02-26T14:54:00.687Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"misc.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:37:13 GMT","end":"Mon, 27 Apr 2026 08:37:12 GMT"},"fingerprint":{"sha1":"1D:B7:FF:F3:A7:EB:04:37:58:20:FF:70:42:4E:C5:27:15:FA:1E:C7","sha256":"CE:EC:8F:31:12:28:68:A1:3F:33:BC:6A:1F:2C:39:6D:D7:D2:B3:C1:C2:F9:18:2D:36:38:44:E9:CB:9C:88:A0"}}},"request":{"raw":"GET /recaptcha/api2/webworker.js?hl=en\u0026v=AWtrSI7lAmTAfV1rzWqEqz54 HTTP/1.1\r\nHost: www.recaptcha.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1\u0026k=6LcKXcgUAAAAABnErUWDwYMpRiWUfgDhsWTkyPIJ\u0026co=aHR0cHM6Ly9tLWdhbGFiZXQxMTIzLmNvbTo0NDM.\u0026hl=en\u0026v=AWtrSI7lAmTAfV1rzWqEqz54\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=30000\u0026cb=6cuqg1jf8bo2\r\nSec-Fetch-Dest: worker\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/javascript; charset=utf-8\r\ncross-origin-embedder-policy: require-corp\r\nreport-to: {\"group\":\"recaptcha\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/recaptcha\"}]}, {\"group\":\"coop_38fac9d5b82543fc4729580d18ff2d3d\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d\"}]}\r\nexpires: Thu, 26 Feb 2026 14:54:00 GMT\r\ndate: Thu, 26 Feb 2026 14:54:00 GMT\r\ncache-control: private, max-age=300\r\ncross-origin-resource-policy: same-site\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"coop_38fac9d5b82543fc4729580d18ff2d3d\"\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":102,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"0dc610372a954697374871dd1fa2862c","sha1":"b57b88fbd3353544efa8fbbefa27b2d8c83ee734","sha256":"a4540eea14e982adb5de2c5d14c1c175cd088a66b28f61f99d4b785dbbfa6d6d","sha512":"913eb0cfe4dbd8ec7ddcc68f4c3ac8c993d032645347377e0206090e19c05394a630f68711f897af91e8bba04e64663a67a2afb2ff47a2b86baf606c86bbf097","ssdeep":"","tlshash":"21b012371650cc2c0d000542d62793ace0434228e65081f8617d2fe812141735001d10","first_seen":"2026-02-25T19:48:53.042109Z","last_seen":"2026-04-08T03:49:47.864479Z","times_seen":6867,"resource_available":false,"data":null}},"time_used":36,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":36,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/custom.css","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:53.627Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /custom.css HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:53 GMT\r\ncontent-type: text/css\r\npriority: u=2,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"4468-ZESovElxZOGjxoB0wPUqlNZPl68\"\r\ncontent-encoding: br\r\ncf-cache-status: EXPIRED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qadXWEhV2Diaq1opTM3DzdIl8Tq%2FVPKo33njSKhayfFG9PvGxsn3tMvMulATA9Al%2FGKgS%2B5rryQuGPESGk5Q2d23qFR8dlFcME5i3SBSzxeo\"}]}\r\ncf-ray: 9d40464a2f1ee0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":17512,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text","md5":"741b7cd90b7cd424ad0398fb6fe8bf7d","sha1":"80a5432576df3683b308a9f324fd4af1b411b90a","sha256":"00a82043b8355ad2a5108b951b7381610663a316af7c0282b182b50d5f357143","sha512":"d1c30de5f1a3a9a8eb4931633e5ccdca464dc2794eec42f6c9278aab6d40fc38d239f5e80af794edf3bd51245478a3e794add9618074241e029295ce9716b4e8","ssdeep":"192:52SyYVVLN2Ns2hamJqKbEiExkouE20i62UYx6lY9qywNqVh4P02pHnNrXoV8ICNP:wYUrhaJRW6bLpHr5p","tlshash":"d472a553fae31999716b8198666bb3fc7e7d404387099d787b94b3748f837e28031a48","first_seen":"2026-02-24T14:23:51.451664Z","last_seen":"2026-02-26T17:03:57.892159Z","times_seen":4,"resource_available":false,"data":null}},"time_used":143,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":121,"receive":22,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1052.com/svg/TvGames.json","fqdn":"icons.galabet1052.com","domain":"galabet1052.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.733Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1052.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:14:03 GMT","end":"Sun, 24 May 2026 11:13:59 GMT"},"fingerprint":{"sha1":"3B:14:63:FD:4D:69:AD:3E:AE:90:AC:62:75:5F:1C:3B:40:70:81:66","sha256":"67:D1:79:82:FD:52:DC:63:91:45:A6:57:3E:F7:D3:BE:95:EE:80:07:4E:A0:E0:43:F1:1C:9D:1B:E1:2E:48:79"}}},"request":{"raw":"GET /svg/TvGames.json HTTP/1.1\r\nHost: icons.galabet1052.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m-galabet1123.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nlast-modified: Mon, 30 Jun 2025 11:10:31 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=YaQMXcGEI4X9VjRF3Ug1vSrSuJaQFeMZZLSe_dZDzjI-1772117635.7973971-1.0.1.1-L8TJlhnVeQB0tuENKwQB041lCFwM_7b9c0PrVD332Jp7BsSYpLrsM04VFOpvKmVlxXK4y_KBD1wxSyTl1emYbxkH4duGHrpYKoPZaty8PRjjv8R1Z2Fm3d9x9u4eIeCb; HttpOnly; Secure; Path=/; Domain=galabet1052.com; Expires=Thu, 26 Feb 2026 15:23:55 GMT\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LM%2BAbVsxT5NTX%2Fq2vm3H1jQW6SQTaoDc4hiCAyW209kyWlX31tp5HkV6WG4iYy7036KJG3lfzrvzu%2FBLJdIo5Y1AamE9EPqIRXTrba4qWepyoP2JQw%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\netag: W/\"686270a7-c81\"\r\ncontent-encoding: br\r\ncf-ray: 9d404657bac54c11-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3201,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"8cb4d739571507bd6cd3b25a15163537","sha1":"f8061ea6ba5d599b463f5f146b407b0f6fbe4bfe","sha256":"3b2f15bcef3e58ac040feea4d073d42f18e48bb6f399c4f9f89845931f87085c","sha512":"38862ca5d9bb144dfa4b9c0568f05439e788848d45f8891fe508570322d34200ecb0e3f70dd9f1e8ae5659ae3333fe154d439e797c556ee94fbf88f47ddc3cb3","ssdeep":"","tlshash":"41619c87ff3089e04a7c5f99af6840d76689c05dcf731118b23c643e5af7d5884ac9a9","first_seen":"2025-07-08T10:50:27.694177Z","last_seen":"2026-06-08T11:36:24.492839Z","times_seen":498,"resource_available":false,"data":null}},"time_used":145,"timings":{"blocked":62,"dns":0,"connect":0,"send":0,"wait":83,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/Tooltip-CV9gl-ox.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:56.765Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/Tooltip-CV9gl-ox.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/assets/JackpotPoolsWidgetContainer-CG5gkeJb.js\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=0; twk_idm_key=1j_Pbe3wZINlDTDhzscRH; twk_uuid_69345a05c4e6ba197aefa96c=%7B%22uuid%22%3A%221.92R1qCgyJWowz2iTiEpRwBM0xZehlrdmh8bxgIdk3R7rbioXvAdL6Ij0M1frbRAs6Dh30m1oA1FRvNd3M7KvvDyVS879Xvfp17FFvDm7hE25401h5GP6zS56Sncq%22%2C%22version%22%3A3%2C%22domain%22%3A%22m-galabet1123.com%22%2C%22ts%22%3A1772117636060%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:56 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=3,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"334-Ak77TyGB79Nf97CZbjUX2xIDkdY\"\r\nage: 0\r\ncontent-encoding: br\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9i%2BtiRHQIOH0zTnQe7J8HxA%2FG%2FCvyvbrkwQJ2%2FGmz%2FZEHL6Vi3MLI8dFNbrYqzC6pxT95UzxAA%2BW2%2B50spBqEsDOB92upddowqFkykN1FzRh\"}]}\r\ncf-ray: 9d40465dbd50e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":820,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (819)","md5":"c664a5ff794ec2d4923355276efa0494","sha1":"024efb4f2181efd35ff7b0996e3517db120391d6","sha256":"0544e8134a6142b6b1562ae0ed7f436c4432371c51bd27b2d4ef7787dded9749","sha512":"7e3e1f83336d26f2e7024b35825c268d4ada8b770e4a4bbfab2b2d7d160dcea410b775fcab5f563b66fb1767aca1fa53e891581c14e489fc1529c703f82cf51a","ssdeep":"","tlshash":"1201f646e032fbf4e17754db142d966d7253266cbe2f58f0a038058f0ae4984d317b8a","first_seen":"2026-02-24T14:23:51.012578Z","last_seen":"2026-02-26T17:03:57.835687Z","times_seen":4,"resource_available":true,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/SliderMarket-CiXvKW3i.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:56.829Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/SliderMarket-CiXvKW3i.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m-galabet1123.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:56 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=4,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"4fd-xF9+NuV39qOFjH+xfBQrUxfHpww\"\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5GHSg98FLbEWhfKqOPdX4d5S4YJuCmYddVjuRMn8OJuWkHhzdXCjZxJLeO8AhelcN2iuik2CXXXvcrtNqt%2FHtBbxczNJzvJeRgAGbOMmQ4FR\"}]}\r\ncf-ray: 9d40465e1d5ee0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1277,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (1276)","md5":"a35dee8833cc3474941c8ae9f42ab0d0","sha1":"c45f7e36e577f6a3858c7fb17c142b5317c7a70c","sha256":"4e199e3e49aa35595c65e4b71e7f7afeab3c7136689cc49166647cb309090206","sha512":"e990db021995ea83acd1e1e9669e3b1b254c29951d151d0aa8ae905c94c41c9b4d81890245dad72d344d34a888022948803d8941e73b41e0fa73fea2406c7ef9","ssdeep":"","tlshash":"0421404af120e5b0326a8cccc034272230352aa2dbb4e2c1e1afc7111f38259f71eb16","first_seen":"2026-02-25T02:34:32.612974Z","last_seen":"2026-02-26T17:03:57.930846Z","times_seen":3,"resource_available":true,"data":null}},"time_used":102,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":102,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1052.com/storage/medias/galabet10/content_751_c372c2b09b76d984de01cd2413db3fa9.webp","fqdn":"icons.galabet1052.com","domain":"galabet1052.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:57.686Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1052.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:14:03 GMT","end":"Sun, 24 May 2026 11:13:59 GMT"},"fingerprint":{"sha1":"3B:14:63:FD:4D:69:AD:3E:AE:90:AC:62:75:5F:1C:3B:40:70:81:66","sha256":"67:D1:79:82:FD:52:DC:63:91:45:A6:57:3E:F7:D3:BE:95:EE:80:07:4E:A0:E0:43:F1:1C:9D:1B:E1:2E:48:79"}}},"request":{"raw":"GET /storage/medias/galabet10/content_751_c372c2b09b76d984de01cd2413db3fa9.webp HTTP/1.1\r\nHost: icons.galabet1052.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:57 GMT\r\ncontent-type: image/webp\r\ncontent-length: 25320\r\nserver: cloudflare\r\nlast-modified: Mon, 15 Dec 2025 14:02:58 GMT\r\npriority: u=4,i=?0\r\netag: \"69401512-62e8\"\r\nexpires: Thu, 05 Mar 2026 14:53:57 GMT\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nset-cookie: __cf_bm=hCPXZc5S.4L2rS7e.A.udWm8LGNC_Ps6NThB1BjKues-1772117637.6776323-1.0.1.1-0B9XZkwTH.tIOr7mILjVX75Z3D3vHCdlJcdSckxumrHIjBak1PvcWJyNNOOYrsUf3YKWXvsOlAID9goR7Oh.COKzTW6Ak0.spCmFP4RYITgN0RtwMser384AV0kkBsUN; HttpOnly; Secure; Path=/; Domain=galabet1052.com; Expires=Thu, 26 Feb 2026 15:23:57 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DgDUxaDV5n%2BOCgLWWEk7V93E6676mgiDkWgUQbbW6qqdj9JZry6RQZJpcaUSARxuJDw5CTTtf8siOSHNXI5AyRicDxoaVpgwksAh1PeaJeNEmc8m5A%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d40466378f435a6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":25320,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"acc869e91de526af3cc37efa5e7cd714","sha1":"96a65c3c5c64e544be0a75f42e7578147811db69","sha256":"57b2bd8ba04c5fc5617770502b74fbcbe449dbb22377f04e8042147dcc5da51b","sha512":"d35b2e9c750078007a66162e0b7956edb0b85f33f4e5fdaa25c83b7a4bbbb8e7540ff6eaa60d012ba904f0254bf0d35ac531b422eaa44763a785f64f01442722","ssdeep":"384:2AJyeaoQmlt01QNg7DPEqZK5Ud6nw4Gw+Ma8iASXoK41z+I/gYbz0n89B/EV:ZyeaoQmlS1BL6uwLHSYK41+Hc0nce","tlshash":"82b2f1b0154ab6d3708548666c0d3e9017ce8f5034ae0bf4789020229765f5fe4cfb9a","first_seen":"2025-12-24T22:39:16.063814Z","last_seen":"2026-06-03T04:20:31.844925Z","times_seen":63,"resource_available":false,"data":null}},"time_used":139,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":100,"receive":39,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/lodash-BtsIEKKa.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:54.155Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/lodash-BtsIEKKa.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/assets/index-Dm17uEDJ.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:54 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=3,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"28638-levksTw/7ZT3AoNV3Eni1s4AOI4\"\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CxGU3KpoEGV9wwJbNb%2Fq4qaBL7b6JKoTL7yMWG9rdu7%2BEDIzeLNDVuppWE6R2B4MJPanu%2FbLuwooS5%2BLQKcDVAjoo9I4ta9UsSe8WeP6PyVo\"}]}\r\ncf-ray: 9d40464d8816e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":165432,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (35494)","md5":"5bc7777b8892642f23cd66c6e8d340d5","sha1":"95ebe4b13c3fed94f7028355dc49e2d6ce00388e","sha256":"b63e578e7a1623b8704017a97c4c4a2fc9893e75cacb4036d7a44e0c4130d890","sha512":"7055ad31472662e8b5c146095854ace0e9c9ba9da557bc6fdb31cf77082a158465dd5eb9144c3c16209bf8feb546b15556aaa0449a60365430434c01913f7031","ssdeep":"1536:KR0fO7acP1TyOF/Lkj1hvbm5889266e0YRbIfY47ePu3nVd7oa+i5DnIp6EvIjLv:KScPuV/87IQ4Xn6sjLeN551tQr9M/q","tlshash":"74f3a0c835d3f4a283a7287440bf084bf23dad65a84cc554e1aae0dd7db8919c277e6d","first_seen":"2026-02-24T14:23:50.996294Z","last_seen":"2026-02-26T17:03:57.824337Z","times_seen":4,"resource_available":true,"data":null}},"time_used":177,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":101,"receive":76,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1052.com/svg/Popular.json","fqdn":"icons.galabet1052.com","domain":"galabet1052.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.721Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1052.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:14:03 GMT","end":"Sun, 24 May 2026 11:13:59 GMT"},"fingerprint":{"sha1":"3B:14:63:FD:4D:69:AD:3E:AE:90:AC:62:75:5F:1C:3B:40:70:81:66","sha256":"67:D1:79:82:FD:52:DC:63:91:45:A6:57:3E:F7:D3:BE:95:EE:80:07:4E:A0:E0:43:F1:1C:9D:1B:E1:2E:48:79"}}},"request":{"raw":"GET /svg/Popular.json HTTP/1.1\r\nHost: icons.galabet1052.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m-galabet1123.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nlast-modified: Mon, 30 Jun 2025 11:12:59 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=L1uLtdk2mPQ_t5PrkYp.bDXhY2WaZyQ_UFxGgeRDZQg-1772117635.791616-1.0.1.1-t_KqVsU7Chl1eeYlzvZAri9P2nZWfq_ZudaxODT9gEVUAUIf2OHmIhacNl02Cpc9JbnDsiysTYz_TrOM7xAaWvLDJUogja8AC5Vg7JAHuKmAEf.O5rDP7LvFx3vM3Gdo; HttpOnly; Secure; Path=/; Domain=galabet1052.com; Expires=Thu, 26 Feb 2026 15:23:55 GMT\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=O%2FQxOtFLyLs%2BxY07UE5sSCWMp4tnyvGjbl4Tme67QS9zo%2FXd5h0cwEvrCw%2F3i6Y9KcXS%2FxZkc6GiCTSaCjwULz%2FzY3zQsQ9p4tWVDieS4m79aKRZPw%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\netag: W/\"6862713b-6b3\"\r\ncontent-encoding: br\r\ncf-ray: 9d404657ba8f4c11-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":1715,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"c5f467071e8144988f2ffda2539a7fc1","sha1":"8a2e6953f7f16e38d2c4fa1273ddc217cd623d5f","sha256":"c8979e47d3d8b0c74956b41914c9b7628b362e6013d9f040fce1ea2219e64857","sha512":"1e58d1f9a594b6d9b0e3968c137216904a37abef225ebf00b88d6764df8c8ff0226f5f6307a23e48944071bdc36ed786297968db893be66cf7ddca778015e6c3","ssdeep":"","tlshash":"463110e8da56ebf43c54a30ef7386cf13157085b78d38224052f1e8a23dd519afa8862","first_seen":"2025-10-26T18:38:27.855792Z","last_seen":"2026-05-14T23:49:57.482171Z","times_seen":63,"resource_available":false,"data":null}},"time_used":162,"timings":{"blocked":66,"dns":0,"connect":0,"send":0,"wait":96,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/Firebase-DDwvASrY.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.861Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/Firebase-DDwvASrY.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/assets/index-Dm17uEDJ.js\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=1772117635494; twk_idm_key=1j_Pbe3wZINlDTDhzscRH\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=3,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"1487f-/z5cCqa8JLUxtPY4ZG1J440v5IY\"\r\nage: 0\r\ncontent-encoding: br\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=La%2BUI5moPMATbFyqwIPU98wXGqBr6K%2Fzb8VwsYQvwGu0x8o7pDURWY0%2FkhUHCGD3pE6RmTKX4A0Tto0MXSkxUGHHHVxmTb5ewj%2FdPRMOJ8Kx\"}]}\r\ncf-ray: 9d404657db19e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":84095,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (4779)","md5":"7481cf9dd3ef4629e43999506ee69229","sha1":"ff3e5c0aa6bc24b531b4f638646d49e38d2fe486","sha256":"5dddd0ca4c525657b36e3b4310620f8e3a581c1465be6f5c21c7d32ff6f6200c","sha512":"4f04b6e31a72b4a72c9fba82a07bcb57365c400ced0fc7a49f453812edcf2a3d36da72936d9f2d5f38c08e2ef99d82c5313d827e582591f7f8ecd7f18d29cf59","ssdeep":"1536:V4B1ZtLG0w0MlRdcuwMU51uxIZOLphF4yslNmuICMmWJRvebilqVotWL8Avw+u7h:Vs1ZtLG0w0MlRdcuwMU51uxIZOLzF4yv","tlshash":"3883957d7a922a3317d189ab792f50cbb319c64d390f8394741ec0e91e3e45a45faeb0","first_seen":"2026-02-24T14:23:51.31641Z","last_seen":"2026-02-26T17:03:57.82728Z","times_seen":4,"resource_available":true,"data":null}},"time_used":144,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":102,"receive":42,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/BetConstruct-Icons.DLLrZMEM.woff2?k1tr20","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.878Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/BetConstruct-Icons.DLLrZMEM.woff2?k1tr20 HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/assets/index.BJU6hB4z.css\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=1772117635494; twk_idm_key=1j_Pbe3wZINlDTDhzscRH\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 410880\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"64500-TXRJNW/eGQbudfa5Ph04QnpdL4A\"\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GsruoyUjCTsXzXp0MA0l3WLAyv9IocYKHf7OcwBSC4YNM6rorrEF04uJ5rW4RY7oK3u21UNENxQBA7SQyp8g%2FxPZTUacysXQTYoCt3faqLwl\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9d404657fb2ee0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":410880,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 410880, version 1.0","md5":"50333f7bf6e57f74cfc4bad94b8a3919","sha1":"4d7449356fde1906ee75f6b93e1d38427a5d2f80","sha256":"38f81389d54f3960e7415972e6c29452f3d1e855f3789c9f36c3d3fcfaf3c477","sha512":"10a55137d6af7da3f66c8533f83143a64a9a1edf449720206d3cb53f417baabe0d4d8f40d58bc0f167c1ae5dc6adbce66fab27b2aacb2b8d65619425b7db47c2","ssdeep":"12288:q1c9gPSuZsDVyj9vyLzUU1ZLK9wG9OAAwic:X8SiCzXDLZDZc","tlshash":"4f942308d64d945db9f1bc30247cca91af8b4a6454e71166cfb34caa3378d0b2ad9cbd","first_seen":"2026-02-24T14:23:51.305322Z","last_seen":"2026-05-19T08:20:26.275015Z","times_seen":49,"resource_available":false,"data":null}},"time_used":235,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":109,"receive":126,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"statistics.btcoservice27.com/images/e/s/0/488.png","fqdn":"statistics.btcoservice27.com","domain":"btcoservice27.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:58.189Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"btcoservice27.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 09:41:42 GMT","end":"Sun, 26 Apr 2026 10:41:35 GMT"},"fingerprint":{"sha1":"81:21:C1:62:6C:B3:8C:D6:3B:78:1C:03:98:EB:E4:B5:0B:08:13:4C","sha256":"86:BF:9F:A3:FE:30:F5:BD:7B:AD:63:3C:D7:11:72:E8:91:A7:06:23:A8:B5:1E:96:CD:28:18:3E:4C:48:4C:86"}}},"request":{"raw":"GET /images/e/s/0/488.png HTTP/1.1\r\nHost: statistics.btcoservice27.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:58 GMT\r\ncontent-type: image/png\r\ncontent-length: 870\r\nserver: cloudflare\r\nlast-modified: Tue, 17 Sep 2019 06:34:39 GMT\r\netag: \"c11f3efb216dd51:0\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\nx-powered-by: ASP.NET\r\nexpires: Fri, 27 Mar 2026 20:17:18 GMT\r\ncache-control: max-age=2592000\r\npragma: public\r\nx-cache: MISS\r\naccept-ranges: bytes\r\nage: 66999\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nset-cookie: __cf_bm=rLV4ZltvWPO8MgI5X9v4wZ3obpx9PONUlvnelmZNY8U-1772117638.1562295-1.0.1.1-eSG7l7tve7mvTZuAmWwQvUrylD0b27YBD_2bUigsp23u1sHFR6bn24bbrnmHc4_ap_2i_5oNZxjpzJMcY1RCTqgni_vcssmYtvGUipkLY87JQI.qVNHkYxoEP3DlQrVG; HttpOnly; Secure; Path=/; Domain=btcoservice27.com; Expires=Thu, 26 Feb 2026 15:23:58 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=h0obDi5KDVTnEcuc8rOFczACZrpwjNOFPAgj5s0jS5K5MobUB0YONSRDNs4C6q4n%2Bv7J9%2FriDy2oUuiBOMFzKtoCGNZMzEzpSb%2BZ2haGWXTn4tpVkuNz4iYWYNU%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d4046667efa4c11-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":870,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced","md5":"f5511afb415428d77ecc6396f6222ee3","sha1":"40f9588739d70bc2c4cf57058b5c1b85607ac6dc","sha256":"9e16de42bbc863e883f37118036d9b1a309e35383d830b51c0f5eb870b41d0dd","sha512":"a015af5058b327558bf325c0c03a17d3111c5e30209cb01ed644db9b2ee7072ac295dfcabdc69f8d6b496289be50b9cf302298cb70ae9c4f9fa3e81d776e5db1","ssdeep":"","tlshash":"5f1196e25401e03f115c983ae84f042c492f756142e16a492529c06a1a1c5bc9751f52","first_seen":"2023-11-07T09:35:11Z","last_seen":"2026-05-10T14:37:17.278412Z","times_seen":257,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/index-nSKS2CxE.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.226Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/index-nSKS2CxE.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m-galabet1123.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=4,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"35fd8-2G7tdjadMtACtmpJfgrzIcNerEE\"\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=62SjJ1td2bOCNugzJiNx%2FC3CERIgCfsJaI6qbFP5H4eRAaIU336xdPo5PsOFeYLz78ZU4tBi5fa5aRZ9jmbQ6Y73s4L2cu9i1UbE4eyFKK%2FT\"}]}\r\ncf-ray: 9d40465429e5e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":221144,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (37523)","md5":"37c4c49a4145406837780bbb7247a394","sha1":"d86eed76369d32d002b66a497e0af321c35eac41","sha256":"b6c086f2a21e2899b76a9393b869eb8a6703f59eeda23f3d5fd5971673288ea0","sha512":"b9f970a925bd992a373a452ffef7869ebfac3e8770a1587c932a88435d4c2131e18236af156b0aedd5da7a9cb77ea64b0397d783b5898b2efbdea01f249858c4","ssdeep":"6144:YfeL9y0h4R78o8e4YQIALoh6wj9Sd51jjVvFahIRcDGRD6On:YmJy0h4R78o8e4YN/j9e5xahIFROQ","tlshash":"23240ac4b274b0b556e59494502b1201f1347c56b00d80e8b6bd9dff7faa88d92eef3a","first_seen":"2026-02-24T14:23:51.32626Z","last_seen":"2026-02-26T17:03:57.796635Z","times_seen":4,"resource_available":true,"data":null}},"time_used":219,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":110,"receive":109,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/AppSettingsButton-B9Bfk5lt.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.865Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/AppSettingsButton-B9Bfk5lt.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/assets/index-Dm17uEDJ.js\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=1772117635494; twk_idm_key=1j_Pbe3wZINlDTDhzscRH\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=3,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"181-Q3sDKsT6bx9KhAS1P7rrjvAVpyk\"\r\nage: 0\r\ncontent-encoding: br\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5tia3fiFLurzgbD9gdwYiNDvUaN2KnGUSdf3J0EYBsjGWb0Ouavl8sE6KY70XH%2FYVzvHY6MLf4APn%2Bac7Mg4ONqu0uLEYm26JL7UOb0lvF8E\"}]}\r\ncf-ray: 9d404657db1ee0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":385,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (384)","md5":"11b72d538039debad23018d55f70656a","sha1":"437b032ac4fa6f1f4a8404b53fbaeb8ef015a729","sha256":"c4f26646d48d997669963b81485af4a66a84c589c5005fa9aac7e81ce4151bd9","sha512":"a558a63166c1c05cd1f781fbe1e412559881d4e502a5768961783da4cedf90ccdb34d072f0921cc027c35bdc157f9fca17973d2e5617b1eae1ffcf1e7ec37c79","ssdeep":"","tlshash":"aae0c08b90c2d3fa03d27fd1c51fc2057e1bac78d394da4180fd90617ab4182d55e66b","first_seen":"2026-02-24T14:23:50.9912Z","last_seen":"2026-02-26T17:03:57.902053Z","times_seen":4,"resource_available":true,"data":null}},"time_used":98,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":98,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/JackpotPoolsWidgetContainer.DoUbVjzV.css","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:56.392Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/JackpotPoolsWidgetContainer.DoUbVjzV.css HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/tr/\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=0; twk_idm_key=1j_Pbe3wZINlDTDhzscRH; twk_uuid_69345a05c4e6ba197aefa96c=%7B%22uuid%22%3A%221.92R1qCgyJWowz2iTiEpRwBM0xZehlrdmh8bxgIdk3R7rbioXvAdL6Ij0M1frbRAs6Dh30m1oA1FRvNd3M7KvvDyVS879Xvfp17FFvDm7hE25401h5GP6zS56Sncq%22%2C%22version%22%3A3%2C%22domain%22%3A%22m-galabet1123.com%22%2C%22ts%22%3A1772117636060%7D\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:56 GMT\r\ncontent-type: text/css\r\npriority: u=2,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"1d21-bImIu7+rQEAP29Qa5bsu0gv6VDI\"\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8y7px9JNMd0Tkp7FmbYcsgBiB2DogyzWmjALcbBG%2B4LudWewA0YyFtIhCvkRdc9Mue736JawSOd1Lh0XMCX%2BYimBhmR0tv%2F3aNhY3Eqs5Ikh\"}]}\r\ncf-ray: 9d40465b3c54e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":7457,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (7456)","md5":"b90af3e11165ff40fd58becc1cca61d3","sha1":"6c8988bbbfab40400fdbd41ae5bb2ed20bfa5432","sha256":"ded84bb781964937636899c5fb033300e5bd6f038aad273ce986c6fb94d28421","sha512":"2ea7dd30ba216ac1890d730f6d45dce027259e2bf392015a29fc8a2048189bc7d2dd2862278c4ae51b0892232e0bcb75a9b5eb00203b97cca5f7e737c58cecf6","ssdeep":"96:Xnxo6ZIBmmohvoDxTTFQPHf9bzsV/bV/YgV/FxV/QV/OV/tV/IV/EVSVqV0VOVBn:XnX1Xx3erZg+qTPy5","tlshash":"eef1621352ab73ac6eee6937a170e75c7b3c083dc3131599adaf124a4d9aef1061871c","first_seen":"2026-02-24T14:23:51.32831Z","last_seen":"2026-05-17T23:41:09.67949Z","times_seen":6,"resource_available":false,"data":null}},"time_used":112,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":112,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/AiPromotedGamesWidget-DayfNQl4.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:56.413Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/AiPromotedGamesWidget-DayfNQl4.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m-galabet1123.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:56 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=4,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"7b0-UpA+U4UCwg8bnUlj9ahgB+a3loA\"\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EByrNdgu5luygFTYthpvcsSITHjA3CFPfPizJrh1iBRWfsycnWwoWCZhsIvQ9Ew7NMbPRCGxlSV%2FvvsTyqtibU%2B4UyIYjMO0dN3%2FtR7IZ6zH\"}]}\r\ncf-ray: 9d40465b4c70e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":1968,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (1967)","md5":"f60b4a6a3477a15b6c0c4006e622406d","sha1":"52903e538502c20f1b9d4963f5a86007e6b79680","sha256":"7c30e8e112ab68408fd5c004a111993bbda00f5a3821108446d5d76399194cf8","sha512":"353db56b85039292e147537b1f6459435e89d1dd703016ae61743e67f912dfb38f99ac4831eb046f76900da23ce941ea8af8d18c6ae53710ad86927f7af9fc85","ssdeep":"","tlshash":"f1415f2fb01dc97cf36c0aa48294b74a98127bb8d619e0e8b6ef4a11776409d637db41","first_seen":"2026-02-24T14:23:51.298658Z","last_seen":"2026-02-26T17:03:57.793021Z","times_seen":4,"resource_available":true,"data":null}},"time_used":117,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":117,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69967ba6a3b/css/min-widget.css","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:56.809Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 06 Jan 2026 07:50:57 GMT","end":"Mon, 06 Apr 2026 08:50:49 GMT"},"fingerprint":{"sha1":"76:A2:1D:87:6A:02:2B:AE:59:CF:63:88:47:0B:0E:A0:A4:71:2D:D7","sha256":"9E:00:F3:80:45:CF:47:97:9A:BA:39:F6:38:6F:52:DD:E7:5F:D6:9B:7E:89:F7:9D:B0:BD:98:6F:1F:45:64:2A"}}},"request":{"raw":"GET /_s/v4/app/69967ba6a3b/css/min-widget.css HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:56 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 19 Feb 2026 02:56:34 GMT\r\netag: W/\"af9830eef563b4df395870a483ce549c\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\nage: 16539\r\nvary: accept-encoding\r\ncf-cache-status: HIT\r\npriority: u=2,i=?0\r\nx-content-type-options: nosniff\r\ncf-ray: 9d40465dfd58e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":36092,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (36049)","md5":"af9830eef563b4df395870a483ce549c","sha1":"2c678a245c7b8984569447c9bbfe182583ef7e56","sha256":"5d919993a3fe6ec4c27ec6696b643900c02b95584a4a21a518eb8809edf12531","sha512":"16416617f0c79b40d196c1a7df699f1e01a130e3df75a4f437b4adfc04fa666ac7987d080bbfe759b849bd81860e6bab5b2af02356a8814f0dd1fa9a64b726d4","ssdeep":"384:uTTacuVZNgxYe4fbgL3w23U3xi7vxEbXR+ziLwH0Lg26/tFTiBB6TX3DYC8:yeyna+ziLwH0Lg261F2BBCX3DZ8","tlshash":"47f2bef1f4b700c8b363c122c3d5f67c6459b770ca86ce92f427666c49e16a63581abc","first_seen":"2025-05-21T12:18:34.219676Z","last_seen":"2026-06-08T12:51:50.327039Z","times_seen":43625,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/__proxy-cms-media/storage/medias/galabet10/media_751_d95c491056861c55d9808002ec3083fb.png","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:56.382Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /__proxy-cms-media/storage/medias/galabet10/media_751_d95c491056861c55d9808002ec3083fb.png HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/tr/\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=0; twk_idm_key=1j_Pbe3wZINlDTDhzscRH; twk_uuid_69345a05c4e6ba197aefa96c=%7B%22uuid%22%3A%221.92R1qCgyJWowz2iTiEpRwBM0xZehlrdmh8bxgIdk3R7rbioXvAdL6Ij0M1frbRAs6Dh30m1oA1FRvNd3M7KvvDyVS879Xvfp17FFvDm7hE25401h5GP6zS56Sncq%22%2C%22version%22%3A3%2C%22domain%22%3A%22m-galabet1123.com%22%2C%22ts%22%3A1772117636060%7D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:56 GMT\r\ncontent-type: image/png\r\ncontent-length: 2125\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: Content-Type\r\ncache-control: public, max-age=315360000\r\nvary: Accept-Encoding\r\nlast-modified: Thu, 14 Dec 2023 08:21:59 GMT\r\netag: \"657abb27-84d\"\r\nexpires: Sun, 24 Feb 2036 14:53:56 GMT\r\ncf-cache-status: BYPASS\r\nage: 3253569\r\naccept-ranges: bytes\r\nset-cookie: __cf_bm=_PFhKjKL2vkZo26nq_cbHrDJTLVf7vF3AExC.IK5E_c-1772117636-1.0.1.1-aOWjF7p39Aqy1zHnCCH_GxTR11A5P8FfE0PRn5lEJJzaKj8ijQmJ51Hdu2hnu4qEMc3SiipKKHD1DbiZP1tHd.XZ4MG8uTAWOUq_cE1z.Js; path=/; expires=Thu, 26-Feb-26 15:23:56 GMT; domain=.betcoapps.com; HttpOnly; Secure; SameSite=None\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yhOMtTA7oDJmN%2F5nF%2BeNTLNkBy8xZ%2Bw%2B3lFNxXIsoxOWa90yYc51mcTQyDLG3xk48vJ4aXwTYy3Ls7EE5xPNPkbF8HsuJikZbLurAbFGdbvj\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9d40465b1c42e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2125,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced","md5":"d0a6f672bc6bd2e097de029109a7577c","sha1":"228e47b53bf80adec61493761d90165771a81012","sha256":"35dc3f8b307cacbf717f898b6a669c2eb188cc425a1f356b94132ebc7e8441c2","sha512":"7a700fc3f2a2cced35def804efb78f631ae965591bca74fe55eb23a593f5cd77cdb31f9f947e8614f0ed1d67cd29c3b25797fc46d9d22f6788bedf34d84bd8a2","ssdeep":"","tlshash":"7741eaf57111586cd591a232475cbdd2589db408d035d507fea3ba2c7c3f17814c32ae","first_seen":"2025-12-24T22:39:16.220215Z","last_seen":"2026-06-06T23:43:56.132258Z","times_seen":54,"resource_available":false,"data":null}},"time_used":134,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":134,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/jackpot-jNbP6Duk.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:56.397Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/jackpot-jNbP6Duk.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m-galabet1123.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:56 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=4,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"178-HTAHDn0O0IONuuIsgcQUMPs9DUU\"\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8XaMsSP9YPnGf6yNGXjo1dvA84X417HKa%2FpMLa%2FTmUWe2%2BkTZQ%2F%2BZH5IOKZDGZdR1wMntQWSys%2FhDn89jvAoiRCplyL5FmpJAt6B0abDuk%2BM\"}]}\r\ncf-ray: 9d40465b3c5ae0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":376,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (375)","md5":"c4e89512f1192d8bdeb452c2cce992bc","sha1":"1d30070e7d0ed0838dbae22c81c41430fb3d0d45","sha256":"4a7f2a8747580d38cb522b361b5cc73a8ebcdb6690f3f8d92d7dded5be8a36fd","sha512":"b548c62816c00d3df156b43a8e608d5d7de55931f121ecfda4e7296e5cd65208ffaf60871ba3b035cd43b5e2aae82b0965329a8c9b5a0821de5a23fbdbc12626","ssdeep":"","tlshash":"00e068eed8c08dfb967007552bb018840e2416ca101ec9e4be2672611800b8828f8239","first_seen":"2026-02-24T14:23:51.255604Z","last_seen":"2026-06-07T06:35:51.65736Z","times_seen":99,"resource_available":true,"data":null}},"time_used":122,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":122,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/AppSettingsButton-B9Bfk5lt.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.825Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/AppSettingsButton-B9Bfk5lt.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m-galabet1123.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=4,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"181-Q3sDKsT6bx9KhAS1P7rrjvAVpyk\"\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=JpKSKpS5zcI1CJXnfKKKmJGDSdm8uTzGW5L7WsBe7IdWRWycmRIgtsERqdOO4KRI46lOcUrh88fZha3oqwq8LorsH98P%2FOuQjE%2BdKxPD%2BwkZ\"}]}\r\ncf-ray: 9d404657bafce0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":385,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (384)","md5":"11b72d538039debad23018d55f70656a","sha1":"437b032ac4fa6f1f4a8404b53fbaeb8ef015a729","sha256":"c4f26646d48d997669963b81485af4a66a84c589c5005fa9aac7e81ce4151bd9","sha512":"a558a63166c1c05cd1f781fbe1e412559881d4e502a5768961783da4cedf90ccdb34d072f0921cc027c35bdc157f9fca17973d2e5617b1eae1ffcf1e7ec37c79","ssdeep":"","tlshash":"aae0c08b90c2d3fa03d27fd1c51fc2057e1bac78d394da4180fd90617ab4182d55e66b","first_seen":"2026-02-24T14:23:50.9912Z","last_seen":"2026-02-26T17:03:57.902053Z","times_seen":4,"resource_available":true,"data":null}},"time_used":113,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":113,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1052.com/storage/medias/galabet10/content_751_e2992c962b629258e32496488e343bb8.webp","fqdn":"icons.galabet1052.com","domain":"galabet1052.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:57.693Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1052.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:14:03 GMT","end":"Sun, 24 May 2026 11:13:59 GMT"},"fingerprint":{"sha1":"3B:14:63:FD:4D:69:AD:3E:AE:90:AC:62:75:5F:1C:3B:40:70:81:66","sha256":"67:D1:79:82:FD:52:DC:63:91:45:A6:57:3E:F7:D3:BE:95:EE:80:07:4E:A0:E0:43:F1:1C:9D:1B:E1:2E:48:79"}}},"request":{"raw":"GET /storage/medias/galabet10/content_751_e2992c962b629258e32496488e343bb8.webp HTTP/1.1\r\nHost: icons.galabet1052.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:57 GMT\r\ncontent-type: image/webp\r\ncontent-length: 18922\r\nserver: cloudflare\r\nlast-modified: Sat, 31 May 2025 11:53:11 GMT\r\npriority: u=4,i=?0\r\netag: \"683aeda7-49ea\"\r\nexpires: Thu, 05 Mar 2026 14:53:57 GMT\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nset-cookie: __cf_bm=anOvjlFoE2sPbuX3qmHDocbyIhTIDyDrztpwxn7nB6E-1772117637.6857245-1.0.1.1-Mw1IM60MD.x8jqkthI4Z7_zrKFXgcEa.M7gvmFT8PQ_ILnx6yOpVMWxyO226lQO1JvnzJrKDSTLNaHlgbwgUGyZb8v9Vxk.xUegTGA2pneG2K1ZTp_rT.elODNXBy7cU; HttpOnly; Secure; Path=/; Domain=galabet1052.com; Expires=Thu, 26 Feb 2026 15:23:57 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=VDDjsBOKL8pW%2BdkQaovRfJ6cKQ3vBzdXpgFmW5K4rsEW1FLUxg0btwTLGoiJJ13ykGsVQjq%2Bb17Eu3OOwG4d6YpK7eR9gap3V87bO1ZPmbNq3lbskw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d404663895335a6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":18922,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"903c69c562a0cbbf1c19ffb312754ab9","sha1":"6b4ec5970d79a6e68c3452ed6216390060838a25","sha256":"0e4d56e0eeeba1be555347bc03ed2125cb792ae75f2ce14668b360230c341f18","sha512":"5b6ebcac994b2e1c2544a910a711bfc046d701704b371d62732b1754bafa403e5486b91eaafdae875d752b7e3122fc33e7f22a463e581b4090d2779f80ce34b8","ssdeep":"384:8Iy4zvEFK9vUhGAB466Z1W042wifdTAyYQiai1i23xB:fzvEw98Q44R1WmwifdETQiXDBB","tlshash":"2782d0a6787d1671ef46e14583b883de87210a0d9b91878d1f18a420dd3d72ecab51be","first_seen":"2025-12-24T22:39:16.347068Z","last_seen":"2026-06-06T23:43:56.135269Z","times_seen":54,"resource_available":false,"data":null}},"time_used":88,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":54,"receive":34,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/walletConnect-CiycSUBb.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.410Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/walletConnect-CiycSUBb.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/assets/WagmiConf-DcRD12Of.js\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=1772117635394; twk_idm_key=1j_Pbe3wZINlDTDhzscRH\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=3,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"7ce-4NL9XQUE1X1LJPUYsilS0smIp/4\"\r\nage: 0\r\ncontent-encoding: br\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NPfyrcnxUy7xfv85%2Fd%2BGWHkfdYMayLacDp%2BF6X1wo4dn%2B3lmzIQUOWez6CBTlPFZow6FEJy3EAKivfIrbWXB%2Bdwb8q3x1nyACYqUmDRRmwIX\"}]}\r\ncf-ray: 9d4046555a44e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":1998,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (1997)","md5":"da47465662d5f1b88313ef72ebb29b9b","sha1":"e0d2fd5d0504d57d4b24f518b22952d2c988a7fe","sha256":"3bab1d05ac548fa6a9da34691fb10a9952e78e39de56d9db8e707490f5693803","sha512":"0caccce9e0a63d128acb707352cf961d8f203ab6088a491971a415a6902229d366a19c5983aa951831611446a97d432ac6eb2fa0aaba7cafee0d82e68688bcb2","ssdeep":"","tlshash":"cc4153ed9a14e4fccd74d1801ac9a709a0268ec6b40d40cb71cd912f0ffd4aad546b27","first_seen":"2025-03-03T02:49:15.275081Z","last_seen":"2026-06-06T21:30:11.623634Z","times_seen":1659,"resource_available":true,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/JackpotPoolsWidgetContainer-CG5gkeJb.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:56.613Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/JackpotPoolsWidgetContainer-CG5gkeJb.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/assets/index-Dm17uEDJ.js\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=0; twk_idm_key=1j_Pbe3wZINlDTDhzscRH; twk_uuid_69345a05c4e6ba197aefa96c=%7B%22uuid%22%3A%221.92R1qCgyJWowz2iTiEpRwBM0xZehlrdmh8bxgIdk3R7rbioXvAdL6Ij0M1frbRAs6Dh30m1oA1FRvNd3M7KvvDyVS879Xvfp17FFvDm7hE25401h5GP6zS56Sncq%22%2C%22version%22%3A3%2C%22domain%22%3A%22m-galabet1123.com%22%2C%22ts%22%3A1772117636060%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:56 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=3,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"fdd-6imTdJiR9KzW7IF8K35UOGO9Omo\"\r\nage: 0\r\ncontent-encoding: br\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Bw2uqFqXrwvKhgP3kzzM%2F7%2BV88I42XnGeHjK7sjJURcE7WTcuwbYCnQpWAWzy6APB93nZBUYM6zYE4PrBTBJp3f3jHoyhdsrUZ1QsKTV7VWK\"}]}\r\ncf-ray: 9d40465cdd14e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":4061,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (4060)","md5":"c9c74fdfb9e5a74ebd6a40874d59f09e","sha1":"ea2993749891f4acd6ec817c2b7e543863bd3a6a","sha256":"bdfca645f493e6d1b5fc8fc135b986e6412413d80d764007c65aeb258abcbcdb","sha512":"75ec153ca1d34ab5fc39ed822e85ae9ad198813cf6947803d010b12a4802ace30fe5078ca669a875115285e13c4561d7d5da396c6531089ff099373746d929e3","ssdeep":"","tlshash":"c8818617e01ab3fcd8dc04a3502f910a2b7e0abdd75605e4d06e08240abc85af25db8a","first_seen":"2026-02-24T14:23:51.150408Z","last_seen":"2026-02-26T17:03:57.723683Z","times_seen":4,"resource_available":true,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/useJackpot-DIZu1EfL.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:56.762Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/useJackpot-DIZu1EfL.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/assets/JackpotPoolsWidgetContainer-CG5gkeJb.js\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=0; twk_idm_key=1j_Pbe3wZINlDTDhzscRH; twk_uuid_69345a05c4e6ba197aefa96c=%7B%22uuid%22%3A%221.92R1qCgyJWowz2iTiEpRwBM0xZehlrdmh8bxgIdk3R7rbioXvAdL6Ij0M1frbRAs6Dh30m1oA1FRvNd3M7KvvDyVS879Xvfp17FFvDm7hE25401h5GP6zS56Sncq%22%2C%22version%22%3A3%2C%22domain%22%3A%22m-galabet1123.com%22%2C%22ts%22%3A1772117636060%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:56 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=3,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"529-bFoXraFaLuEIo1H06Ma3rbmpYPg\"\r\nage: 0\r\ncontent-encoding: br\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MQbGaF92iJiTHhQ0EMaKfNcemjLfs9%2BL1l80sW%2Bcngy3Y5F1p0wdLpswrrzj6%2Fj8UEFx0X0g8td40SaJf8FIVB%2B4xkV%2Fm25n6ZX%2B3JYPCQ5H\"}]}\r\ncf-ray: 9d40465dad4be0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":1321,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (1320)","md5":"f51e23fa741958fcc0acdce4b55fa46c","sha1":"6c5a17ada15a2ee108a351f4e8c6b7adb9a960f8","sha256":"7f255dbd2ebc95805077d7472e6cd99de2b6a488a4b6de2e3a50d6fa20a29d52","sha512":"2208a19286c5e3159732a8e30c75655fbd4bbd9fbaca53ea603e91996901533b4fefb57d23a5e7a859edacce3dfb03b856226dbdf2ac6d159600f466a254d577","ssdeep":"","tlshash":"8621264e5049e2f8f48988f20022537b7b3c3f29b590e0b094ed5d6da269d96fa30a46","first_seen":"2026-02-24T14:23:50.971725Z","last_seen":"2026-02-26T17:03:57.940737Z","times_seen":4,"resource_available":true,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"statistics.btcoservice27.com/images/e/s/0/882.png","fqdn":"statistics.btcoservice27.com","domain":"btcoservice27.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:58.210Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"btcoservice27.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 09:41:42 GMT","end":"Sun, 26 Apr 2026 10:41:35 GMT"},"fingerprint":{"sha1":"81:21:C1:62:6C:B3:8C:D6:3B:78:1C:03:98:EB:E4:B5:0B:08:13:4C","sha256":"86:BF:9F:A3:FE:30:F5:BD:7B:AD:63:3C:D7:11:72:E8:91:A7:06:23:A8:B5:1E:96:CD:28:18:3E:4C:48:4C:86"}}},"request":{"raw":"GET /images/e/s/0/882.png HTTP/1.1\r\nHost: statistics.btcoservice27.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:58 GMT\r\ncontent-type: image/png\r\ncontent-length: 1785\r\nserver: cloudflare\r\nlast-modified: Tue, 10 Aug 2021 08:31:07 GMT\r\netag: \"3fc3d010c28dd71:0\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\nx-powered-by: ASP.NET\r\nexpires: Wed, 25 Mar 2026 22:23:42 GMT\r\ncache-control: max-age=2592000\r\npragma: public\r\nx-cache: MISS\r\naccept-ranges: bytes\r\nage: 232215\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nset-cookie: __cf_bm=CWIEg28nUrItll5THQTdis3GhXOCmWkL4NbYbhuzv0g-1772117638.1597466-1.0.1.1-ZZojPEGWWQ2aKinqRglbgYWwJ2C9ms05NY2hAhLX8O2BHLgBidiqVNPaH5AX_5MievUMA.YT9NZUrL_1uplyj85Qy116IU8uMpAGeyBx7bTTadkgmQBKf8ZDPbPBB_Li; HttpOnly; Secure; Path=/; Domain=btcoservice27.com; Expires=Thu, 26 Feb 2026 15:23:58 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0W2Ogvjz%2FTCGNaIfiVLKMEPIpJNilGFlcJnrLlCmldTF5Gspgnxr7I9H1npOE2wgHeLTnn8t3tfoY56UXt%2B43NrAeLo9D1dapg1RFS8fVobo3Tf4gD3T%2Fvj%2FQI4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d4046667f264c11-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]}],"data":{"size":1785,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced","md5":"8b5f6433dea7312827d44a3ee44d3f13","sha1":"c1332107cdb0a3cf3ee63937f8cfdb06d67b57d9","sha256":"ec4aa3b2a968531cd3902f37aeff8ff229be8d5e064ba4d22383575f4ab2b387","sha512":"de62dddfc9e31da1d704eb6a31ecbfdbf2a186efb6552255b65ac6835ba6f4f00438391264264166de022c8f03a93c2341df0e5656d80a5212b07223e86df7bf","ssdeep":"","tlshash":"d3312b11a2ac457d9c8c0130b0fe7c07a40e85b37d3ad51caa3ec2a2cbb885ac5c1f46","first_seen":"2023-11-25T15:41:35Z","last_seen":"2026-05-22T06:52:51.82251Z","times_seen":231,"resource_available":false,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/__proxy-cms-api/api/public/v1/tur/partners/751/components/1974/contents?use_webp=1\u0026platform=0\u0026country=NO","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:56.422Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /__proxy-cms-api/api/public/v1/tur/partners/751/components/1974/contents?use_webp=1\u0026platform=0\u0026country=NO HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/tr/\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=0; twk_idm_key=1j_Pbe3wZINlDTDhzscRH; twk_uuid_69345a05c4e6ba197aefa96c=%7B%22uuid%22%3A%221.92R1qCgyJWowz2iTiEpRwBM0xZehlrdmh8bxgIdk3R7rbioXvAdL6Ij0M1frbRAs6Dh30m1oA1FRvNd3M7KvvDyVS879Xvfp17FFvDm7hE25401h5GP6zS56Sncq%22%2C%22version%22%3A3%2C%22domain%22%3A%22m-galabet1123.com%22%2C%22ts%22%3A1772117636060%7D\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:56 GMT\r\ncontent-type: application/json; charset=utf-8\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS\r\naccess-control-allow-headers: X-Requested-With,Content-Type,Origin,Accept,Accept-Encoding,Accept-Response\r\nset-cookie: __cf_bm=V40Y97MK54zlkCPHBmMSpL3fazGEzSDCPTHE.re8EdI-1772117636-1.0.1.1-5c.2ds6UMEpr9e_Uk16fuR.zVOgWtPZEC1CsRZh7iklyassek4nkdhgPCncoDVBWdQrK86PiTK2Ij5GIJT1txj6XM6.xhOg9BCeytqKgURc; path=/; expires=Thu, 26-Feb-26 15:23:56 GMT; domain=.betcoapps.com; HttpOnly; Secure; SameSite=None\r\ncache-control: no-cache\r\npragma: no-cache\r\nvary: Accept-Encoding\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=q%2BhZc25zEwHDdusveUFHyL54HsDH6OJt%2BR%2BYCuB3nU3wrrDZBZXE0bVpphlH2HsKvUcJDMSc1hMLqWxNlZIpebh2q%2FGla92KM%2B4PElT1l%2Flj\"}]}\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncf-ray: 9d40465b5c7de0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":13437,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"d967f3246d3154fb898a79aac16a3c23","sha1":"5cf3e4e950a4718d94d1b3f3e8a022b65cc0ce1d","sha256":"0e8bb39bd93d8b7955a7d79cfd34e13f4b427a762b5e5dc1ea64bd3047e8784d","sha512":"9663c677efcf1d7d1fd6edaff745be439f3f48bf457c4228d13c6152330a884b346ed8fb1335e6a766114ecbf1383c90087fc5ff256d7f668746fb01cc8ce91b","ssdeep":"384:JLLlkCKUWGttrQb03m2r1DEWCtLt75YsZZOQpaZtRRus5Cr3A/0QqiXJV7vp+doj:hhP7Wqt8AWwDbUhqsZ38dIQEw/x1ZFxl","tlshash":"4252dd23b02d9d6a5b543b40b4c3394ac99e5446dc0f9670dc498f8d92eaa2ec6e33d7","first_seen":"2026-02-26T14:54:53.784564Z","last_seen":"2026-02-26T17:03:57.913341Z","times_seen":2,"resource_available":false,"data":null}},"time_used":179,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/UnavailableMarketEvent-wtkKsClH.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:56.862Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/UnavailableMarketEvent-wtkKsClH.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/assets/FeaturedGames-CmnWY5V8.js\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=0; twk_idm_key=1j_Pbe3wZINlDTDhzscRH; twk_uuid_69345a05c4e6ba197aefa96c=%7B%22uuid%22%3A%221.92R1qCgyJWowz2iTiEpRwBM0xZehlrdmh8bxgIdk3R7rbioXvAdL6Ij0M1frbRAs6Dh30m1oA1FRvNd3M7KvvDyVS879Xvfp17FFvDm7hE25401h5GP6zS56Sncq%22%2C%22version%22%3A3%2C%22domain%22%3A%22m-galabet1123.com%22%2C%22ts%22%3A1772117636060%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:56 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=3,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"134-UhhjmnVS/fKpCCkN/S6cRA6/3rQ\"\r\nage: 0\r\ncontent-encoding: br\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KSgXCdBtFcGpQHvcgdJpDTmYPwvdAKJ3FID2jPdg3NelGzQ%2B6DN8sUXTlU%2BMJGxOU22HwZ7%2FGW8Jd3OORNs6YKMpfA82sJt6gKCDfdhb02NY\"}]}\r\ncf-ray: 9d40465e4d75e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":308,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (307)","md5":"98b9533851974b6ee03f009832ec9b0e","sha1":"5218639a7552fdf2a908290dfd2e9c440ebfdeb4","sha256":"9abebbd29b2f027411a623d5b140792a129165b070e618f803c4257da6978b95","sha512":"0170e9059b93228cbb5e6b27ea363c91b851c327080a46e85a96739c2b51562f56ba0c25f7ede463ff65a12a3f5ebfc832261f11f0db5e0eeeacaeec2353dd56","ssdeep":"","tlshash":"2be0cd0aa104bbf6d5255cccce3a8f4da90307b5d7ea45d3d1f951281b34265390ee96","first_seen":"2026-02-24T14:23:51.155949Z","last_seen":"2026-02-26T17:03:57.841108Z","times_seen":4,"resource_available":true,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/FastTrackTracking-BNZErIta.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.836Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/FastTrackTracking-BNZErIta.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m-galabet1123.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=4,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"52a-ID+LSbOKIKNMAl7iu1W5dkk6c+8\"\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=i2CU6avqaAoUX1fmhws56%2FNXkf72VERcweRpB4r0KMIIDcSuoDS18kVXgIXnnKMiQZUy8JrCCUMbpx%2FN8NvTU6gkdqNTbGzTMcBd7DiDFLf6\"}]}\r\ncf-ray: 9d404657cb0de0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":1322,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (1321)","md5":"1861326333be5ba0826cb14fc624519d","sha1":"203f8b49b38a20a34c025ee2bb55b976493a73ef","sha256":"51bf4e13eb7ae22577f81b7802fe6f66aba230e326f393a6593af81d306e496c","sha512":"8b7e06061c38400895b375cbece5a404410a986df6ad8dab6b4625d6bee1d6de78743cf69dc89fef75ca29971ab2b267bbefcfb468156737f1cd3b6e4fac0edb","ssdeep":"","tlshash":"1721530f80d443b478804d8da3dba261993e9975711ec4e1f07a0bad3f0ca66839ac97","first_seen":"2026-02-24T14:23:50.96774Z","last_seen":"2026-02-26T17:03:57.835165Z","times_seen":4,"resource_available":true,"data":null}},"time_used":116,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":116,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/logo.png?v=1767600520","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.684Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /logo.png?v=1767600520 HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=1772117635494; twk_idm_key=1j_Pbe3wZINlDTDhzscRH\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: image/png\r\ncontent-length: 8570\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"217a-COedXdhEORboW5CmiCmhOELaykc\"\r\nage: 0\r\naccept-ranges: bytes\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gp6p79IK22e4k4O%2FVPTfW8%2FsdYoukwlDpyNwE2HuOfZbYqsW9z%2B1se3Ymzdz7f9XO3f0kz5nFeVdI%2FshCOoVRhPvUEyDg%2FOgSDnqKpkDFS%2Bd\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9d4046570ac3e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":8570,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 360 x 120, 8-bit/color RGBA, non-interlaced","md5":"8616737c6157ccaeee86e2c08f0a6fe2","sha1":"08e79d5dd8443916e85b90a68829a13842daca47","sha256":"a0b66af32c291c7f13a082fca293857613e49569f277c2d3c68d4184913a73b8","sha512":"14636bb931948ca1b8aff3dd5fcce311e595051e41240e890fcf3a0e5d507820db5670e963489c66354aac07429f979979a67b5947b9654b5303436c69eeaccd","ssdeep":"192:ymSFGYb774y9Lkxe2vjdIfKp/xJIXq2g5qPG8fxtnQzro:yJAYX74y9Ax3rdVvIXqBYZtQPo","tlshash":"6a029d321ea92eb0ddb332d52928f20f72cf010f16572136e41457a7cb1dea89c8b667","first_seen":"2026-02-24T14:23:51.197117Z","last_seen":"2026-05-04T13:54:35.270172Z","times_seen":6,"resource_available":false,"data":null}},"time_used":31,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":30,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1052.com/svg/GamesOfTheWeek.json","fqdn":"icons.galabet1052.com","domain":"galabet1052.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.728Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1052.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:14:03 GMT","end":"Sun, 24 May 2026 11:13:59 GMT"},"fingerprint":{"sha1":"3B:14:63:FD:4D:69:AD:3E:AE:90:AC:62:75:5F:1C:3B:40:70:81:66","sha256":"67:D1:79:82:FD:52:DC:63:91:45:A6:57:3E:F7:D3:BE:95:EE:80:07:4E:A0:E0:43:F1:1C:9D:1B:E1:2E:48:79"}}},"request":{"raw":"GET /svg/GamesOfTheWeek.json HTTP/1.1\r\nHost: icons.galabet1052.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m-galabet1123.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nlast-modified: Mon, 30 Jun 2025 11:09:58 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=1UHbaRDAZCe1KIhBmwodFB8rcxnQGMQTtuCSzBFFH.Y-1772117635.7943602-1.0.1.1-2InvXSo2QbwsOekpwyXSe0zxyHDpSQR2xTjrN2HGQnmXAH_d8xA1_nupYyPXGtSZ6ng0uUoHNFC1VWtQv94CwdKZ0VjhjZ8Y.ZSEHvFA2vBWA3g1nPJxPqT76JkdMFNr; HttpOnly; Secure; Path=/; Domain=galabet1052.com; Expires=Thu, 26 Feb 2026 15:23:55 GMT\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YjNqhDGMdTMBAduSMXAD8DEERjZYPyMOWbAJOpeqI1pqtVNpH2d1wzXDgfRz4uFnwQldq96RQXjCijyEz6gMQza7TJ299LldaXFEcgl%2BDGSbTQdHEQ%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\netag: W/\"68627086-be0\"\r\ncontent-encoding: br\r\ncf-ray: 9d404657baa14c11-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3040,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"bd48bcac13b7af9a43338fa39450069c","sha1":"b39e0dce82eec16651566913e7d8a1ae26ee25d8","sha256":"e67476d135f1d3e566d62c017b8a4afa7b3013dc29540a85de3c9f071a11812a","sha512":"39c26cb74b8bea9fd071edc07b5fe1ef144747ebd23593b409aeb8f0e6894daf00a946805f222e2dca66dae48baa4adab0196a4ef71720fd109aeba8f11e1026","ssdeep":"","tlshash":"6951b0d8c5254afa1bcc335e6322542b0cc92fd6f7a35cd8b27c85985b13d062a7e883","first_seen":"2026-02-24T14:23:51.265611Z","last_seen":"2026-05-19T18:11:41.282935Z","times_seen":52,"resource_available":false,"data":null}},"time_used":154,"timings":{"blocked":60,"dns":0,"connect":0,"send":0,"wait":94,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/__proxy-cms-api/api/public/v1/tur/partners/751/seo/page?platform=0\u0026country=NO","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.754Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /__proxy-cms-api/api/public/v1/tur/partners/751/seo/page?platform=0\u0026country=NO HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/tr/\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=1772117635494; twk_idm_key=1j_Pbe3wZINlDTDhzscRH\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:58 GMT\r\ncontent-type: application/json; charset=utf-8\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS\r\naccess-control-allow-headers: X-Requested-With,Content-Type,Origin,Accept,Accept-Encoding,Accept-Response\r\nset-cookie: __cf_bm=60B6DC.Ldh2ZdJvMYEVeQCQuOck2lCVbT6v37O_H8Vc-1772117638-1.0.1.1-K79N_dvpGQ6cuJprmPPJsqFodwUmSPyIPjRq5fqhyPZll3jdqrm_y1JeLi8dVJmRC8AXPp9nus4avv9LKrA9ABJA8.b_AgNT0svefdJQDgs; path=/; expires=Thu, 26-Feb-26 15:23:58 GMT; domain=.betcoapps.com; HttpOnly; Secure; SameSite=None\r\ncache-control: max-age=600\r\nvary: Accept-Encoding\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kgIfbW3xHbr2yfREkc7KpHL0jAzxbdQGzj4KeNt37bfZwVDJ7V6ulu9GDfEaxBCyRyGIylQqyyfY2T%2BRRU7ef%2FrPpptyGFM%2Br6nAVDnXJWMl\"}]}\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncf-ray: 9d4046578ae2e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":7671,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"0c3cb355e0745f8d403e214af1595e2e","sha1":"ed786d0ae61ad6adce28150c04a932c4e9bcd6da","sha256":"2b7c48aafa192476fcb639519893f40c28c1de98bd5e66b84769edc55b047be2","sha512":"1c1840626aba24469d43e66cef0893e9627c25afee6ab6a955e6cebf21946e2cf3514c9587cae3c5815a3b7b5ceabdb18cde0fc4b6d5cc52e798e14c7c456b62","ssdeep":"96:E2K/6TXWpoS1kKXplSunUVtRQl8bqOHEyj7fuSE3Ytvkeu5Jbrt:E1yTXENDplfnUtQyDjJE3ovy7bJ","tlshash":"76f10f0e37962d9f038a5fca29564d3c4fd55386fe41a91c8d63ce1e2bcd278d22ae01","first_seen":"2025-12-24T22:39:16.082152Z","last_seen":"2026-06-03T04:20:31.887932Z","times_seen":73,"resource_available":false,"data":null}},"time_used":2578,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":2576,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/DataspotTracking-BGnsxVvd.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:56.272Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/DataspotTracking-BGnsxVvd.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/assets/index-Dm17uEDJ.js\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=1772117635790; twk_idm_key=1j_Pbe3wZINlDTDhzscRH\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:56 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=3,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"1f60-o/BUZZv5OqLTw2M0TJ02rvoKaWU\"\r\nage: 0\r\ncontent-encoding: br\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2%2BkDQqqWGyaRnoNb5lC4GZ%2B%2BlmP5V8ogCqY0U7AwgnOTmCNy5OmVB6FVbcNTv209JFQaF%2Bqea0XSbJGzk3%2FEIe2mJjZkhjgVWb9yumlRAAvG\"}]}\r\ncf-ray: 9d4046591b72e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":8032,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (8031)","md5":"6eb0adb294d6e0b4be4655a714d18cf8","sha1":"a3f054659bf93aa2d3c363344c9d36aefa0a6965","sha256":"1903da0a3931978e3bf11cd481394054ee369eac77e1e9eb33dec25253c83ca9","sha512":"a704e987bddeddbfcf41a894099cab890cbc9b2499a6ba6e06f649e1f716331a64145953bc618d0da4f392ad06eb946e6679642593b509023ed2cdac75826b11","ssdeep":"192:a5xZqJXykg/uKb0n5OnB7tv1/3iYtWSsftQUs3:uZUXykg/b7ZFSXSsfDs3","tlshash":"2cf10355741e78bca033c6ac0d47616218387051e6329de476a6cf5aae3d8c28bf77cb","first_seen":"2026-02-24T14:23:50.919041Z","last_seen":"2026-02-26T17:03:57.92747Z","times_seen":4,"resource_available":true,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"crm-lib.fasttrack-solutions.com/loader/fasttrack-crm.js","fqdn":"crm-lib.fasttrack-solutions.com","domain":"fasttrack-solutions.com","tld":"com"},"ip":{"addr":"172.67.73.148","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:57.203Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fasttrack-solutions.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 25 Jan 2026 02:49:52 GMT","end":"Sat, 25 Apr 2026 03:49:32 GMT"},"fingerprint":{"sha1":"AC:2D:A6:7A:37:80:2E:24:CB:68:71:7C:86:FC:30:1E:1E:D5:AC:5F","sha256":"BD:5F:72:18:CF:A9:84:64:5F:E2:CB:09:75:97:03:8D:AC:00:57:4C:64:66:E8:35:8B:BE:B8:14:A0:84:32:AF"}}},"request":{"raw":"GET /loader/fasttrack-crm.js HTTP/1.1\r\nHost: crm-lib.fasttrack-solutions.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:57 GMT\r\ncontent-type: text/javascript\r\nlast-modified: Wed, 11 Feb 2026 13:55:13 GMT\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: X9ovE_PVlm7QTMnZs7pgGdxk3XrTsm57\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YPEy0KR%2BhVSp8KlI0ouTRjHh1oB9XAo39qUK53%2F0KhRfkMEtwkHk%2Ba1gt6Y1KVSdB6hFRNhxOu%2F3igR8IZQViuE9LCsOuQXaT0jrVOmmVibqfM%2FZXTQPjApm3p%2BQOw%3D%3D\"}]}\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 08dc547306e2c7102196b53ce0859e80.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: FRA60-P11\r\nx-amz-cf-id: PCb-9sRNJT74zT35kcMuKkglZxwv8SnnaMgOpIrfLpaxlO-FT6gqdA==\r\nage: 3238\r\ncache-control: max-age=31536000\r\ncf-cache-status: HIT\r\netag: W/\"0e62b669f80928b5dac9ece193256095\"\r\ncontent-encoding: br\r\ncf-ray: 9d404660c8461f50-ARN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6791,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text","md5":"0e62b669f80928b5dac9ece193256095","sha1":"a04e0c32df6e15dd5621258cdab16ca08361d27a","sha256":"cd306f0e4ea334dc0a9ab35e3e6c3c73a34876b8d8be27330916196042a1437d","sha512":"930f28be027cbe059bedfe820c6920d8668380c8aef844a15c140de8e907d2be6c5eb38470f0809709bf8d2d0cffd411c61a92a1fb1592503d59e24ff8350cc0","ssdeep":"192:/XKuPlMK5EbbbCUuUD7Z4ac2tMOx5YemndU25i5ObHwxaf6pedviiA:vKEiw8nbxDt4atx5Ye4ymr//A","tlshash":"e5e10e5c29f394610a93351f033be125f3b6e533221eec41b9dc8968af54667caa7d88","first_seen":"2026-02-12T21:09:52.600201Z","last_seen":"2026-04-14T09:08:05.84184Z","times_seen":66,"resource_available":true,"data":null}},"time_used":107,"timings":{"blocked":39,"dns":7,"connect":10,"send":0,"wait":24,"receive":0,"ssl":24},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1052.com/svg/Sports.json","fqdn":"icons.galabet1052.com","domain":"galabet1052.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.712Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1052.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:14:03 GMT","end":"Sun, 24 May 2026 11:13:59 GMT"},"fingerprint":{"sha1":"3B:14:63:FD:4D:69:AD:3E:AE:90:AC:62:75:5F:1C:3B:40:70:81:66","sha256":"67:D1:79:82:FD:52:DC:63:91:45:A6:57:3E:F7:D3:BE:95:EE:80:07:4E:A0:E0:43:F1:1C:9D:1B:E1:2E:48:79"}}},"request":{"raw":"GET /svg/Sports.json HTTP/1.1\r\nHost: icons.galabet1052.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m-galabet1123.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nlast-modified: Thu, 03 Jul 2025 10:12:55 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=f7TUcRAcFpzVAdy0jkvTzm9..NgfE8k9OW3OJiNNh90-1772117635.8127253-1.0.1.1-2eFDBphUZ2cbDMDZ.ZK9b.DBwVyNlRvIfGyxpKWKC4sP.i0vPjCcezBsVB70JsLoHPANPImxYCMBEkvClv_MsK1oIzusPpwtgbiRxTXBLcj5miTBKaD9hsLrMk4V8lIY; HttpOnly; Secure; Path=/; Domain=galabet1052.com; Expires=Thu, 26 Feb 2026 15:23:55 GMT\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XNJV3hk2ZSPvgG6LtmfeBepsNvhZyA7Rksjb83ST9zFQbRJH7drOKNljCru7oa%2FEq7ecPZyLvHxS1n5z96dWb0kTISAy%2Fy4KkY59%2F5R8%2BPhuK9DgOw%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\netag: W/\"686657a7-82e\"\r\ncontent-encoding: br\r\ncf-ray: 9d404657db324c11-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2094,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"e98bc5be7f5882a72abf78d11dda926a","sha1":"d835544d895a4817c210e575a6a99e08c1e2f095","sha256":"bc7880489b92bad21b9475577a93515e928dbc3fe62bf09e014e973e124ed223","sha512":"966b29438ae513d771a33e04b1f0566a70d205ee6698d6b2c7f1b00c7e263311652d392fc3f4251256866bbc2b0abf0dfa35698aaef8bc160847938a33a8a184","ssdeep":"","tlshash":"3d410018c3b983facc45823c5035a5b83a4e10ffa8a0f3b4996e95a47a420dc95cd6ed","first_seen":"2025-10-24T05:32:28.392126Z","last_seen":"2026-05-17T19:23:31.955994Z","times_seen":54,"resource_available":false,"data":null}},"time_used":281,"timings":{"blocked":98,"dns":23,"connect":3,"send":0,"wait":75,"receive":0,"ssl":52},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/__proxy-cms-media/storage/medias/galabet10/media_751_d9ae3c894307358d99e0d666e91a8018.png","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:56.380Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /__proxy-cms-media/storage/medias/galabet10/media_751_d9ae3c894307358d99e0d666e91a8018.png HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/tr/\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=0; twk_idm_key=1j_Pbe3wZINlDTDhzscRH; twk_uuid_69345a05c4e6ba197aefa96c=%7B%22uuid%22%3A%221.92R1qCgyJWowz2iTiEpRwBM0xZehlrdmh8bxgIdk3R7rbioXvAdL6Ij0M1frbRAs6Dh30m1oA1FRvNd3M7KvvDyVS879Xvfp17FFvDm7hE25401h5GP6zS56Sncq%22%2C%22version%22%3A3%2C%22domain%22%3A%22m-galabet1123.com%22%2C%22ts%22%3A1772117636060%7D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:56 GMT\r\ncontent-type: image/png\r\ncontent-length: 3192\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: Content-Type\r\ncache-control: public, max-age=315360000\r\nvary: Accept-Encoding\r\nlast-modified: Wed, 23 Aug 2023 05:40:31 GMT\r\netag: \"64e59bcf-c78\"\r\nexpires: Sun, 24 Feb 2036 14:53:56 GMT\r\naccept-ranges: bytes\r\nage: 767907\r\ncf-cache-status: BYPASS\r\nset-cookie: __cf_bm=4BW1evPuOvLot4dc011.mBjnAAW9zvj2l3o0b51WxY0-1772117636-1.0.1.1-Mjnr4lY5YVj.fpJaBkniHiYMYS9yK0MDdhl4kbHUuIDTmpepS.fhhihYELiUd5LkZS17sUGpVTdWFc39dR4tZD7GAmQ00PPvOxp8s8Dp2qU; path=/; expires=Thu, 26-Feb-26 15:23:56 GMT; domain=.betcoapps.com; HttpOnly; Secure; SameSite=None\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0PDwLuUp2DS9qK%2BLxgV9sQ73jWpuF2T56JjSDIyucBZlj4X2VHnG9i2z%2Bewf%2B%2BEIzbafMzKZI9%2FXdXz%2Bvif6gwRZIGuv6m2TbN5KZyelxmXN\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9d40465b1c3ee0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":3192,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced","md5":"7abcec36faa73c3c894b361fd966fcf6","sha1":"46f3c98f019e59da6263dc8278edd18eeb5e36eb","sha256":"1084b9e09a8774b738e99814bf9869be91b3c154d88bde64c9eac5e399153b19","sha512":"bbe0c85875f870eafc2ecc05b3c21d5a8c0022f1fe92224e65d3fb3f11d68f5793947b810d00c612361e96bd113a510f2329aab9437de415f5be3e1551800cb0","ssdeep":"","tlshash":"ca616df43548b234e081f076129690e50436be4e219eee17b597737cbf2515cd0c7149","first_seen":"2025-12-24T22:39:16.116509Z","last_seen":"2026-06-06T23:43:56.103943Z","times_seen":54,"resource_available":false,"data":null}},"time_used":129,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":129,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69967ba6a3b/js/twk-chunk-6289ff8e.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:56.421Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 06 Jan 2026 07:50:57 GMT","end":"Mon, 06 Apr 2026 08:50:49 GMT"},"fingerprint":{"sha1":"76:A2:1D:87:6A:02:2B:AE:59:CF:63:88:47:0B:0E:A0:A4:71:2D:D7","sha256":"9E:00:F3:80:45:CF:47:97:9A:BA:39:F6:38:6F:52:DD:E7:5F:D6:9B:7E:89:F7:9D:B0:BD:98:6F:1F:45:64:2A"}}},"request":{"raw":"GET /_s/v4/app/69967ba6a3b/js/twk-chunk-6289ff8e.js HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:56 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 19 Feb 2026 02:56:35 GMT\r\netag: W/\"79b4aa69d45c4b43f0b31fd971b1bbdd\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\nage: 16689\r\nvary: accept-encoding\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nx-content-type-options: nosniff\r\ncf-ray: 9d40465b5c7be0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":106023,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"79b4aa69d45c4b43f0b31fd971b1bbdd","sha1":"77122463966366aaa969b55f404af7903b9d8f86","sha256":"34b9a3ffbb7a87b04fe51abdb665588b82d1e5fba4cad27b6d6518228d20c2b5","sha512":"6bc666c4e89838ba9d62ccba15b642154cb69eb86ac22585e64e11eb0bca2ebc710c3c5cf8993a99aa85035e1ae44d566601f6b7649e7d92fa3d72a2f53f252f","ssdeep":"1536:BigMTWFu196wufn32jGDdgaOFUWbaGlDluK1MFY7dZPkx3u4V5pfYMrlSf:4nmuTilGhmPx3u4V5pPrlSf","tlshash":"36a3096ef091b47d8993d26120af3212f3363d55a919d0a8f234cdf859d89c9a127f3e","first_seen":"2026-02-19T03:13:10.618029Z","last_seen":"2026-04-15T01:21:42.737131Z","times_seen":8426,"resource_available":true,"data":null}},"time_used":29,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":14,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/usePriceChange-CQ4NeD1O.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:56.860Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/usePriceChange-CQ4NeD1O.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/assets/FeaturedGames-CmnWY5V8.js\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=0; twk_idm_key=1j_Pbe3wZINlDTDhzscRH; twk_uuid_69345a05c4e6ba197aefa96c=%7B%22uuid%22%3A%221.92R1qCgyJWowz2iTiEpRwBM0xZehlrdmh8bxgIdk3R7rbioXvAdL6Ij0M1frbRAs6Dh30m1oA1FRvNd3M7KvvDyVS879Xvfp17FFvDm7hE25401h5GP6zS56Sncq%22%2C%22version%22%3A3%2C%22domain%22%3A%22m-galabet1123.com%22%2C%22ts%22%3A1772117636060%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:56 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=3,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"1d6-c3O9yJeUB7EHs/ybuJ1hO+/mdzE\"\r\nage: 0\r\ncontent-encoding: br\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LnqiNX74VOFqzQ3mQo7Sftj%2F8d43Dp%2FK8Z3Ik%2FCMMf8wLg4jyStd0R7ewWuXe2NOgv6NF4GXdOd4O7Om%2FizwwQiR1zI8Z8n97nV0CZAbhlO9\"}]}\r\ncf-ray: 9d40465e4d73e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":470,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (469)","md5":"d734f3ff02b9a46256efc81b7db6485c","sha1":"7373bdc8979407b107b3fc9bb89d613befe67731","sha256":"fcd3434c3c2ba621778d372f19f8aaf5cb131adcac607bbcd2a765cda41ff091","sha512":"321e139a46f487a92e3a04e3f4ae7c7966058360ab75507b71e10bb3cb651faf57d4e0ea49bceb28278346ac20cc9186839cf7fc1909527b910069f62b40f8ea","ssdeep":"","tlshash":"9df05cbe54901823945f0cc8c26486571fd126d56bbdc31eb230c82d375c9af0a6ee66","first_seen":"2026-02-24T14:23:50.894874Z","last_seen":"2026-02-26T17:03:57.782605Z","times_seen":4,"resource_available":true,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"statistics.btcoservice27.com/images/e/s/0/490.png","fqdn":"statistics.btcoservice27.com","domain":"btcoservice27.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:58.221Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"btcoservice27.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 09:41:42 GMT","end":"Sun, 26 Apr 2026 10:41:35 GMT"},"fingerprint":{"sha1":"81:21:C1:62:6C:B3:8C:D6:3B:78:1C:03:98:EB:E4:B5:0B:08:13:4C","sha256":"86:BF:9F:A3:FE:30:F5:BD:7B:AD:63:3C:D7:11:72:E8:91:A7:06:23:A8:B5:1E:96:CD:28:18:3E:4C:48:4C:86"}}},"request":{"raw":"GET /images/e/s/0/490.png HTTP/1.1\r\nHost: statistics.btcoservice27.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:58 GMT\r\ncontent-type: image/png\r\ncontent-length: 1163\r\nserver: cloudflare\r\nlast-modified: Tue, 17 Sep 2019 06:56:32 GMT\r\netag: \"95aef59256dd51:0\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\nx-powered-by: ASP.NET\r\nexpires: Thu, 26 Mar 2026 08:44:04 GMT\r\ncache-control: max-age=2592000\r\npragma: public\r\nx-cache: MISS\r\naccept-ranges: bytes\r\nage: 194993\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nset-cookie: __cf_bm=HjDexTn8YpcVmqql93mzHg9gG_xWZbc54ZLFyztgb8U-1772117638.167803-1.0.1.1-ewMMXL9sj8COI3VIXKY49PYlH2v7KY_nzaXqIqTS_OjN44CuAvG5hOEV9GZ_bfz4Ztv828_v4D04EdtQfUdeycSNTsvY5ux7uBNSYRoxFZDBO3pVNKPEU1VNPko470Zk; HttpOnly; Secure; Path=/; Domain=btcoservice27.com; Expires=Thu, 26 Feb 2026 15:23:58 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nFGPvNcN30xxG2Y%2FTJ55t6eRjBd6x7DN5yTiUhr6yEL5g9v4i6LJF%2FqbMJAK%2BM%2Fdg2Dvd0Y4HrRAa8mOqilS8FuAzfLzufJpiEXI8YAU4uVReOm6GOzp8VW%2BCzU%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d4046668f694c11-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":1163,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced","md5":"06509debe60aa81dfffbf004e08c7a6b","sha1":"50b88812052789ae8adefb196dce6cda6923e3e9","sha256":"4359d78708cb50dc84cdb0775b96308e45f49e6b84a41269246af6502514c70a","sha512":"0e29dbbeabf9c8484eb1233149585d6d41c3ad6d9144dc83f3a8d239e8b5f85208c12cf5e073158e3ed7bd59e0722a64acbdbc3a1c967ef9dab4ff27162b8ccd","ssdeep":"","tlshash":"1521c69baca1f19a48ad702e35701173432c22dda9e1649fdcf9e8342f6c7220869288","first_seen":"2023-05-28T18:20:13Z","last_seen":"2026-05-23T15:21:21.730877Z","times_seen":352,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/index-nSKS2CxE.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.407Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/index-nSKS2CxE.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/assets/WagmiConf-DcRD12Of.js\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=1772117635394; twk_idm_key=1j_Pbe3wZINlDTDhzscRH\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=3,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"35fd8-2G7tdjadMtACtmpJfgrzIcNerEE\"\r\nage: 0\r\ncontent-encoding: br\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Ua90Efn5WUR5ncOKaMxYfQS4KoyogEjdWA9jDsDcqxAhoUJhbE4H9HteepXEEyKzMrtHqOhYUb37loJobWficeC8NSJxb2nXCVelmfnGfZ3o\"}]}\r\ncf-ray: 9d4046555a40e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":221144,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (37523)","md5":"37c4c49a4145406837780bbb7247a394","sha1":"d86eed76369d32d002b66a497e0af321c35eac41","sha256":"b6c086f2a21e2899b76a9393b869eb8a6703f59eeda23f3d5fd5971673288ea0","sha512":"b9f970a925bd992a373a452ffef7869ebfac3e8770a1587c932a88435d4c2131e18236af156b0aedd5da7a9cb77ea64b0397d783b5898b2efbdea01f249858c4","ssdeep":"6144:YfeL9y0h4R78o8e4YQIALoh6wj9Sd51jjVvFahIRcDGRD6On:YmJy0h4R78o8e4YN/j9e5xahIFROQ","tlshash":"23240ac4b274b0b556e59494502b1201f1347c56b00d80e8b6bd9dff7faa88d92eef3a","first_seen":"2026-02-24T14:23:51.32626Z","last_seen":"2026-02-26T17:03:57.796635Z","times_seen":4,"resource_available":true,"data":null}},"time_used":29,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":14,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/LiveChatAdviser-0F1bzkHq.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.866Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/LiveChatAdviser-0F1bzkHq.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/assets/index-Dm17uEDJ.js\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=1772117635494; twk_idm_key=1j_Pbe3wZINlDTDhzscRH\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=3,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"35e-7GwevgJv9yp7FYj/CKxayyfzVgk\"\r\nage: 0\r\ncontent-encoding: br\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2p1Hve1AyWaeBvQ7Ejt28LkH%2FkDrjWD4SNqNLsesECkfgI%2Bvtvy0VlXPZuSe%2Bwo%2FEOb%2BSMbnT6ge5voLRZBbizvq4ffs6I9ZVr%2Fl7pVB7VZ%2B\"}]}\r\ncf-ray: 9d404657db1fe0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":862,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (861)","md5":"ac763154c645295c6b3cd9919c57569a","sha1":"ec6c1ebe026ff72a7b1588ff08ac5acb27f35609","sha256":"c7bab1e70362eaef1eda0b1acecc8ad6cfc72706f66f8ef2189f406be6cde7aa","sha512":"7378011e2960c6cbd8d4b05aebfd3ef1d71a399eb5bffb8b8693169d96d3af88bc41ceef1f5dda4e8effcd4c46c5e8a2d8face17a9a2bf31d5a3dd2f48a425e8","ssdeep":"","tlshash":"f211ef96f082e3fd66a7184dd69a6047600a4ea4d27d0db6807b15641a6ce0ae20eed4","first_seen":"2026-02-24T14:23:51.27206Z","last_seen":"2026-02-26T17:03:57.833077Z","times_seen":4,"resource_available":true,"data":null}},"time_used":122,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":122,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69967ba6a3b/js/twk-chunk-2d0d2b7c.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:56.416Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 06 Jan 2026 07:50:57 GMT","end":"Mon, 06 Apr 2026 08:50:49 GMT"},"fingerprint":{"sha1":"76:A2:1D:87:6A:02:2B:AE:59:CF:63:88:47:0B:0E:A0:A4:71:2D:D7","sha256":"9E:00:F3:80:45:CF:47:97:9A:BA:39:F6:38:6F:52:DD:E7:5F:D6:9B:7E:89:F7:9D:B0:BD:98:6F:1F:45:64:2A"}}},"request":{"raw":"GET /_s/v4/app/69967ba6a3b/js/twk-chunk-2d0d2b7c.js HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:56 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 19 Feb 2026 02:56:35 GMT\r\netag: W/\"ecc9e5cf090bf5602a01763e2895acad\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\nage: 16496\r\nvary: accept-encoding\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nx-content-type-options: nosniff\r\ncf-ray: 9d40465b5c74e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":10938,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (10938), with no line terminators","md5":"ecc9e5cf090bf5602a01763e2895acad","sha1":"1d07eaeecb0a31f0d95363694e803282518f81a3","sha256":"1cb6c04d780fb838f64fe8bad72bbc16ff24e2466f9ba3123471321f8342cc0a","sha512":"9ace38dcdfd09222ce1f2536d8e4acc781b0055d6ae35486922b86baa540befc98bd9a5bc67bb00b0ef09b9da16ec97b1fe3b2b676b1403cde8eb2c13981870b","ssdeep":"192:0CFny7CpmxwbZlR1cwr40v0zSrj5D6/L6LvGokD36b4hwseQ:08mChZlRNr40v0GF/LvV4hwsR","tlshash":"073295b7e0a1107ea316871c506fa610f61f6c8ab2161da6b67ab46f900ddcfc065f7c","first_seen":"2025-11-28T06:07:28.918411Z","last_seen":"2026-05-27T07:42:34.869974Z","times_seen":26442,"resource_available":true,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69967ba6a3b/js/twk-chunk-3ea2c7ce.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:56.419Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 06 Jan 2026 07:50:57 GMT","end":"Mon, 06 Apr 2026 08:50:49 GMT"},"fingerprint":{"sha1":"76:A2:1D:87:6A:02:2B:AE:59:CF:63:88:47:0B:0E:A0:A4:71:2D:D7","sha256":"9E:00:F3:80:45:CF:47:97:9A:BA:39:F6:38:6F:52:DD:E7:5F:D6:9B:7E:89:F7:9D:B0:BD:98:6F:1F:45:64:2A"}}},"request":{"raw":"GET /_s/v4/app/69967ba6a3b/js/twk-chunk-3ea2c7ce.js HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:56 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 19 Feb 2026 02:56:35 GMT\r\netag: W/\"52698c6dc96b5f2bd13e8f921334e398\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\nage: 16591\r\nvary: accept-encoding\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nx-content-type-options: nosniff\r\ncf-ray: 9d40465b5c79e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5504,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (5496), with no line terminators","md5":"52698c6dc96b5f2bd13e8f921334e398","sha1":"eb0adbc44ebc73775c5cca0a3851e8a6510d360c","sha256":"37527b07ac54a4567d7e23bde1edfde8ed74c4f30402c96fb56f4c0020c6af42","sha512":"032e41ececcfc651f34c235d15953baacb81e7cfaf492dd919c7fca2a7c49d507ae4a60710064c5419df70eb581254058dffbf1d0d4c53ef47d87bce4e036524","ssdeep":"96:60WlCWYW5rugkENQdx0hZUASzpqrcHZ73abT3Qlgjm6i5cCEsK7oGuyGwDf/2/5N:XBTW5qgNQdAR7c573abF8cCEsK72/5N","tlshash":"b5b11982b251b4668ab5380045cf6f07b07baf4f5d09cd50d783e4a3b230c5a9667e8c","first_seen":"2025-11-13T12:40:48.559139Z","last_seen":"2026-06-08T12:51:50.363804Z","times_seen":36086,"resource_available":true,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/__proxy-cms-api/casino/getGames?partner_id=751\u0026lang=tur\u0026is_mobile=0\u0026country=NO\u0026category=406\u0026limit=5","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:56.425Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /__proxy-cms-api/casino/getGames?partner_id=751\u0026lang=tur\u0026is_mobile=0\u0026country=NO\u0026category=406\u0026limit=5 HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/tr/\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=0; twk_idm_key=1j_Pbe3wZINlDTDhzscRH; twk_uuid_69345a05c4e6ba197aefa96c=%7B%22uuid%22%3A%221.92R1qCgyJWowz2iTiEpRwBM0xZehlrdmh8bxgIdk3R7rbioXvAdL6Ij0M1frbRAs6Dh30m1oA1FRvNd3M7KvvDyVS879Xvfp17FFvDm7hE25401h5GP6zS56Sncq%22%2C%22version%22%3A3%2C%22domain%22%3A%22m-galabet1123.com%22%2C%22ts%22%3A1772117636060%7D\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:59 GMT\r\ncontent-type: application/json; charset=utf-8\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS\r\naccess-control-allow-headers: X-Requested-With,Content-Type,Origin,Accept,Accept-Encoding,Accept-Response\r\nset-cookie: __cf_bm=IPjlIPCwv6x2Y9Q.vEZ62tee241wuTi42eyzhFbm8h8-1772117639-1.0.1.1-nZxrKLEAvCRSnh24hq.0MaNWPMZ8Sr8958DHoP16eMUR4hjqkCAwIP0OQsMWr1FGeqhbhRk3QZlowl_XGHOEfsSgRjPhQw8CFnVh_MN3Zyw; path=/; expires=Thu, 26-Feb-26 15:23:59 GMT; domain=.betcoapps.com; HttpOnly; Secure; SameSite=None\r\ncache-control: max-age=600\r\nvary: Accept-Encoding\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=T2bU1KfDCJSnU8hYcBJvDly3O2KPv%2FG6%2FGSv9cfiohRfPOjtNZr%2FFxICLhLLRdye8g3wwBfJEubuYMSJ61XcteOZDagly4c9L4MhujkY6dK2\"}]}\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncf-ray: 9d40465b6c81e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":7623,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"eac82fe4cb5159d3a5e1bf83cb2ea99e","sha1":"2e7589bc43b3dd61ab23ea709582415b70372624","sha256":"4b6b9806a44236b60e9bd0b65c69131e791435352d6da031a41c5348628c9f5e","sha512":"423a256833cdcca61c3e49d2d188113769a37acb9718a02f3d0ed1a41f5883eb457a8e6c0da5e6d94005f0fe2ee8cb12bfab2fdc9428af85a27faf5add89cfe8","ssdeep":"192:I7V5Y9ae9dlld5YEbOBaOUODv5YgXIXe0d5Y5GZR07zx9d5YYsYzNUpYSNX8NQx:O5qd5E5w5Sd5XTDu","tlshash":"82f141265f18fbe67f5a18a118523c4ed8fc1b939419ad848dbed4f902e11c207f26db","first_seen":"2026-02-26T14:54:53.800034Z","last_seen":"2026-02-26T17:03:57.816437Z","times_seen":2,"resource_available":false,"data":null}},"time_used":2790,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2790,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/__proxy-cms-api/api/public/v1/tur/partners/751/components/header_info/contents?use_webp=1\u0026platform=0\u0026country=NO","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:57.195Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /__proxy-cms-api/api/public/v1/tur/partners/751/components/header_info/contents?use_webp=1\u0026platform=0\u0026country=NO HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/tr/\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=0; twk_idm_key=1j_Pbe3wZINlDTDhzscRH; twk_uuid_69345a05c4e6ba197aefa96c=%7B%22uuid%22%3A%221.92R1qCgyJWowz2iTiEpRwBM0xZehlrdmh8bxgIdk3R7rbioXvAdL6Ij0M1frbRAs6Dh30m1oA1FRvNd3M7KvvDyVS879Xvfp17FFvDm7hE25401h5GP6zS56Sncq%22%2C%22version%22%3A3%2C%22domain%22%3A%22m-galabet1123.com%22%2C%22ts%22%3A1772117636060%7D\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:57 GMT\r\ncontent-type: application/json; charset=utf-8\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS\r\naccess-control-allow-headers: X-Requested-With,Content-Type,Origin,Accept,Accept-Encoding,Accept-Response\r\nset-cookie: __cf_bm=njSSaxYz.BDJ8SueR6z6R6MuQBBae.6PWTxhLl3.k1s-1772117637-1.0.1.1-KgJUI7aHlPk88GpguA73QPNyNwiwVl5YNOnfBRlAghqvnmipU2qPJNj3EHSuA92Fe1uQQtD7R0z8R_VW8kkJ0XNbCsdokNk6i8AC_y_e32U; path=/; expires=Thu, 26-Feb-26 15:23:57 GMT; domain=.betcoapps.com; HttpOnly; Secure; SameSite=None\r\ncache-control: max-age=600\r\nvary: Accept-Encoding\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vTobBD3kvZnmLauzJlfn74cdQUDDQz85J9lC2dF5Q6ghb60P7uch1lWl0f4jD2YM3k3V2RugpyNy0tANUbWEOXFLjg%2Bj5qBUxDGPcBxjGnVk\"}]}\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncf-ray: 9d4046607e16e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":442,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"2f5749aa93793b57aa7da13ed52644c6","sha1":"6721d50b9295c2c3a9e2029e164b9fd28ceb1f48","sha256":"400b442cba911ac00dbf49e857b1af3d6b982b91e87786fa9dc1e716d03cf090","sha512":"2c11ff58052863a81c4dc1436ae3bb47bda757e48aaaa4b66a7748ee58dde1bb975a78158fa8928ec2e8d7b11ed4ebed752453104ad6863fa95f6effda2a1322","ssdeep":"","tlshash":"b0f0dc36972ec92067504290c04f343a185e028dde01ee6cd9adc77044e8379a1220aa","first_seen":"2026-02-26T14:54:53.801108Z","last_seen":"2026-02-26T17:03:57.941631Z","times_seen":2,"resource_available":false,"data":null}},"time_used":138,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":138,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/__proxy-cms-api/api/public/v1/tur/partners/751/components/6714/contents?use_webp=1\u0026platform=0\u0026country=NO","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:57.201Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /__proxy-cms-api/api/public/v1/tur/partners/751/components/6714/contents?use_webp=1\u0026platform=0\u0026country=NO HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/tr/\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=0; twk_idm_key=1j_Pbe3wZINlDTDhzscRH; twk_uuid_69345a05c4e6ba197aefa96c=%7B%22uuid%22%3A%221.92R1qCgyJWowz2iTiEpRwBM0xZehlrdmh8bxgIdk3R7rbioXvAdL6Ij0M1frbRAs6Dh30m1oA1FRvNd3M7KvvDyVS879Xvfp17FFvDm7hE25401h5GP6zS56Sncq%22%2C%22version%22%3A3%2C%22domain%22%3A%22m-galabet1123.com%22%2C%22ts%22%3A1772117636060%7D\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:57 GMT\r\ncontent-type: application/json; charset=utf-8\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS\r\naccess-control-allow-headers: X-Requested-With,Content-Type,Origin,Accept,Accept-Encoding,Accept-Response\r\nset-cookie: __cf_bm=E7aW39dKiQYXh6VWF.pPgLvftnWEPGtZV9XDZFV9lGY-1772117637-1.0.1.1-xFiQwUqGEkmNPjLXByYgTuLS0Smpzb9QH2oksMCW35pd8zH6le4Y_eP9hcXIIhhdJd7s97EDWir5EEhqwIDKYui8N.aoKpMwkm2kdF4nOaQ; path=/; expires=Thu, 26-Feb-26 15:23:57 GMT; domain=.betcoapps.com; HttpOnly; Secure; SameSite=None\r\ncache-control: max-age=600\r\nvary: Accept-Encoding\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=c0410PHRqFBsglR1UXYxla4XnrMHSOl4hodi0om5MlTFrTrSyHX7Vd44jmEy%2B05kBXnYZYFb7YczEiaykNclKiDZbjr6ZFV6W6H6TmxSudRt\"}]}\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncf-ray: 9d4046608e19e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":2222,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"ce3902f4bd7f8f07ef19311509e56859","sha1":"4f8dac69410d4feb2f28963976a11de31833bd47","sha256":"e95f8590f1b24eb82a9bcd46e69bae80f375da5a9d273d5111fb19ec40fce0ff","sha512":"ec76ed398930c6fdeee5bf27adfa17c668ef4d344e8ceb01367f6f2251bc83502c04f7cc4d2cac53b3ffe176e1c0b850a266fc233aff454e7c5ec42b1480d1a7","ssdeep":"","tlshash":"c7415933b02c98a65b443b40b4c7394a94dd54c7dc0b8570dc899f8d86eb6298ad32d7","first_seen":"2026-02-24T14:23:51.361484Z","last_seen":"2026-05-14T23:49:57.392496Z","times_seen":49,"resource_available":false,"data":null}},"time_used":175,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":175,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"statistics.btcoservice27.com/images/e/s/0/450.png","fqdn":"statistics.btcoservice27.com","domain":"btcoservice27.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:58.167Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"btcoservice27.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 09:41:42 GMT","end":"Sun, 26 Apr 2026 10:41:35 GMT"},"fingerprint":{"sha1":"81:21:C1:62:6C:B3:8C:D6:3B:78:1C:03:98:EB:E4:B5:0B:08:13:4C","sha256":"86:BF:9F:A3:FE:30:F5:BD:7B:AD:63:3C:D7:11:72:E8:91:A7:06:23:A8:B5:1E:96:CD:28:18:3E:4C:48:4C:86"}}},"request":{"raw":"GET /images/e/s/0/450.png HTTP/1.1\r\nHost: statistics.btcoservice27.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:58 GMT\r\ncontent-type: image/png\r\ncontent-length: 1537\r\nserver: cloudflare\r\nlast-modified: Tue, 17 Sep 2019 06:26:22 GMT\r\netag: \"ff29cbd2206dd51:0\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\nx-powered-by: ASP.NET\r\nexpires: Fri, 27 Mar 2026 14:11:25 GMT\r\ncache-control: max-age=2592000\r\npragma: public\r\nx-cache: MISS\r\naccept-ranges: bytes\r\nage: 88952\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nset-cookie: __cf_bm=HKyr5DhIfqmaxYnKDf5hLqt6sgjpc.i8mbiX3E41Co8-1772117638.1351297-1.0.1.1-kyAPUOASsf91S24NPkMQMnxFOYAFDqm3mm69dKYeJ67bqoousGoZsGyJM75ULdlxPpgRLJHXs5x4.PbYbgSDwEBDu.KXa.217gQDGast8JXLqvtosXZzyGyFrfg1J0eU; HttpOnly; Secure; Path=/; Domain=btcoservice27.com; Expires=Thu, 26 Feb 2026 15:23:58 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CD7Hydp%2FHPXzC4G6ZQhA7A%2FcBFLDhzdBTa6h0KtKhRm%2F8VTfxPDtq%2FNzO0E%2BH3Pw%2BYwfseQ%2BjW4OW3AHTznHd9OeE%2Fu4l5D9rQD8R23PVrH0e1n70mPxCLkVZXA%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d4046665e1c4c11-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]}],"data":{"size":1537,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced","md5":"c621e52d6b711ec345a8eaccf9912212","sha1":"5cdd33fa5427446f27ae2d5d99de4ed458f4ffbe","sha256":"0181a3b87cffe7f19d7eceefd667a310ee356a09f39d0fb9aee47c228ac636cf","sha512":"8c3cbad9100e6b7131f61eb01f25e1c04f46708174e93c0cdf338f71645db838366a6d79d5840f5ef3807384743ac13d3a7bac0fe9b7502c7cca0e3be504c740","ssdeep":"","tlshash":"ec31e7b47781822dccef10a195de2254c4a1a0eabce03fae1f10822012658c93f75ba6","first_seen":"2023-09-23T15:54:58Z","last_seen":"2026-05-16T13:14:11.637502Z","times_seen":172,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/index-Dm17uEDJ.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:53.629Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/index-Dm17uEDJ.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:53 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=3,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"1156fc-+74wfoU1f4QE4lVbKJb4qsfr6qA\"\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=azwoAmNbeoEP4T4Y4dgrccFTOCV6LqSiQ073ClOra%2F%2BUig0kp1XGxdQrNjaElnHTUIUFhtd7bqPDixwf89zs41EPKWyZIEoUeLuDq5QeSF1i\"}]}\r\ncf-ray: 9d40464a2f20e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":1136380,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (25434)","md5":"eb4a698ba61c4ff2df2974c97abe3b1b","sha1":"f40e44d2650a76c10193192f52a1c267feac00fe","sha256":"17b6aa3f2fa1da41ab1b6e4109948b3b06108da0a0fc2023fd1a7d9e78d9921a","sha512":"66f305287de07cee80f919b5fcccc13b07946c4c61151e24279ea2fcfb5d41b52efa07037720b7040e5f4d5d73b3f26d66f7bf05b08465620c1812e877c2193e","ssdeep":"24576:cWVkHIx9sL4CFLHodjJhtBPZ2d0gPGYZYqjmsKmZiKif3ikAXEt70VDbyzWiQnux:VVkHIx9sL4CFLHcjJhtBPZ2dPPGYFjmH","tlshash":"73257d85b059b97997b709e560af1101b1391e04f44dc860f17cedae29bd808a2bbffd","first_seen":"2026-02-24T14:23:51.186995Z","last_seen":"2026-02-26T17:03:57.854645Z","times_seen":4,"resource_available":false,"data":null}},"time_used":309,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":120,"receive":189,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/BetslipButton-tfWg31Ws.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.830Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/BetslipButton-tfWg31Ws.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m-galabet1123.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=4,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"1a2-qYBBr8bkBbH+tRTUJEF4e263Fvc\"\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=07%2B3MeqlsETjzmx9UsV3bYhRK%2BxyYZSmAJ1iLeB2T0D7vm7bPf0KcY8x9CKlkeetW8E1pVGVvB3l6q0MFJI4YhpGLfB5g%2BT1jO1RG545J9oE\"}]}\r\ncf-ray: 9d404657cb03e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":418,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (417)","md5":"3eac9758e461b39157cba1601935dac2","sha1":"a98041afc6e405b1feb514d42441787b6eb716f7","sha256":"c93e12cd7a9021b060876cbe4384088c2c2183d1617cffb509a17dd883f51d04","sha512":"a91e554873ed7ff7c4ae676e2fb3fd11f331d987f097d1b82f7ce55e45d95b1e99c534efee805ee87f54a34d314b8158c9c96f8887d987a4df027f9fa1c89d1b","ssdeep":"","tlshash":"16e0ab478888c2fe07425e82110682123c2795bca250e69180ae6c657e38646c81e52f","first_seen":"2026-02-24T14:23:51.354145Z","last_seen":"2026-02-26T17:03:57.763051Z","times_seen":4,"resource_available":true,"data":null}},"time_used":115,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":115,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/GameSuggestedEventsWidget-C1YjPNkk.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.833Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/GameSuggestedEventsWidget-C1YjPNkk.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m-galabet1123.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=4,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"e8e-Os1anBER2O3YZQKJmZxNEEaJ5jM\"\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=pIHwfl14hINAQdiRjb0Vf8qPV0LCmcmTFH6%2Bkm7U8GhjX0R3u%2BMqA8nxVufGTr4AwCqA27lIGKsFoWSBTwD26972L79dqvaSK4tKkdGgHmra\"}]}\r\ncf-ray: 9d404657cb07e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":3726,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (3725)","md5":"43787a45f5cfe74078cbc565e4521f6d","sha1":"3acd5a9c1111d8edd8650289999c4d104689e633","sha256":"cd5da6dea240ba73bfe9cc022b7d9453583f2101b409e94833a3aae12cec1a1f","sha512":"090bda22324787190a13f5acbea2eceaad19784af2d260ac172a2927898e787ecdfacf87d12a74f6ab5fbf3b8b2cd2e18a9d8c970aec4dba4dbd4c7e5eb443aa","ssdeep":"","tlshash":"7071e74ae010aa39a13740d82bef3219153632b4b94353c1b63fca7123f55926b5bbdf","first_seen":"2026-02-24T14:23:51.248389Z","last_seen":"2026-02-26T17:03:57.756743Z","times_seen":4,"resource_available":true,"data":null}},"time_used":121,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":121,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/fonts/default/RobotoBold.woff2?v=63","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.954Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /fonts/default/RobotoBold.woff2?v=63 HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/assets/index.BJU6hB4z.css\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=1772117635790; twk_idm_key=1j_Pbe3wZINlDTDhzscRH\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 62032\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"f250-sdZeMF6FDN01JzT3hCzd/TDwjQs\"\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dJj44Gr0Ur0Z%2B%2BBtdmMUn10pXmtXkt4k%2FHhFIegsvVZr0Ef06ryR28VguwP6qJJKzs5X5AnTnfMwNBeu2TXsCD3Ikrf1iGUGx0DoIq0PF18M\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9d4046584b3be0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":62032,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 62032, version 1.0","md5":"5c3f2196f147bbbc3583de1008be7538","sha1":"b1d65e305e850cdd352734f7842cddfd30f08d0b","sha256":"c6213e789895a427306e62a03b1a96ac884f58957b4f14e27f8e4361e32bf382","sha512":"a0a556d7d670c7197f1daf9cc7d84b3872cbaa92f916bd092c3831d3936362ddde3e837e4330895a5d53f0783b761ded7d00d126a0a04feaea84d01d12e62f1d","ssdeep":"1536:+07i808sgDXsqfywKCgqTwnXO09CU+O2G48I5lkEGN2iBYF5cftfplD+2U:+epsGXZfeCgZXd9hAGtI56ZiF523+2U","tlshash":"2f53023e9427274226b1dcca96ece2ee16c278fb700119ddb41075ee9f32f814c83a56","first_seen":"2023-05-07T18:24:32Z","last_seen":"2026-06-06T23:43:56.086284Z","times_seen":2662,"resource_available":false,"data":null}},"time_used":184,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":114,"receive":70,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/LiveChatAdviser-0F1bzkHq.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.828Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/LiveChatAdviser-0F1bzkHq.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m-galabet1123.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=4,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"35e-7GwevgJv9yp7FYj/CKxayyfzVgk\"\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=UGWEOxGnIMhjK4%2ByEFdLQfLN2wsMjdQUMjWkaBOr8B9xL8jOWDeW4mxOyVpzcDcZU2tkko8tiO1rUk5tv0UQUzx7VAjj9qgXm6oC6n5zoboi\"}]}\r\ncf-ray: 9d404657bafae0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":862,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (861)","md5":"ac763154c645295c6b3cd9919c57569a","sha1":"ec6c1ebe026ff72a7b1588ff08ac5acb27f35609","sha256":"c7bab1e70362eaef1eda0b1acecc8ad6cfc72706f66f8ef2189f406be6cde7aa","sha512":"7378011e2960c6cbd8d4b05aebfd3ef1d71a399eb5bffb8b8693169d96d3af88bc41ceef1f5dda4e8effcd4c46c5e8a2d8face17a9a2bf31d5a3dd2f48a425e8","ssdeep":"","tlshash":"f211ef96f082e3fd66a7184dd69a6047600a4ea4d27d0db6807b15641a6ce0ae20eed4","first_seen":"2026-02-24T14:23:51.27206Z","last_seen":"2026-02-26T17:03:57.833077Z","times_seen":4,"resource_available":true,"data":null}},"time_used":139,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":139,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/StatisticsOnHoverContainer-BsM17Aei.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.860Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/StatisticsOnHoverContainer-BsM17Aei.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/assets/index-Dm17uEDJ.js\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=1772117635494; twk_idm_key=1j_Pbe3wZINlDTDhzscRH\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=3,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"2634-kJ8cyfq5G3rtB1P1MhiAbrW+NLQ\"\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=tarPooXYUJV4nC2EnYfon3S7zNiurS60MmPQ%2B2OmBn2H8wH0EMJsbCi3EAoEYWmJB4mWCPYipSVgCEIVNt4rx5TPTgM5Jk0sjmiIa%2FMm6EyP\"}]}\r\ncf-ray: 9d404657db1ae0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9780,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (9539)","md5":"49787840fdb8d4df9761ec97f3432d15","sha1":"909f1cc9fab91b7aed0753f53218806eb5be34b4","sha256":"ad4dd40765aa61a8a852c0607b3c0bd802989ee4b7f3e686e8ede8adb6324907","sha512":"50cd1ee26d9cf314e8da57339139d5e00840fb7583f3dc1012b0e1ce38c787ecbbdf490fa8aaa6d3dfc693cf1fac77ce8940a95e394900b379e4e1183409c9c4","ssdeep":"192:sn2zkXAsarXDxLwxGEE0D9AOgzm6j/e0R:sBParTxLwxGEphAdzm6j2q","tlshash":"1512626c118e5f69f41a8240b5202e39bb3a7877958d66f87ebc441fd3ce444bb9cb18","first_seen":"2026-02-24T14:23:51.34682Z","last_seen":"2026-02-26T17:03:57.950488Z","times_seen":4,"resource_available":true,"data":null}},"time_used":144,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":117,"receive":27,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1052.com/storage/medias/galabet10/content_751_255218c8ce749fe8c9dfbc0b8e8ed1ce.webp","fqdn":"icons.galabet1052.com","domain":"galabet1052.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:57.692Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1052.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:14:03 GMT","end":"Sun, 24 May 2026 11:13:59 GMT"},"fingerprint":{"sha1":"3B:14:63:FD:4D:69:AD:3E:AE:90:AC:62:75:5F:1C:3B:40:70:81:66","sha256":"67:D1:79:82:FD:52:DC:63:91:45:A6:57:3E:F7:D3:BE:95:EE:80:07:4E:A0:E0:43:F1:1C:9D:1B:E1:2E:48:79"}}},"request":{"raw":"GET /storage/medias/galabet10/content_751_255218c8ce749fe8c9dfbc0b8e8ed1ce.webp HTTP/1.1\r\nHost: icons.galabet1052.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:57 GMT\r\ncontent-type: image/webp\r\ncontent-length: 18246\r\nserver: cloudflare\r\nlast-modified: Tue, 01 Oct 2024 12:46:00 GMT\r\npriority: u=4,i=?0\r\netag: \"66fbef08-4746\"\r\nexpires: Thu, 05 Mar 2026 14:53:57 GMT\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nset-cookie: __cf_bm=bBRsTyBPHw1pno4iyPoAXEH4gUtcIz2U0h68sW.nJNQ-1772117637.685642-1.0.1.1-P4lluPsaNnhiQDcaVrIilH19dKyE2XKxy2M1CLZ.cxqaSwspcgeQT3lCOjDqUcusPl8__hDT92fRWtBDGFPeQxUEkXYcR5OG3KNHbjPYrZ3EJf7suHASW3uIAPJ40wYe; HttpOnly; Secure; Path=/; Domain=galabet1052.com; Expires=Thu, 26 Feb 2026 15:23:57 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=WyVlQFx597yZSV%2BBgXCZnPXAxSl%2BXQucNLlkvLJTpBs1QBspGyLKcpV7jUebhUFxYJYfcTDD9pWtdFhHkLzw2Jou03bcj%2FsZVGR8d328qAKHVZiGOA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d404663895135a6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":18246,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"64a87f03ae635843aa9ddf8b795ef059","sha1":"820acaed7c185030663567efd9b9b0d820c10b2e","sha256":"eb987fab4dbb8a68ec1dac3374ab8d34c1d24e192526bfa17f415a67957094e3","sha512":"881a3d458f5189ed68310367aa0b7c4e4e51df4bb58d942b9f7c3e06a66010f735b9b0161f80028adb1c92cfc2e3df3b4760e69b0df6d84850877c60c7307373","ssdeep":"384:MTMTJfN/dyUK351WMwsPAv4eN/lz2T6zfdhXeVZA4BWDYWTsVfAEsTTQ:9Tj/NTFAeN/RG6zlIVZAkWDYWwVzgU","tlshash":"c682d037039a424351b7142fccaa7d52a4d0097b8a2be67a0d5903a54a3f7398bdf67c","first_seen":"2025-12-24T22:39:16.361229Z","last_seen":"2026-06-06T23:43:56.114134Z","times_seen":55,"resource_available":false,"data":null}},"time_used":130,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":94,"receive":36,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1052.com/storage/medias/galabet10/content_751_2fbcd393de6e2087aa59ff73668d3cfd.webp","fqdn":"icons.galabet1052.com","domain":"galabet1052.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:54:07.854Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1052.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:14:03 GMT","end":"Sun, 24 May 2026 11:13:59 GMT"},"fingerprint":{"sha1":"3B:14:63:FD:4D:69:AD:3E:AE:90:AC:62:75:5F:1C:3B:40:70:81:66","sha256":"67:D1:79:82:FD:52:DC:63:91:45:A6:57:3E:F7:D3:BE:95:EE:80:07:4E:A0:E0:43:F1:1C:9D:1B:E1:2E:48:79"}}},"request":{"raw":"GET /storage/medias/galabet10/content_751_2fbcd393de6e2087aa59ff73668d3cfd.webp HTTP/1.1\r\nHost: icons.galabet1052.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Feb 2026 14:54:07 GMT\r\ncontent-type: image/webp\r\ncontent-length: 36902\r\nserver: cloudflare\r\nlast-modified: Thu, 23 Oct 2025 12:54:53 GMT\r\npriority: u=4,i=?0\r\netag: \"68fa259d-9026\"\r\nexpires: Thu, 05 Mar 2026 14:54:07 GMT\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nset-cookie: __cf_bm=tch3f48Ik.IsQw0cE6uj5heG5BzNbOSRT6FzelviE6U-1772117647.857613-1.0.1.1-Ufw7Zt09n_5OAVYIqUmrmr_fK6ZGGtTwY8p3sja.ZNpD4AnjH.QG8uU6vJcZn5DA8TrSJt1VnTOuulFrsblhc_nrhTDqK2FJ44JaNAzbhhDcS9hEGuQyjvp.JR.Eu98i; HttpOnly; Secure; Path=/; Domain=galabet1052.com; Expires=Thu, 26 Feb 2026 15:24:07 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HcTm88OfvG%2B2nRLK4hBIV0BPyLdLwBlIB7%2B8O2EFc4S4VvT87Y3TrNr60b6LoKEdAyQhxdi3OqLMGYJm85uAiXJ0Fa4Uorf5UYhr7Ppg01BHPUivYw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d4046a3180e35a6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":36902,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1600x160, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"9178dce074f6f5da14aa962d2d1eff1d","sha1":"afd5dedc4d9b6db21ec314a88ccf8ffdb4a7e358","sha256":"952f7cb545a4d304de18f0b58657973281cf89598d682dcca9fed33c513ce9b6","sha512":"30721d72dc204df72ad17431c1731cdc5e2f16d3d5406c3799e64872fabc9891c2028086ef9d7628b75a26fb15f839b822ea83f5fdf76b6200d7127c88bd9de6","ssdeep":"768:llaVUjckpH6fDslCO+7tpfQL3ocEvIIkr0wYhr8R0QfnAutxKF:llDjckpHyO+pfQL4cEXkrqr8KQPMF","tlshash":"94f2f18b599c03d0b9bfec30ab2983f7a45955cd44b0416abf8aee70d2135f94b86358","first_seen":"2026-02-24T14:23:51.465777Z","last_seen":"2026-06-06T23:43:56.12804Z","times_seen":30,"resource_available":false,"data":null}},"time_used":119,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":86,"receive":32,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"geoapi.btcoservice27.com/?type=json","fqdn":"geoapi.btcoservice27.com","domain":"btcoservice27.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.053Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"btcoservice27.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 09:41:42 GMT","end":"Sun, 26 Apr 2026 10:41:35 GMT"},"fingerprint":{"sha1":"81:21:C1:62:6C:B3:8C:D6:3B:78:1C:03:98:EB:E4:B5:0B:08:13:4C","sha256":"86:BF:9F:A3:FE:30:F5:BD:7B:AD:63:3C:D7:11:72:E8:91:A7:06:23:A8:B5:1E:96:CD:28:18:3E:4C:48:4C:86"}}},"request":{"raw":"GET /?type=json HTTP/1.1\r\nHost: geoapi.btcoservice27.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m-galabet1123.com/\r\nOrigin: https://m-galabet1123.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\nx-powered-by: PHP/7.3.33\r\naccess-control-allow-origin: *\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=T9g%2BvVGTz89JHF57UZz4zV04oS%2BNZKmqeINvAXIqM6TJGF4bnwJo55t1MlGsYD9GHQaj5y4thxpoGOqYUAwZXZFp4RfZAWOylGDJLDIvV%2F9ovjAD0QKxrg%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\nset-cookie: __cf_bm=9K.v0Gv9qpUPiZOc7U0BPX_4dJNipdINl._Jq94jP60-1772117635.0581415-1.0.1.1-kvjogkUV6ExL6n6YcqB9VtNCi4mvE6hw_y1cLdRrWNoym5VF2f1T35GY_dGqv509B48YXxrxEeQsppN6gbcBgpJ.FaRlnRfECmnaJdaJ920MEz.CiYsXFdK.sbW5DaDQ; HttpOnly; Secure; Path=/; Domain=btcoservice27.com; Expires=Thu, 26 Feb 2026 15:23:55 GMT\r\ncontent-encoding: br\r\ncf-ray: 9d40465318cba0f0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"PHP:7.3.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":201,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"JSON text data","md5":"ae0c7b15f7b07d5287f4f56fc107254a","sha1":"dec4cfb67f23a362cf007e3414411a871f42f8b4","sha256":"e64d2e0a65cac499cbd1024efbfdd31a982c7a1d825de1b2bdcd6e4001e7854b","sha512":"74b1f188e6f60f077ee12e4556f5d70f415e2e0f89f8c513a50df271545efc9d30f25d65a4ff4acd1cf25c60d0a70fd5664bfd72608ac1b75237a02981991b8b","ssdeep":"","tlshash":"c0d02218184d8d8aae34c2882a4fa9331ab220ccc28f40c4828aae31c3d86ec3288840","first_seen":"2023-05-08T13:32:10Z","last_seen":"2026-06-06T07:02:31.879116Z","times_seen":186,"resource_available":false,"data":null}},"time_used":44,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":43,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/SystemBetCalculatorContainer-BmSNbe1d.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.862Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/SystemBetCalculatorContainer-BmSNbe1d.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/assets/index-Dm17uEDJ.js\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=1772117635494; twk_idm_key=1j_Pbe3wZINlDTDhzscRH\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=3,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"378-C6Zo3ldTKpnUnpq0AXY/6IvtP7c\"\r\nage: 0\r\ncontent-encoding: br\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=llVrRag73wBIn0H4NfVAdBACjJ2PG57PqF46ZcuQyKJxX4v%2BkuSJp0FH6B4Cs7JSrCshf2RjWzZqv32VWILlA%2B4XMZxgTe5Pd9mBwXWyV0hU\"}]}\r\ncf-ray: 9d404657db1be0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":888,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (544)","md5":"690145235a675d77bd5d22c88fdecc1e","sha1":"0ba668de57532a99d49e9ab401763fe88bed3fb7","sha256":"de4489e163ab1a989441ebac43016178c8c04ab7a9915ca5bd58da750b0c8caf","sha512":"e788679931673924ed51a6cf036cf5edfce7f1c8f4d6c13f36176b4400cc89b91e51b0355acd38c7706775f1569c52f84f6f21a06bb9369eeca5ea85a3957593","ssdeep":"","tlshash":"a1119c539718ce75848a0f660945a0541db54618a918f668b6e58c3cf51408387fffbb","first_seen":"2026-02-24T14:23:51.314888Z","last_seen":"2026-02-26T17:03:57.912547Z","times_seen":4,"resource_available":true,"data":null}},"time_used":100,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":100,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/BetslipButton-tfWg31Ws.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.867Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/BetslipButton-tfWg31Ws.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/assets/index-Dm17uEDJ.js\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=1772117635494; twk_idm_key=1j_Pbe3wZINlDTDhzscRH\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=3,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"1a2-qYBBr8bkBbH+tRTUJEF4e263Fvc\"\r\nage: 0\r\ncontent-encoding: br\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=haAjFo%2BbnXwEv9AYZkWNmEuN%2B410nwuScgYe6Vo6RGMLOLxbOMUyiLIxCSp9qjlcJvNvIuhOCbc02gOi90DU33Cy6BGit1%2FkulVdFpg3hmtn\"}]}\r\ncf-ray: 9d404657db21e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":418,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (417)","md5":"3eac9758e461b39157cba1601935dac2","sha1":"a98041afc6e405b1feb514d42441787b6eb716f7","sha256":"c93e12cd7a9021b060876cbe4384088c2c2183d1617cffb509a17dd883f51d04","sha512":"a91e554873ed7ff7c4ae676e2fb3fd11f331d987f097d1b82f7ce55e45d95b1e99c534efee805ee87f54a34d314b8158c9c96f8887d987a4df027f9fa1c89d1b","ssdeep":"","tlshash":"16e0ab478888c2fe07425e82110682123c2795bca250e69180ae6c657e38646c81e52f","first_seen":"2026-02-24T14:23:51.354145Z","last_seen":"2026-02-26T17:03:57.763051Z","times_seen":4,"resource_available":true,"data":null}},"time_used":98,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":98,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-MCEY36CK22","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.178.72","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:56.525Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:36:44 GMT","end":"Mon, 27 Apr 2026 08:36:43 GMT"},"fingerprint":{"sha1":"60:4D:15:F0:37:85:71:03:3A:5F:40:31:C7:D1:01:D3:83:25:3A:02","sha256":"67:C0:9E:02:17:D8:19:0D:DC:84:B7:81:9F:AA:72:31:D5:26:0D:A6:E0:AB:41:AD:C9:26:05:57:7C:19:35:3A"}}},"request":{"raw":"GET /gtag/js?id=G-MCEY36CK22 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Thu, 26 Feb 2026 14:53:56 GMT\r\nexpires: Thu, 26 Feb 2026 14:53:56 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 150531\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":455510,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (6033)","md5":"5589c0925b5e327da2a98b989e3b3669","sha1":"111f7c51fae10067725ce146da741ea6907a5306","sha256":"0baa4170e560f3d60c69c4f581d1b39cfea58995fb231643fe90808f5bde551f","sha512":"b3b9b8588c2851c86f5c57eba7cec1acc19856de2c9865640197a42d3464ec87bbadfe8995c09c0a52ab1c0d4cc1200fc358c988513832d8360f1493acb841c0","ssdeep":"6144:vMakI3dclXYZfoDbvGPR8JLgoQ99orRUO5N8X1XgyznX6:v8o+lXYZfoP6R81N8l3G","tlshash":"bca409ce73d674225297f478903f018ba57b24a2b48cc89af189cce42d7469a4277f7d","first_seen":"2026-02-26T14:54:53.810931Z","last_seen":"2026-02-26T14:54:53.810931Z","times_seen":1,"resource_available":true,"data":null}},"time_used":414,"timings":{"blocked":109,"dns":1,"connect":28,"send":0,"wait":67,"receive":79,"ssl":126},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statistics.btcoservice27.com/images/e/s/0/327.png","fqdn":"statistics.btcoservice27.com","domain":"btcoservice27.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:58.164Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"btcoservice27.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 09:41:42 GMT","end":"Sun, 26 Apr 2026 10:41:35 GMT"},"fingerprint":{"sha1":"81:21:C1:62:6C:B3:8C:D6:3B:78:1C:03:98:EB:E4:B5:0B:08:13:4C","sha256":"86:BF:9F:A3:FE:30:F5:BD:7B:AD:63:3C:D7:11:72:E8:91:A7:06:23:A8:B5:1E:96:CD:28:18:3E:4C:48:4C:86"}}},"request":{"raw":"GET /images/e/s/0/327.png HTTP/1.1\r\nHost: statistics.btcoservice27.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:58 GMT\r\ncontent-type: image/png\r\ncontent-length: 1270\r\nserver: cloudflare\r\nlast-modified: Thu, 19 Apr 2018 18:33:40 GMT\r\netag: \"76f16df0cd8d31:0\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\nx-powered-by: ASP.NET\r\nexpires: Sat, 28 Mar 2026 01:14:30 GMT\r\ncache-control: max-age=2592000\r\npragma: public\r\nx-cache: MISS\r\naccept-ranges: bytes\r\nage: 49167\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nset-cookie: __cf_bm=Plmjc01APpXN647QZ.lFO26wfbSv0UB6D_9RZLFTVP0-1772117638.1306727-1.0.1.1-8Eyh.SE7XF1Jgi8rPMJBG1PvFFztWJaHqMMl43ZszIumPeOejIPCD_IUKC9PpodmPzidWuGlHgF3arTDsyFeycHOFIqAaCpEPIUaqrfR5rtkSkYYLYCXL3KnjYrRQ0oh; HttpOnly; Secure; Path=/; Domain=btcoservice27.com; Expires=Thu, 26 Feb 2026 15:23:58 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Va2ZK3PCspd5l2%2BWSy2MzKZxlB3rIIcIhw7KEsaoe3v5IJr115RN3K8%2FIDSrR5%2BrC0VemeOfIMXJnAQrpg1hYizIuRJplfVAK2%2Bl6%2FPgycObvQYfU9E16x%2BIuhY%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d4046664de54c11-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1270,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced","md5":"df8828e50ab62af9995e91cfae20161e","sha1":"bb027a65862a8c0aed68d45553dc29f07e65243a","sha256":"4eee0f6174c938a486a78482970e8fffad98e794f7661f0cf856596b4441c440","sha512":"ee1726c164e8487378311286b7be25db0aafc1a57bff920199a7dea27dc58bb3390cf68b8272f577b0b6c7ae9cfdf0ddfb90df330d6c3ee62228a3b2c778bc25","ssdeep":"","tlshash":"a721e7a3ff241c4bd8e67297ab7d0a88cef612a6249be16055b0c23c0a1516004daee1","first_seen":"2025-10-05T21:52:36.047183Z","last_seen":"2026-05-30T18:23:45.155338Z","times_seen":21,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/index-Dm17uEDJ.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.499Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/index-Dm17uEDJ.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m-galabet1123.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=4,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"1156fc-+74wfoU1f4QE4lVbKJb4qsfr6qA\"\r\nage: 1\r\ncontent-encoding: br\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YsGyRqNZrzxSc6gTsSy96Q%2B3Wk%2BNcz1z5r%2FTLoERpDWgHimobgojU0MPYudBerFhTlprZS8vqs7NQm%2B45Jje1PVqqmCvdu2tWQWAUL7eCyE6\"}]}\r\ncf-ray: 9d404655ea71e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":1136380,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (25434)","md5":"eb4a698ba61c4ff2df2974c97abe3b1b","sha1":"f40e44d2650a76c10193192f52a1c267feac00fe","sha256":"17b6aa3f2fa1da41ab1b6e4109948b3b06108da0a0fc2023fd1a7d9e78d9921a","sha512":"66f305287de07cee80f919b5fcccc13b07946c4c61151e24279ea2fcfb5d41b52efa07037720b7040e5f4d5d73b3f26d66f7bf05b08465620c1812e877c2193e","ssdeep":"24576:cWVkHIx9sL4CFLHodjJhtBPZ2d0gPGYZYqjmsKmZiKif3ikAXEt70VDbyzWiQnux:VVkHIx9sL4CFLHcjJhtBPZ2dPPGYFjmH","tlshash":"73257d85b059b97997b709e560af1101b1391e04f44dc860f17cedae29bd808a2bbffd","first_seen":"2026-02-24T14:23:51.186995Z","last_seen":"2026-02-26T17:03:57.854645Z","times_seen":4,"resource_available":false,"data":null}},"time_used":63,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":48,"receive":15,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/FavoriteGamesButton-CMayIdHJ.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.823Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/FavoriteGamesButton-CMayIdHJ.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m-galabet1123.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=4,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"1ab-CgeCq0ATcH8nw1QvrZikJ1vgJWY\"\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=r9Z8tt0a3w9xDzl5e0am%2FYmVmz3tiZWIhoIhHghV6WV%2Blc25wS76DIqU6rCnAWgeNc%2BK1FbQfDFfyuwrfJL%2FK02dOjhODwNIzWn6fPzwZJwc\"}]}\r\ncf-ray: 9d404657baf6e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":427,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (426)","md5":"272697ecc5d859b61a93b0b0508d2361","sha1":"0a0782ab4013707f27c3542fad98a4275be02566","sha256":"c28bf4ed911a1e3d95ee88f0294ca02d9018275938aa0d5ce62559f21ce18d54","sha512":"5359a5b24b62b4ee9bfbe3fdef282c4e44b9ccf8b2ca3dfb73138287b4bc2abfb1f94f0daa37c4e8ceda755456e63bbfb771a5f8e884683a664fc97e17151f1f","ssdeep":"","tlshash":"04e0ab0be4c9e2fa2b826b911607c1282c2be4bce7a8e19050de04643d35597c81e96f","first_seen":"2026-02-24T14:23:51.182796Z","last_seen":"2026-02-26T17:03:57.838455Z","times_seen":4,"resource_available":true,"data":null}},"time_used":121,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":121,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1052.com/storage/medias/galabet10/content_751_dd37a279c43f0ccbb760be731379303b.webp","fqdn":"icons.galabet1052.com","domain":"galabet1052.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:57.791Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1052.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:14:03 GMT","end":"Sun, 24 May 2026 11:13:59 GMT"},"fingerprint":{"sha1":"3B:14:63:FD:4D:69:AD:3E:AE:90:AC:62:75:5F:1C:3B:40:70:81:66","sha256":"67:D1:79:82:FD:52:DC:63:91:45:A6:57:3E:F7:D3:BE:95:EE:80:07:4E:A0:E0:43:F1:1C:9D:1B:E1:2E:48:79"}}},"request":{"raw":"GET /storage/medias/galabet10/content_751_dd37a279c43f0ccbb760be731379303b.webp HTTP/1.1\r\nHost: icons.galabet1052.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:57 GMT\r\ncontent-type: image/webp\r\ncontent-length: 141024\r\nserver: cloudflare\r\nlast-modified: Thu, 04 Jan 2024 11:52:54 GMT\r\npriority: u=4,i=?0\r\netag: \"65969c16-226e0\"\r\nexpires: Thu, 05 Mar 2026 14:53:57 GMT\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nset-cookie: __cf_bm=OKhgZmSBm1GmxSUFvhfIorBtd_4tQEWQHW.XWaL5s1o-1772117637.79012-1.0.1.1-dvQ_JEvrSB3fl3GBnBFC6s1UMBaUeN39av3go9dVRmHdKnKHqwshXYh3iw41Nb_dQIResm6UEUPNTa40p5swzzllydeie6WmJennvAhTBUmwVbUcShfNJDSqISEenDQd; HttpOnly; Secure; Path=/; Domain=galabet1052.com; Expires=Thu, 26 Feb 2026 15:23:57 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5EoeZzOy%2BZpXy6GR9roF8cGM90Vhd69c4Ra4%2BDej7o%2BmDgfCQcGrLo4zYCP4ODd0divMpaaIhpVaU46IIflltH9AIBzAwA%2FbIRvldhqm46XTb9aSbw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d4046642cd035a6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":141024,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 2600x662, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"f1908ce8016950b6f3f5cee3256d491b","sha1":"80ec67cfa39f67fcd9c9ab6addbafeac07d052d6","sha256":"03cf5790335927a6e35c79f28653f6460e05145a1df56534eab746b55d13139f","sha512":"cc26ac01f7f591007f2c398c608dcf25c0ce6258bd13d202237a891a6792d4a9e2899fc44baeabfff9a4a7becbe8fc1859086852b64cfbce3e39555db2f4c5e3","ssdeep":"3072:Jue4D7v00XU3boz/OEjj7laE4webThg7TF6/+lqGQ8f:JHI7M0kr2DlPeuPF6e1f","tlshash":"acd31261ac51709522cfeec209d32b69713237d0553c29b4a49ae4625ed3ac2da33f5e","first_seen":"2026-02-24T14:23:50.909304Z","last_seen":"2026-06-06T23:43:56.093565Z","times_seen":14,"resource_available":false,"data":null}},"time_used":199,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":90,"receive":109,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statistics.btcoservice27.com/images/e/s/0/457.png","fqdn":"statistics.btcoservice27.com","domain":"btcoservice27.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:58.219Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"btcoservice27.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 09:41:42 GMT","end":"Sun, 26 Apr 2026 10:41:35 GMT"},"fingerprint":{"sha1":"81:21:C1:62:6C:B3:8C:D6:3B:78:1C:03:98:EB:E4:B5:0B:08:13:4C","sha256":"86:BF:9F:A3:FE:30:F5:BD:7B:AD:63:3C:D7:11:72:E8:91:A7:06:23:A8:B5:1E:96:CD:28:18:3E:4C:48:4C:86"}}},"request":{"raw":"GET /images/e/s/0/457.png HTTP/1.1\r\nHost: statistics.btcoservice27.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:58 GMT\r\ncontent-type: image/png\r\ncontent-length: 1609\r\nserver: cloudflare\r\nlast-modified: Sat, 09 Apr 2016 09:04:30 GMT\r\netag: \"e8e459d33e92d11:0\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\nx-powered-by: ASP.NET\r\nexpires: Tue, 24 Mar 2026 19:44:49 GMT\r\ncache-control: max-age=2592000\r\npragma: public\r\nx-cache: MISS\r\naccept-ranges: bytes\r\nvia: 1.1 google\r\nage: 328148\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nset-cookie: __cf_bm=wILWiZsmsTQk7Hw.1XJ6kfZQ5j1X7KjhqZn42NqIlYI-1772117638.1640747-1.0.1.1-mKg6eHozSzB3b_1XodwxYX0KL1yNQH2WXhpghbJhKhYCTg3Sc1_.6PQaiWI1EV2oeqic1REqB.TIsTRhJDWQpWumGtkDRt0EihqXQjJTCMYmf2jZ.ZydsA_MjIhiaVo8; HttpOnly; Secure; Path=/; Domain=btcoservice27.com; Expires=Thu, 26 Feb 2026 15:23:58 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fM7%2BO50OSL7kUd0io6LhJxc9muk9kqIJb8zbtvzAGHxeq4GCrbcYqIU4AgItc%2BWY%2FNZVoVRS2fDuaCrWjxMpPyk%2FvUuPgXpjmZmVwpkM%2FmCfGVM%2BxfWHGLamE5E%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d4046668f504c11-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":1609,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced","md5":"e8f240529b31da85e653f39c9cbe15e2","sha1":"ce7e65d55782c86578b1124b65d0be70fb9feb45","sha256":"128e438318807ef58619177d83e0a8d4c2b8e4500fb3628e462c09f1d4512c08","sha512":"c19fa1c02318f51c76dc3eba3ad7abd754cb3c06e6e135c72f8f8375dc8c21f325cc1dac1f41b453e1cec664adedde0fe869740f0f0a796c5cef557593fadf11","ssdeep":"","tlshash":"5e312aa3a1ee620f2f8ed0266c6660f875b100625e5fa32cc648d02253066f70d133f2","first_seen":"2023-09-18T21:18:01Z","last_seen":"2026-05-22T22:07:05.96918Z","times_seen":385,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.recaptcha.net/recaptcha/api2/anchor?ar=1\u0026k=6LcKXcgUAAAAABnErUWDwYMpRiWUfgDhsWTkyPIJ\u0026co=aHR0cHM6Ly9tLWdhbGFiZXQxMTIzLmNvbTo0NDM.\u0026hl=en\u0026v=AWtrSI7lAmTAfV1rzWqEqz54\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=30000\u0026cb=6cuqg1jf8bo2","date":"2026-02-26T14:54:00.530Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:38:07 GMT","end":"Mon, 27 Apr 2026 08:38:06 GMT"},"fingerprint":{"sha1":"FD:7B:7B:3F:B0:E9:E6:F2:B2:20:AF:6D:E3:76:AC:43:C9:2B:95:1F","sha256":"05:F7:EC:37:83:98:A5:87:8A:AE:AD:80:95:CC:A6:0A:C4:F9:42:EF:07:B0:C2:6B:6F:1B:27:7A:78:A8:CE:64"}}},"request":{"raw":"GET /s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://www.recaptcha.net\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.recaptcha.net/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 40128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 20 Feb 2026 08:14:23 GMT\r\nexpires: Sat, 20 Feb 2027 08:14:23 GMT\r\ncache-control: public, max-age=31536000\r\nage: 542377\r\nlast-modified: Thu, 29 May 2025 23:30:55 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 40128, version 1.0","md5":"9a01b69183a9604ab3a439e388b30501","sha1":"8ed1d59003d0dbe6360481017b44665153665fbe","sha256":"20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2","sha512":"0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca","ssdeep":"768:Vce3jkow68wmT4IBX0tXdlSirS61gSjcz0GPwHbP+w2jec56O:VcI/iEEEtXdFJj+0GPwHbP+w5rO","tlshash":"3703023a5e3ccf1a84157a703950f6d9a8481e548e9d143b4f1ac7bf085dde2209b6d4","first_seen":"2025-01-08T22:59:02.845106Z","last_seen":"2026-06-08T12:34:47.714374Z","times_seen":873346,"resource_available":false,"data":null}},"time_used":220,"timings":{"blocked":92,"dns":1,"connect":16,"send":0,"wait":15,"receive":20,"ssl":72},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/lodash-BtsIEKKa.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:54.417Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/lodash-BtsIEKKa.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m-galabet1123.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:54 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=4,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"28638-levksTw/7ZT3AoNV3Eni1s4AOI4\"\r\nage: 0\r\ncontent-encoding: br\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kte7icbKm3TwhMsrSe94OcVD1Q8Sl0s1AsQkR9k2Aq9ArJ41cGBCus69OY8pdWd0pW7nxzFj2AN6ZCPSXo06Aio%2FBm1i%2B5vOE0q%2FW%2F7Di3al\"}]}\r\ncf-ray: 9d40464f286de0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":165432,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (35494)","md5":"5bc7777b8892642f23cd66c6e8d340d5","sha1":"95ebe4b13c3fed94f7028355dc49e2d6ce00388e","sha256":"b63e578e7a1623b8704017a97c4c4a2fc9893e75cacb4036d7a44e0c4130d890","sha512":"7055ad31472662e8b5c146095854ace0e9c9ba9da557bc6fdb31cf77082a158465dd5eb9144c3c16209bf8feb546b15556aaa0449a60365430434c01913f7031","ssdeep":"1536:KR0fO7acP1TyOF/Lkj1hvbm5889266e0YRbIfY47ePu3nVd7oa+i5DnIp6EvIjLv:KScPuV/87IQ4Xn6sjLeN551tQr9M/q","tlshash":"74f3a0c835d3f4a283a7287440bf084bf23dad65a84cc554e1aae0dd7db8919c277e6d","first_seen":"2026-02-24T14:23:50.996294Z","last_seen":"2026-02-26T17:03:57.824337Z","times_seen":4,"resource_available":true,"data":null}},"time_used":23,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":13,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/FavoriteGamesButton-CMayIdHJ.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.864Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/FavoriteGamesButton-CMayIdHJ.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/assets/index-Dm17uEDJ.js\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=1772117635494; twk_idm_key=1j_Pbe3wZINlDTDhzscRH\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=3,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"1ab-CgeCq0ATcH8nw1QvrZikJ1vgJWY\"\r\nage: 0\r\ncontent-encoding: br\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wLoupA%2BtAfsNIPeUXVc0NWdnHEf%2BVM8C9ubt7GA5yrzC06UY%2BKe%2F3T1oMg3uHOPBbzYmbQGVD94i4iI9WCoh0SRqFN3HkmPolfDYI39UTgYY\"}]}\r\ncf-ray: 9d404657db1de0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":427,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (426)","md5":"272697ecc5d859b61a93b0b0508d2361","sha1":"0a0782ab4013707f27c3542fad98a4275be02566","sha256":"c28bf4ed911a1e3d95ee88f0294ca02d9018275938aa0d5ce62559f21ce18d54","sha512":"5359a5b24b62b4ee9bfbe3fdef282c4e44b9ccf8b2ca3dfb73138287b4bc2abfb1f94f0daa37c4e8ceda755456e63bbfb771a5f8e884683a664fc97e17151f1f","ssdeep":"","tlshash":"04e0ab0be4c9e2fa2b826b911607c1282c2be4bce7a8e19050de04643d35597c81e96f","first_seen":"2026-02-24T14:23:51.182796Z","last_seen":"2026-02-26T17:03:57.838455Z","times_seen":4,"resource_available":true,"data":null}},"time_used":104,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":104,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/Tooltip-CV9gl-ox.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:56.402Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/Tooltip-CV9gl-ox.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m-galabet1123.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:56 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=4,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"334-Ak77TyGB79Nf97CZbjUX2xIDkdY\"\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xcJ6dz5fE%2FCv%2BDGGb5An9WcGnrkWv%2Bne%2FVdKlfP0fbpOizRtxoAmnp2JJWiHcEPs7qB8aC7lOobwk6dv8bVnQQ%2BdpasO2MjF0AHDp7i1cbic\"}]}\r\ncf-ray: 9d40465b4c5ee0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":820,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (819)","md5":"c664a5ff794ec2d4923355276efa0494","sha1":"024efb4f2181efd35ff7b0996e3517db120391d6","sha256":"0544e8134a6142b6b1562ae0ed7f436c4432371c51bd27b2d4ef7787dded9749","sha512":"7e3e1f83336d26f2e7024b35825c268d4ada8b770e4a4bbfab2b2d7d160dcea410b775fcab5f563b66fb1767aca1fa53e891581c14e489fc1529c703f82cf51a","ssdeep":"","tlshash":"1201f646e032fbf4e17754db142d966d7253266cbe2f58f0a038058f0ae4984d317b8a","first_seen":"2026-02-24T14:23:51.012578Z","last_seen":"2026-02-26T17:03:57.835687Z","times_seen":4,"resource_available":true,"data":null}},"time_used":108,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":108,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Lato:400,700,900","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:58.696Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 08:40:56 GMT","end":"Mon, 20 Apr 2026 08:40:55 GMT"},"fingerprint":{"sha1":"09:4B:1C:B6:64:C5:97:5E:E3:CF:D9:FF:1A:01:C4:D8:D7:10:82:7A","sha256":"2F:A7:09:04:89:72:33:DE:1D:F8:A7:A6:EC:9F:0C:74:15:D5:B0:87:85:BE:25:63:1A:0E:73:0C:72:E3:CD:C8"}}},"request":{"raw":"GET /css?family=Lato:400,700,900 HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://crm-lib.fasttrack-solutions.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Thu, 26 Feb 2026 14:53:58 GMT\r\ndate: Thu, 26 Feb 2026 14:53:58 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2338,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"ae317c913d9f17e384174fcac1e95f49","sha1":"97048ceeff296795e17fc282e38d26d44fce8bad","sha256":"0250efe84de4fea78b47bed1e3367687b72cbad25fa556879acfd9adf33f6b24","sha512":"3be7c2d8b49c8ecfd8fbe46e0e57aec92fe696894da6243f6b9f0052461f28eaff9b6974068276cde565287efe54a8a16379b21a522dfaaad925fa38215bfcc5","ssdeep":"","tlshash":"ee41ce92096fb908db830cc212c97d32ef0f625064499935afff14d8bca7d699362b0d","first_seen":"2025-09-17T17:57:20.126253Z","last_seen":"2026-06-08T09:49:50.571001Z","times_seen":7396,"resource_available":false,"data":null}},"time_used":263,"timings":{"blocked":122,"dns":1,"connect":21,"send":0,"wait":18,"receive":0,"ssl":97},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69967ba6a3b/js/twk-chunk-common.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:54.547Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 06 Jan 2026 07:50:57 GMT","end":"Mon, 06 Apr 2026 08:50:49 GMT"},"fingerprint":{"sha1":"76:A2:1D:87:6A:02:2B:AE:59:CF:63:88:47:0B:0E:A0:A4:71:2D:D7","sha256":"9E:00:F3:80:45:CF:47:97:9A:BA:39:F6:38:6F:52:DD:E7:5F:D6:9B:7E:89:F7:9D:B0:BD:98:6F:1F:45:64:2A"}}},"request":{"raw":"GET /_s/v4/app/69967ba6a3b/js/twk-chunk-common.js HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m-galabet1123.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:54 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Thu, 19 Feb 2026 02:56:35 GMT\r\netag: W/\"d9deabdd1848c34f3ab46722f446c153\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nx-content-type-options: nosniff\r\ncf-ray: 9d40464fed460b9c-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":240941,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65458)","md5":"d9deabdd1848c34f3ab46722f446c153","sha1":"ca3efc8a6fe26ae3556374b113dda96032edd201","sha256":"6a583970080e55cee4ced2fc7d5e5de94283f0e6eea428a50219b8e343ff0890","sha512":"d260841afedfa06bc864b92b64cf3bd1a323b2de447ce38cb1499cc6fccfab0da309a76814b6cfb20fae85fb5707fc72fec9996b64bfa31703445d6a933daa3c","ssdeep":"3072:I4MYggYqWzhT9dyWFW1Wn+fM4fOrcErQYIMPdLMz9o115:kyWFW1W+fM4fFkBLMz9215","tlshash":"7e34c69df186b47606a37130501f320af23a685ab45ac494f636d8e1bd789cea133f7d","first_seen":"2026-02-19T03:13:10.643204Z","last_seen":"2026-04-15T01:21:42.632515Z","times_seen":11130,"resource_available":true,"data":null}},"time_used":253,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":253,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1052.com/svg/VirtualBetting1.json","fqdn":"icons.galabet1052.com","domain":"galabet1052.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.724Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1052.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:14:03 GMT","end":"Sun, 24 May 2026 11:13:59 GMT"},"fingerprint":{"sha1":"3B:14:63:FD:4D:69:AD:3E:AE:90:AC:62:75:5F:1C:3B:40:70:81:66","sha256":"67:D1:79:82:FD:52:DC:63:91:45:A6:57:3E:F7:D3:BE:95:EE:80:07:4E:A0:E0:43:F1:1C:9D:1B:E1:2E:48:79"}}},"request":{"raw":"GET /svg/VirtualBetting1.json HTTP/1.1\r\nHost: icons.galabet1052.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m-galabet1123.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nlast-modified: Mon, 30 Jun 2025 11:12:04 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=QBJgbP_56eKZ4J8M6fS6BS9eeXTSJWoUIIMpqh_pq8w-1772117635.7919092-1.0.1.1-3oOBDbdsYnE7AuZdMNVP.NVIj43ycMDQeKDA.YU79DwesX_9N848J3lpZBKZHGC_cN.JP3FpVq1CW_aaFu3EPIFbIjbJ9_jQ4j.VzhOAikX2XP7Poe4YGsbR85ks.uYk; HttpOnly; Secure; Path=/; Domain=galabet1052.com; Expires=Thu, 26 Feb 2026 15:23:55 GMT\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DCiL1ogyEH2sCVbTkYdwmy6RtMmQ672OVbxgbA%2B1ZK4rG7%2F3p%2FpEL%2FG2KHenuxkqIdUcKs3Tw3Ir4BsxKNzx9d5a8Gce%2FTsim8RFxiGviwKZiufuiQ%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\netag: W/\"68627104-320\"\r\ncontent-encoding: br\r\ncf-ray: 9d404657ba984c11-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":800,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"d36eb3cba0196446e5ecd1a41eb6a1f1","sha1":"d6f113e0850fe1dcd80528c0efe40b1b9b0e38ba","sha256":"9e07f25c6032cecf5b0bb0c9fd6411af2930a1fa4be994a7c9125a9047e3db3a","sha512":"6eb0be89ad9c5f90473a271a751901c458c9dcabe6116b8fcdd95d97ed741328571fc081f4652f41f81a6a23eb7ff9e89e290b39af1799fe5d75b96ea78743b7","ssdeep":"","tlshash":"9201f1edd57025f0c4882befa76905652bff443b0552bb28ceaa0d0c3fc796d9210422","first_seen":"2025-07-08T10:50:27.844023Z","last_seen":"2026-06-08T11:36:24.236085Z","times_seen":1570,"resource_available":false,"data":null}},"time_used":165,"timings":{"blocked":62,"dns":0,"connect":0,"send":0,"wait":103,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dataspot-int-bucket.m-galabet1123.com/configs/928de3c284a560a4ec2990544700741b.js","fqdn":"dataspot-int-bucket.m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:56.501Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /configs/928de3c284a560a4ec2990544700741b.js HTTP/1.1\r\nHost: dataspot-int-bucket.m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nCookie: twk_uuid_69345a05c4e6ba197aefa96c=%7B%22uuid%22%3A%221.92R1qCgyJWowz2iTiEpRwBM0xZehlrdmh8bxgIdk3R7rbioXvAdL6Ij0M1frbRAs6Dh30m1oA1FRvNd3M7KvvDyVS879Xvfp17FFvDm7hE25401h5GP6zS56Sncq%22%2C%22version%22%3A3%2C%22domain%22%3A%22m-galabet1123.com%22%2C%22ts%22%3A1772117636060%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:56 GMT\r\ncontent-type: text/plain; charset=utf-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=64b7xVU8vqY40yyr1n1JPmIOReZuPQc0PlDGh4gGgvuApi4%2FirjC1FfIOL5OozxZVgxH6I0Tym0KgaEYM4fppKYCi87jAhOrc6eMicpDfjURoG%2BcxfUGQ55u7dfgtBMxIhvx%2Bns%3D\"}]}\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\nx-content-type-options: nosniff\r\nx-cache: MISS\r\nvary: Accept-Encoding\r\ncache-control: max-age=14400\r\ncf-cache-status: EXPIRED\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncf-ray: 9d40465bfcc4e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T13:34:10.574604Z","times_seen":16240797,"resource_available":true,"data":null}},"time_used":188,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":188,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"dataspot-int-bucket.m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"dataspot-int-bucket.m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"dataspot-int-bucket.m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"dataspot-int-bucket.m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"dataspot-int-bucket.m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/CasinoJackpot-DoBzeOXX.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:56.765Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/CasinoJackpot-DoBzeOXX.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/assets/JackpotPoolsWidgetContainer-CG5gkeJb.js\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=0; twk_idm_key=1j_Pbe3wZINlDTDhzscRH; twk_uuid_69345a05c4e6ba197aefa96c=%7B%22uuid%22%3A%221.92R1qCgyJWowz2iTiEpRwBM0xZehlrdmh8bxgIdk3R7rbioXvAdL6Ij0M1frbRAs6Dh30m1oA1FRvNd3M7KvvDyVS879Xvfp17FFvDm7hE25401h5GP6zS56Sncq%22%2C%22version%22%3A3%2C%22domain%22%3A%22m-galabet1123.com%22%2C%22ts%22%3A1772117636060%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:56 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=3,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"37a-3cN/qSBv9/JMk6FQccXMrzxKN98\"\r\nage: 0\r\ncontent-encoding: br\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=SGWnQNOS34kh6t%2B9ZatplwmgxtSaj5Vu%2F%2B0cmZlQz9%2FzZOrewut69nyXu6ipkwOHpx5mwGQsEW9H2Qd94V4AmhSTu7JZv9slLWTKs8Yd%2BZe0\"}]}\r\ncf-ray: 9d40465dbd4de0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":890,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (889)","md5":"fce9b3cfd468eed48d05649525ff5ed8","sha1":"ddc37fa9206ff7f24c93a15071c5ccaf3c4a37df","sha256":"954d2d5703bea36e3674bc3c5ff566b97db4ada799205a18ea5f83d0baa9d458","sha512":"6570def11e173fb4563ee7a075ce4a1399ffa3b9477e08c1a3102b8e78091fc7e926575fda1e152fd436cae5999b5a77d6b6484d6ed5c93084dcc6e02c63a171","ssdeep":"","tlshash":"b1110087e01bf3f4c8dc58e540a5955f0b2e2f7af72081d0545c4b385a25857f56c7c2","first_seen":"2026-02-24T14:23:51.364102Z","last_seen":"2026-02-26T17:03:57.805473Z","times_seen":4,"resource_available":true,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"statistics.btcoservice27.com/images/e/s/0/292.png","fqdn":"statistics.btcoservice27.com","domain":"btcoservice27.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:57.981Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"btcoservice27.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 09:41:42 GMT","end":"Sun, 26 Apr 2026 10:41:35 GMT"},"fingerprint":{"sha1":"81:21:C1:62:6C:B3:8C:D6:3B:78:1C:03:98:EB:E4:B5:0B:08:13:4C","sha256":"86:BF:9F:A3:FE:30:F5:BD:7B:AD:63:3C:D7:11:72:E8:91:A7:06:23:A8:B5:1E:96:CD:28:18:3E:4C:48:4C:86"}}},"request":{"raw":"GET /images/e/s/0/292.png HTTP/1.1\r\nHost: statistics.btcoservice27.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:57 GMT\r\ncontent-type: image/png\r\ncontent-length: 1410\r\nserver: cloudflare\r\nlast-modified: Thu, 19 Apr 2018 17:42:50 GMT\r\netag: \"166e10d65d8d31:0\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\nx-powered-by: ASP.NET\r\nexpires: Sat, 28 Mar 2026 01:14:30 GMT\r\ncache-control: max-age=2592000\r\npragma: public\r\nx-cache: MISS\r\naccept-ranges: bytes\r\nage: 49167\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nset-cookie: __cf_bm=xscHNHmZSEgw4.clTmqn1uSU6GIV6n5JxcEO.tizX_M-1772117637.9818387-1.0.1.1-dS3rffu_BH5KmXO0M0Zac58PSgTpTkGaIShChJkICT93pdLCtasrLgBqnc8y3kA6M3d4uiu4TXgSlehahtO_dzSYkq9IeKvWiuieYIu6yBszglDtY1dPv9mXo83m3fTW; HttpOnly; Secure; Path=/; Domain=btcoservice27.com; Expires=Thu, 26 Feb 2026 15:23:57 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KY9oERfY5Tousgv11ryc39VFi%2FZft0mZTvmybnWH6%2BtmqJDFFZ1GOV1jCUJlkJWSJ%2BJyitXpaCSg0ZhAB1%2BQB8bUCmU9m9lKWl0hjMjs%2BI8wToqy7deMqNaWKk4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d40466568c94c11-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]}],"data":{"size":1410,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced","md5":"b7b911a17fbfcdd38252cd954cc196e7","sha1":"cd87b2fb8a31209aca52863035d4fb13367f5d20","sha256":"d814a31b6d2af3bc9d2e71095bfca1cf6a4e037a0593679480e556edee7e1b08","sha512":"245e884549ff39fc582002589b348963c43dc9a815e1ad16ab142abbf5e2b9497cf35f76020765962ba041c232bf49efecded275d27287540ee9b929259e30a3","ssdeep":"","tlshash":"742108c8032864ecf92f8b5d226ec0a4c76513fd23b030d83081fca261029c84ae88ce","first_seen":"2024-08-19T17:43:20.936919Z","last_seen":"2026-05-30T18:23:45.181246Z","times_seen":35,"resource_available":false,"data":null}},"time_used":32,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":14,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1052.com/svg/eSportsLogoSportbook.json","fqdn":"icons.galabet1052.com","domain":"galabet1052.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.726Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1052.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:14:03 GMT","end":"Sun, 24 May 2026 11:13:59 GMT"},"fingerprint":{"sha1":"3B:14:63:FD:4D:69:AD:3E:AE:90:AC:62:75:5F:1C:3B:40:70:81:66","sha256":"67:D1:79:82:FD:52:DC:63:91:45:A6:57:3E:F7:D3:BE:95:EE:80:07:4E:A0:E0:43:F1:1C:9D:1B:E1:2E:48:79"}}},"request":{"raw":"GET /svg/eSportsLogoSportbook.json HTTP/1.1\r\nHost: icons.galabet1052.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m-galabet1123.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nlast-modified: Mon, 30 Jun 2025 11:09:07 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=yHwlOwGb2R3Ig1_3tFTv2Z1lt_58JKwAYNdS2uUOQC4-1772117635.792488-1.0.1.1-ES6Gst3FHCjycq5jaelX7Jxa.oe3D5Ays8YgP1QkdLMiFCJF5e.ZlhPzRTM3CXBv72FWgZ4.35Y5ulozMjqjHqJm2t9HlPgdAxd7Lit3xe.7RcKBDpUc5Lfx.NQk7FZH; HttpOnly; Secure; Path=/; Domain=galabet1052.com; Expires=Thu, 26 Feb 2026 15:23:55 GMT\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HGa2hsA92mLMVjQr775dWhCsuXiHO3noZmCto0qS6bfgy1ZxDYWIBpAH6%2BNNzeM3LTRR8diDLL3tU6OjxOQNqtqdnMr6JHFT6XNLIFs%2BXlFjUDQ5xA%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\netag: W/\"68627053-43a\"\r\ncontent-encoding: br\r\ncf-ray: 9d404657ba9b4c11-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1082,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"7947853d1ed29dd8dcd4f9f507e49866","sha1":"cb30cb5a0f55083522666ec3424780ddf247b264","sha256":"676e17bd005b7d157e248a40b8b8d0e1009615e5b426510dd0f5d8a158fedf9b","sha512":"0c46971a79be56e827f5df0f1f3bfa7583bf8a9b273075894c07378b3dd0ecf6800426cc7a9d5833626655d9f0958aa57eaf50ec7bcdd726fd78f3176efd9290","ssdeep":"","tlshash":"7c11d82cd3d8847cec39e3bc51356ca4704a48daedf6d275e25b89b05713758065cde1","first_seen":"2025-07-08T19:55:59.718474Z","last_seen":"2026-06-03T05:40:43.846079Z","times_seen":335,"resource_available":false,"data":null}},"time_used":157,"timings":{"blocked":61,"dns":0,"connect":0,"send":0,"wait":96,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/__proxy-cms-media/storage/medias/galabet10/media_751_81a0a78176aca202a6413bca3746cd67.png","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:56.379Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /__proxy-cms-media/storage/medias/galabet10/media_751_81a0a78176aca202a6413bca3746cd67.png HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/tr/\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=0; twk_idm_key=1j_Pbe3wZINlDTDhzscRH; twk_uuid_69345a05c4e6ba197aefa96c=%7B%22uuid%22%3A%221.92R1qCgyJWowz2iTiEpRwBM0xZehlrdmh8bxgIdk3R7rbioXvAdL6Ij0M1frbRAs6Dh30m1oA1FRvNd3M7KvvDyVS879Xvfp17FFvDm7hE25401h5GP6zS56Sncq%22%2C%22version%22%3A3%2C%22domain%22%3A%22m-galabet1123.com%22%2C%22ts%22%3A1772117636060%7D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:56 GMT\r\ncontent-type: image/png\r\ncontent-length: 13516\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: Content-Type\r\ncache-control: public, max-age=315360000\r\nvary: Accept-Encoding\r\nlast-modified: Wed, 08 May 2024 11:53:54 GMT\r\netag: \"663b67d2-34cc\"\r\nexpires: Sun, 24 Feb 2036 14:53:56 GMT\r\naccept-ranges: bytes\r\nage: 775302\r\ncf-cache-status: BYPASS\r\nset-cookie: __cf_bm=6T6QkOgshIB0gl9Wux0za2O0QNLVJnsNirLpLtz0xqQ-1772117636-1.0.1.1-4NZCYAwJ1YR0Pfaic2mxe5H0OVYnPSGB3svQgEeIel64avOHo.G.88VT5ZEh1_hg9QB4HBGojZoAVvYGGBdIxFNX3ZmLsQEsAC5aiASJZIw; path=/; expires=Thu, 26-Feb-26 15:23:56 GMT; domain=.betcoapps.com; HttpOnly; Secure; SameSite=None\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=iNk1WBy%2FVp70VYCUpm0B8ooZPNIk%2Fu4WuHv%2F%2Bs06bvJNOWJsBriF20xUBmkzvHQd3JAoxZnpG8S9V3EFwEN8rwrdOjEivK6JgbIxPpChq0ab\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9d40465b1c3de0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":13516,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 340 x 340, 8-bit/color RGBA, non-interlaced","md5":"9fdfdff5cb870c3f0abb6cc44f262bb5","sha1":"c48fb4dadfa4e6b4de69ec0e7e02445057c7e0ca","sha256":"308a8c0f3d3f9792d26ea2d84bd633ff1f490ec83375b1613d29c0995f8b740f","sha512":"39264153a485e22fbc442e86234ce24863f5bcbfcd47cad34f5afc8715946825fc705491b2ef888295f017d98f393c44fb28428dd05b829327c7ed38db3d4b19","ssdeep":"384:CvHjxbUGUk1+EVWqPDks5r6BU+xND3AU8h:CvFHoEVvaDsh","tlshash":"6852d0f0ae72adf08ab16c81539d8d1e8473de7ea5913f0361f64077e64e40d390a4b8","first_seen":"2025-12-24T22:39:16.288188Z","last_seen":"2026-06-06T23:43:56.100804Z","times_seen":54,"resource_available":false,"data":null}},"time_used":145,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":138,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/usePriceChange-CQ4NeD1O.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:56.406Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/usePriceChange-CQ4NeD1O.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m-galabet1123.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:56 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=4,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"1d6-c3O9yJeUB7EHs/ybuJ1hO+/mdzE\"\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Kf8Wj%2BTGJAKKfw2rdHS8ivzUAuWS%2FVharhiGkMBE4K9yLXfGF9qU3AgczMLL2HpnMC0ghV6%2FEwMK7tzze6uoPz84VUbPsIicc%2FjJKvkjaZpG\"}]}\r\ncf-ray: 9d40465b4c64e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":470,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (469)","md5":"d734f3ff02b9a46256efc81b7db6485c","sha1":"7373bdc8979407b107b3fc9bb89d613befe67731","sha256":"fcd3434c3c2ba621778d372f19f8aaf5cb131adcac607bbcd2a765cda41ff091","sha512":"321e139a46f487a92e3a04e3f4ae7c7966058360ab75507b71e10bb3cb651faf57d4e0ea49bceb28278346ac20cc9186839cf7fc1909527b910069f62b40f8ea","ssdeep":"","tlshash":"9df05cbe54901823945f0cc8c26486571fd126d56bbdc31eb230c82d375c9af0a6ee66","first_seen":"2026-02-24T14:23:50.894874Z","last_seen":"2026-02-26T17:03:57.782605Z","times_seen":4,"resource_available":true,"data":null}},"time_used":104,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":104,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/useSportData-Bwuajn-p.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:57.253Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/useSportData-Bwuajn-p.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/assets/SliderMarket-CiXvKW3i.js\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=0; twk_idm_key=1j_Pbe3wZINlDTDhzscRH; twk_uuid_69345a05c4e6ba197aefa96c=%7B%22uuid%22%3A%221.92R1qCgyJWowz2iTiEpRwBM0xZehlrdmh8bxgIdk3R7rbioXvAdL6Ij0M1frbRAs6Dh30m1oA1FRvNd3M7KvvDyVS879Xvfp17FFvDm7hE25401h5GP6zS56Sncq%22%2C%22version%22%3A3%2C%22domain%22%3A%22m-galabet1123.com%22%2C%22ts%22%3A1772117636060%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:57 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=3,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"6ea-NvLNjakVi3cygO68mYfTK/QAk/8\"\r\nage: 0\r\ncontent-encoding: br\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=D9qdBavptotYp%2ByYXrgulyyZ3wQbOLqSOv6skCXOQCHiz5Kcb0Yj8LhNe2db0LpkI9Anc8izgXn7r7%2BekGg1GZNKfUlTPdb6HXkFOZpP78Uh\"}]}\r\ncf-ray: 9d404660de2be0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":1770,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (1769)","md5":"da8f7ebf8b11b7005cd6e2488d88fb68","sha1":"36f2cd8da9158b773280eebc9987d32bf40093ff","sha256":"a340fec9a35e98a62e30244c2de49edb6f7fe419bc358d2bdbf9ad2a803fc402","sha512":"027e8c487e0492b3be650de855b445a67fe1101ba9ab23a8e9603447b1f4f50e7b6173f5ef6b8619d39871b0bbcb37d0d8c2c6a8f152c64f955309d8ea16d5d9","ssdeep":"","tlshash":"1e31874c9164b070953948d6e0ad7a14d43415193b33eee2d85c0a297f6364a027ed7f","first_seen":"2026-02-25T02:34:32.60807Z","last_seen":"2026-02-26T17:03:57.798311Z","times_seen":3,"resource_available":true,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"statistics.btcoservice27.com/images/e/s/0/453.png","fqdn":"statistics.btcoservice27.com","domain":"btcoservice27.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:58.194Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"btcoservice27.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 09:41:42 GMT","end":"Sun, 26 Apr 2026 10:41:35 GMT"},"fingerprint":{"sha1":"81:21:C1:62:6C:B3:8C:D6:3B:78:1C:03:98:EB:E4:B5:0B:08:13:4C","sha256":"86:BF:9F:A3:FE:30:F5:BD:7B:AD:63:3C:D7:11:72:E8:91:A7:06:23:A8:B5:1E:96:CD:28:18:3E:4C:48:4C:86"}}},"request":{"raw":"GET /images/e/s/0/453.png HTTP/1.1\r\nHost: statistics.btcoservice27.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:58 GMT\r\ncontent-type: image/png\r\ncontent-length: 1330\r\nserver: cloudflare\r\nlast-modified: Tue, 15 Nov 2016 16:10:46 GMT\r\netag: \"78a9c7d25a3fd21:0\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\nx-powered-by: ASP.NET\r\nexpires: Sun, 22 Mar 2026 20:55:09 GMT\r\ncache-control: max-age=2592000\r\npragma: public\r\nx-cache: MISS\r\naccept-ranges: bytes\r\nage: 496728\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nset-cookie: __cf_bm=7uowP5GUyRSLITRcaS_ZF3s2Z307NRq_MsRlpGKrW3Y-1772117638.156613-1.0.1.1-sjbee.mT0B3byJEeJzv6wEwaOjqIwZS1kDluIZeonne.pb_7LDSpesrGSyMK3E_yy4QrVe7oUwtDY83CWyZ16W0Vc7McK3KSWnYtYixOMKAL9rYgdQN_liMiwYZKZ3nW; HttpOnly; Secure; Path=/; Domain=btcoservice27.com; Expires=Thu, 26 Feb 2026 15:23:58 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fjhs47670NuK3WeETA4qXB4Yji%2FaT9Hh1E2919j%2BuN%2F96ljBFaNaBs8YXjqSG3rfhjxtFpoo9vIUoHyNm8ygTbzFJhN3hjB54IiLUlcfhCO3tRyyxflK2fqWT2Y%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d4046667f034c11-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]}],"data":{"size":1330,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced","md5":"27bccd1b2a7589e89611de6661f3d1e2","sha1":"9abf276648c8c088ba2b11abcca53557513a49fd","sha256":"929de36a3d7f13b228d8cd47a6d4cd3803650a9ec6beda705f40f7397e4ea027","sha512":"14ec40b0e9c97e373ca753fde31eb65ca38579edee34751d67cb7c471724469a063d87f398c47eac7105529168972249037c5a99a61c8809ada987a9598f4ea1","ssdeep":"","tlshash":"c62108bb3d8c34be5ca53281b2528064b96ba2b27693986238c0be081f29a441913312","first_seen":"2023-05-16T07:21:41Z","last_seen":"2026-05-08T19:17:56.007547Z","times_seen":365,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"wss","addr":"m-galabet1123.com/__swarm/eu-swarm-newm","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.024Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /__swarm/eu-swarm-newm HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://m-galabet1123.com\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: sQ+WYQZE9pM11QT5kYBtwQ==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 101 Switching Protocols\r\nDate: Thu, 26 Feb 2026 14:53:55 GMT\r\nConnection: upgrade\r\nUpgrade: websocket\r\nSec-WebSocket-Accept: k2NJlKDp1qVCJd7cmdiEYKQM/5c=\r\ncf-cache-status: DYNAMIC\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=e9d%2FPlJPqLwTrwmpteUoJRu568PbbrSqZpCNhi4tgE1wJ3CVhZx3bUtkdUByeCpHiJR%2B1IeBM9b%2F%2FewT%2FnFPGTMCKp5K21DGmeI1zNNZ%2B8LPzPJmB21432O2pFPSd0Abcuxx%2Fg%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: 9d4046536a471ecb-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=7866\u0026min_rtt=7620\u0026rtt_var=2355\u0026sent=4\u0026recv=7\u0026lost=0\u0026retrans=0\u0026sent_bytes=2361\u0026recv_bytes=1249\u0026delivery_rate=378859\u0026cwnd=52\u0026unsent_bytes=0\u0026cid=4aed00cc9440b424\u0026ts=727\u0026x=0\"\r\n\r\n","headers":null,"cookies":null,"status_code":"101","status_text":"Switching Protocols","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T13:34:10.574604Z","times_seen":16240797,"resource_available":true,"data":null}},"time_used":827,"timings":{"blocked":0,"dns":40,"connect":48,"send":0,"wait":717,"receive":0,"ssl":62},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"va.tawk.to/v1/session/start","fqdn":"va.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.382Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 06 Jan 2026 07:50:57 GMT","end":"Mon, 06 Apr 2026 08:50:49 GMT"},"fingerprint":{"sha1":"76:A2:1D:87:6A:02:2B:AE:59:CF:63:88:47:0B:0E:A0:A4:71:2D:D7","sha256":"9E:00:F3:80:45:CF:47:97:9A:BA:39:F6:38:6F:52:DD:E7:5F:D6:9B:7E:89:F7:9D:B0:BD:98:6F:1F:45:64:2A"}}},"request":{"raw":"POST /v1/session/start HTTP/1.1\r\nHost: va.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m-galabet1123.com/\r\nContent-Type: application/json; charset=utf-8\r\nContent-Length: 179\r\nOrigin: https://m-galabet1123.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":179,"data":"{\"p\":\"69345a05c4e6ba197aefa96c\",\"w\":\"1jbq7v9mq\",\"platform\":\"desktop\",\"tzo\":0,\"url\":\"https://m-galabet1123.com/\",\"vss\":\"\",\"consent\":false,\"wss\":\"min\",\"uik\":\"1j_Pbe3wZINlDTDhzscRH\"}"}},"response":{"raw":"HTTP/3 200 OK\r\nx-served-by: visitor-application-preemptive-1333\r\naccess-control-allow-origin: https://m-galabet1123.com\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 3600\r\naccess-control-allow-methods: POST,OPTIONS\r\naccess-control-allow-headers: content-type,x-tawk-token\r\ncontent-type: application/json\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\npriority: u=4,i=?0\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\ncf-cache-status: DYNAMIC\r\nserver: cloudflare\r\ncf-ray: 9d40465528d14435-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1042,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"222cbef30bd6ced855738706ffba580c","sha1":"363b15cfb3d7a251b3df140df9c2aa60c19ac933","sha256":"80e85f49e7a5fa4662ffe6bd005aa6bc063665fa30276b3b08dba8cfff0a354c","sha512":"a16db89291d7304ca898b75739863f6713ed7c7944ddbe2cfefe449fee926a1c37e199f761001d1df830a887799ff6d5b7107c04261b2e6ee69356ec5a877c76","ssdeep":"","tlshash":"7611750b5f4d4d2957666a82591b7dd459cce66160d94014d8eefdc8326737e04c20ea","first_seen":"2026-02-26T14:54:53.821809Z","last_seen":"2026-02-26T14:54:53.821809Z","times_seen":1,"resource_available":false,"data":null}},"time_used":241,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":241,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"explorer-api.walletconnect.com/w3m/v1/getWalletImage/3386dde1-8b24-48c8-4b81-16979e342000?projectId=45f4062f4f6427f9e6eab952d2452b3c\u0026sdkType=w3m\u0026sdkVersion=js-2.7.1","fqdn":"explorer-api.walletconnect.com","domain":"walletconnect.com","tld":"com"},"ip":{"addr":"172.66.147.126","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:57.108Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"walletconnect.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 05 Feb 2026 12:00:46 GMT","end":"Wed, 06 May 2026 13:00:31 GMT"},"fingerprint":{"sha1":"0B:75:F6:C4:1F:5C:D6:FA:A0:CD:3E:89:69:B2:43:70:98:34:EB:71","sha256":"A7:6F:DB:DB:DF:40:40:BC:E0:FA:21:6A:0A:3B:17:05:37:B7:17:6E:6E:BC:B2:89:3D:F4:E2:7C:EB:48:E6:5E"}}},"request":{"raw":"GET /w3m/v1/getWalletImage/3386dde1-8b24-48c8-4b81-16979e342000?projectId=45f4062f4f6427f9e6eab952d2452b3c\u0026sdkType=w3m\u0026sdkVersion=js-2.7.1 HTTP/1.1\r\nHost: explorer-api.walletconnect.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m-galabet1123.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:57 GMT\r\ncontent-type: image/webp\r\ncontent-length: 1688\r\ncf-ray: 9d40465ffc728a18-ARN\r\ncf-cache-status: HIT\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=86400\r\netag: \"cfEA-Bw7H9k1gZltgcL-Suew9FfmDcyauXnchu_YTSDQ\"\r\nserver: cloudflare\r\nvary: Accept\r\nx-wc-r2-status: HIT\r\ncf-bgj: imgq:86,h2pri\r\ncf-images: internal=ok/- q=0 n=690+4 c=0+4 v=2024.10.6 l=1688 f=false\r\ncontent-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'\r\nx-content-type-options: nosniff\r\nx-robots-tag: noindex\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1688,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"2bffc4df749e3b8f1d0890df22f4bc77","sha1":"ec3033a449dcff239808409c5d96d388a661ea37","sha256":"c7cc404018e711a83cdb04a08a5c5a12f54d1612b3d3cef12a0b7721fccd4465","sha512":"0ef53d6b15c58647ec9f81e562dbda560cd9f6287abf9d07b5e791db37b97879aa57c86637f7213ff127d4d10e4b8528ffc5368e085d8179d18524a4d506a649","ssdeep":"","tlshash":"cb311a52b99510c943825527eff4cd41971398270f3c61734161247349694b22df02d4","first_seen":"2025-01-28T05:59:32.01912Z","last_seen":"2026-06-06T21:30:11.571202Z","times_seen":1649,"resource_available":false,"data":null}},"time_used":443,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":442,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1052.com/storage/medias/galabet10/content_751_aff4011d6c5525eac140c93daa9b705e.webp","fqdn":"icons.galabet1052.com","domain":"galabet1052.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:57.691Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1052.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:14:03 GMT","end":"Sun, 24 May 2026 11:13:59 GMT"},"fingerprint":{"sha1":"3B:14:63:FD:4D:69:AD:3E:AE:90:AC:62:75:5F:1C:3B:40:70:81:66","sha256":"67:D1:79:82:FD:52:DC:63:91:45:A6:57:3E:F7:D3:BE:95:EE:80:07:4E:A0:E0:43:F1:1C:9D:1B:E1:2E:48:79"}}},"request":{"raw":"GET /storage/medias/galabet10/content_751_aff4011d6c5525eac140c93daa9b705e.webp HTTP/1.1\r\nHost: icons.galabet1052.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:57 GMT\r\ncontent-type: image/webp\r\ncontent-length: 19502\r\nserver: cloudflare\r\nlast-modified: Tue, 01 Oct 2024 12:45:45 GMT\r\npriority: u=4,i=?0\r\netag: \"66fbeef9-4c2e\"\r\nexpires: Thu, 05 Mar 2026 14:53:57 GMT\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nset-cookie: __cf_bm=lh9avLcLWjO.TZ3qWA4_xwmgtzNtPd3TZHSkmWX6Sk8-1772117637.6829433-1.0.1.1-jLfFao3EMAmX3S4uuF00KOgBdLCWTaroPgotji1atSa3HYgG.l1RhTxzINp2xyZcvpxfpHAXvGljTwgyHi8PKx2NuvbApAdmMRbyGFV6eBom540rr1Mq4bnXNhyN_rcH; HttpOnly; Secure; Path=/; Domain=galabet1052.com; Expires=Thu, 26 Feb 2026 15:23:57 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nUkqt1DSo%2Bvyva2gItwwjjgYtmARQh5AymXisc77jlIsBiD%2BbT7XJeTAVb81seOzvmTvdm%2FQ%2FZ6B8tufPNa6XY2ucN%2BHgfUEDUMYAPEHxTbN3%2FMPsA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d404663893235a6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":19502,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"fb8a2fce829b77a41898f77b8044a7d7","sha1":"ec930f3ad570b2b82de7435f403294373b9e08c8","sha256":"eff975d202b8198412f6fc60d2a9d0debe36d1ea2a413caba2b3ff0fa2146327","sha512":"b4021d2ee5657abe95d0115e5695c124cd500d20ab1d331c64ac4a416de874bf3cf83e9d79c50d133c843df31a1c2dd39a2188256f920ec027bde67a051a05ca","ssdeep":"384:jTMW+QrwvaBEDdPExxNOAZA2MSjnzJAkp+4avBq59InjItQua/ctq:sW+QrwvaBYPE3WNszJt8TBznfB0tq","tlshash":"d492d0f2949f7a4a5b93ef328c38c2011faf335d0b64448461c1f69544b495a4e6f9eb","first_seen":"2025-12-24T22:39:16.161133Z","last_seen":"2026-06-06T23:43:56.133354Z","times_seen":54,"resource_available":false,"data":null}},"time_used":91,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":54,"receive":37,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statistics.btcoservice27.com/images/e/s/0/946.png","fqdn":"statistics.btcoservice27.com","domain":"btcoservice27.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:58.204Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"btcoservice27.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 09:41:42 GMT","end":"Sun, 26 Apr 2026 10:41:35 GMT"},"fingerprint":{"sha1":"81:21:C1:62:6C:B3:8C:D6:3B:78:1C:03:98:EB:E4:B5:0B:08:13:4C","sha256":"86:BF:9F:A3:FE:30:F5:BD:7B:AD:63:3C:D7:11:72:E8:91:A7:06:23:A8:B5:1E:96:CD:28:18:3E:4C:48:4C:86"}}},"request":{"raw":"GET /images/e/s/0/946.png HTTP/1.1\r\nHost: statistics.btcoservice27.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:58 GMT\r\ncontent-type: image/png\r\ncontent-length: 1426\r\nserver: cloudflare\r\nlast-modified: Tue, 22 Mar 2022 09:34:03 GMT\r\netag: \"f82e1bf8cf3dd81:0\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\nx-powered-by: ASP.NET\r\nexpires: Sun, 22 Mar 2026 20:57:50 GMT\r\ncache-control: max-age=2592000\r\npragma: public\r\nx-cache: MISS\r\naccept-ranges: bytes\r\nage: 496568\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nset-cookie: __cf_bm=lUqUgHqT75zSLXUkOyAgoKs4uWkNBhf6M9d84YNu7Zg-1772117638.159588-1.0.1.1-ztsnsfQ_kVfxdrL7itoEZ3.KGapVdR19UlblhpmkGcNtTKBgMSt7MEJcVAswUlWQ9N9ijcj7NxKUJDJ9ZOcFbST.Ji.JKGg1aZE5Jklkl31ZxC8CK4xoVeLJs63Y9tqs; HttpOnly; Secure; Path=/; Domain=btcoservice27.com; Expires=Thu, 26 Feb 2026 15:23:58 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IYbKAIwfI7e9k0XGCJ7Gh8nfGuhZGBY3jXeRl%2Fv2BdddLUPXKv6W%2FEDhn%2BTaRThgPOO26gvkYLC%2FVDEd%2BDnXsArf0qKbRvIiQ0VO34CD2N9fwKhxRI9n7bCx17k%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d4046667f1b4c11-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1426,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced","md5":"66a4a01575e7808c773bec77b270cade","sha1":"9a8392cc52bab97db72d6b85e5d9b86c616d9ca8","sha256":"fa3cd2c065b2549a867cec918fa183914daaa3acad7cd4f5226e78f2c908e003","sha512":"06a00dfc7ef59fa66cd52dbcfd4c0ac2f623eeb353dd6dffd094ab99365b44cdc0621f18bef56e1c3830aa897a3fc614ef774a3497a8687ca8bd0a28c4bf1497","ssdeep":"","tlshash":"212119d8de5800719f236c1701ae15333c26da7a9203aa65712fe2446408aac128a3ee","first_seen":"2023-05-16T07:21:41Z","last_seen":"2026-05-22T06:52:52.032818Z","times_seen":203,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/tr-DNMx9v2O.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.019Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/tr-DNMx9v2O.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/assets/index-Dm17uEDJ.js\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=3,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"5b3-59/33iOLKMEO4likL9vPTINhKcE\"\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=o4XzuEXNsWYEz8WSkz5SARX9c8bqb5V7hASML8SlsScCW24nK9F98VwwnBqaEXRhZZxqtUj3jRnKhVVlGfBvfbWahIu0Cghu3mQpswSGKaRF\"}]}\r\ncf-ray: 9d404652e9a4e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":1459,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (1438)","md5":"1fd777bf8093133bb5a1287bbc2b7a38","sha1":"e7dff7de238b28c10ee258a42fdbcf4c836129c1","sha256":"f3d64453462e4b3cab922024e5433aec52a85ebc8ebe805bea754142a074d3bf","sha512":"0101e21f6937710e2cb6d7a2a8a3c486e1f5551d293e734b62f283fb4651091180358049a6e655e0e2d63048a7a40c5c2dc71b78f41ab1286d2827a266e91707","ssdeep":"","tlshash":"2431624d2906eab2870159878c2f5f44f80d6a087136f5659be4d461ba709ee807eb3e","first_seen":"2026-02-24T14:23:51.318307Z","last_seen":"2026-02-26T17:03:57.781582Z","times_seen":4,"resource_available":true,"data":null}},"time_used":115,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":115,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"crm-lib.fasttrack-solutions.com/lib/js/fasttrack-crm-chunk-vendors.js?v=caaa61a","fqdn":"crm-lib.fasttrack-solutions.com","domain":"fasttrack-solutions.com","tld":"com"},"ip":{"addr":"172.67.73.148","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:57.438Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fasttrack-solutions.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 25 Jan 2026 02:49:52 GMT","end":"Sat, 25 Apr 2026 03:49:32 GMT"},"fingerprint":{"sha1":"AC:2D:A6:7A:37:80:2E:24:CB:68:71:7C:86:FC:30:1E:1E:D5:AC:5F","sha256":"BD:5F:72:18:CF:A9:84:64:5F:E2:CB:09:75:97:03:8D:AC:00:57:4C:64:66:E8:35:8B:BE:B8:14:A0:84:32:AF"}}},"request":{"raw":"GET /lib/js/fasttrack-crm-chunk-vendors.js?v=caaa61a HTTP/1.1\r\nHost: crm-lib.fasttrack-solutions.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m-galabet1123.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:57 GMT\r\ncontent-type: text/javascript\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET\r\naccess-control-expose-headers: ETag\r\naccess-control-max-age: 3000\r\nlast-modified: Wed, 11 Feb 2026 13:55:46 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: BjgPl3QA5IK1JuZYhXx185roQriMTjA2\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=SGjHzrVxRjE0x0iPijsDox4lYpDgSgxt5IJTy77ZxA3%2Bq%2FoU4JDhwY%2BiGmKbTwK7buxhwK1hJQoYAGW8tiEDX52J0tPvbTkatbT9beEzHspOYwD7ojCFEV4%2FLficfw%3D%3D\"}]}\r\nserver: cloudflare\r\nvary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 e2bc8da8a8d03748525187195f797d86.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P1\r\nx-amz-cf-id: U0WqenIt1l8syzrXgkezXcKGlkuu_1Pu7rgqOZAZAot1MJQBDFVXNQ==\r\ncache-control: max-age=31536000\r\ncf-cache-status: REVALIDATED\r\netag: W/\"a2363889186e23777b4b704661794f3d\"\r\ncontent-encoding: br\r\ncf-ray: 9d4046623c661ecb-ARN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1831195,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (36723)","md5":"c466e082c7495db98ee1686d003d2484","sha1":"ca5c126c2d6e71c98050cceea0e3ff60d908178d","sha256":"36ae79bf11f0dfe815aa2e68937b7aba68950aa0b3d80ed783ce3aed9163058b","sha512":"7da32c99dedf46fd8f78fd0dd618f9d9987d5b831eaa3d6f6066cd8d6f1b4a5f47557c4826bdd27859bd5974202cbe9af75ef124c5a76117d9ab8b37d5e266a8","ssdeep":"12288:xF7gB5EvtEvEEvtEvud6Bg1qgn+w7b7EqGDeuPLK3c8WsIJS8oqIpCFaFIpSAJya:xGBzd6BgJn+wT8ZI3I5Z7yq","tlshash":"16358288295ef7500957e0e7e03b2d08d22ec635f847a4409f7297b36ab2357e3ade15","first_seen":"2025-09-20T10:36:49.604845Z","last_seen":"2026-04-14T09:08:05.833697Z","times_seen":46,"resource_available":false,"data":null}},"time_used":185,"timings":{"blocked":34,"dns":1,"connect":9,"send":0,"wait":111,"receive":0,"ssl":27},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/homepage.json?v=02/17/2026-15:58","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.740Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /homepage.json?v=02/17/2026-15:58 HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/tr/\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=1772117635494; twk_idm_key=1j_Pbe3wZINlDTDhzscRH\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: application/json\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6aMtkiK5ooaNAqwKetZnQShyZbfDKJ1iKBBkZTktRuOONPV2UOnJETR8NIYF4xv%2BVlLyw%2BQj37SOqF8AwEHVOZy9iSxGfcRY%2Bd2DL0AzvaBK\"}]}\r\nx-powered-by: Express\r\nx-cache: HIT\r\netag: W/\"938-QlkLW346b2vIVRB346mLDK+Fnkg\"\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncf-ray: 9d4046575ad6e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":2360,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"675b507b70f39e07be8925f75058608a","sha1":"42590b5b7e3a6f6bc8551077e3a98b0caf859e48","sha256":"947b6764624290fda0991b5e06f0cc8ec17f469fa6ea3abd374cebd9a25fdf93","sha512":"a11bbe53280dbad32c58212b454a474a02a254a4704964cda44d191e82e32cf6dbf79afb0329eb54200f9b07a4d89a5342b62c726bbe3aa8fb0888cfccfdadaa","ssdeep":"","tlshash":"39415d3d6c10deb8b3a08a23d28267c16546d968c7d44c5c1cedea6ad3ed29d1484fbf","first_seen":"2025-12-24T22:39:16.115426Z","last_seen":"2026-04-30T14:34:08.174115Z","times_seen":30,"resource_available":false,"data":null}},"time_used":52,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":52,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69967ba6a3b/css/branding-widget.css","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:56.854Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 06 Jan 2026 07:50:57 GMT","end":"Mon, 06 Apr 2026 08:50:49 GMT"},"fingerprint":{"sha1":"76:A2:1D:87:6A:02:2B:AE:59:CF:63:88:47:0B:0E:A0:A4:71:2D:D7","sha256":"9E:00:F3:80:45:CF:47:97:9A:BA:39:F6:38:6F:52:DD:E7:5F:D6:9B:7E:89:F7:9D:B0:BD:98:6F:1F:45:64:2A"}}},"request":{"raw":"GET /_s/v4/app/69967ba6a3b/css/branding-widget.css HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:56 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 19 Feb 2026 02:56:34 GMT\r\netag: W/\"fe979c92a5ad992510e5629b84a23526\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\nage: 16664\r\nvary: accept-encoding\r\ncf-cache-status: HIT\r\npriority: u=2,i=?0\r\nx-content-type-options: nosniff\r\ncf-ray: 9d40465e3d6ce0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":19329,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (19281)","md5":"fe979c92a5ad992510e5629b84a23526","sha1":"4fee6cd9de53fa82feef4042aa83202f4cd194a5","sha256":"de84306c96c98314e1a796f26df99a70f20590c535a678215d89560007b4dacf","sha512":"633913cef35247da29e85dde7c279353761606e6c508690d4d5924aa89f563354e44c51b053f785800fd3b599feb8fd2d69a2fe55162b4ccab95c84f8ed8739d","ssdeep":"192:XeI2u2acuBLZNgxYe4fbfYLFFDw25lYVRgtUramxi71NZcFRKV7:uTTacuVZNgxYe4fbgL3w23U3xi7vD1","tlshash":"af92dca3b9e310dcd557c632c0d1f67ca82f9a24c357c6e3a9037bb986827d7264198c","first_seen":"2025-05-21T12:18:34.239407Z","last_seen":"2026-06-08T12:51:50.348221Z","times_seen":34660,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"explorer-api.walletconnect.com/w3m/v1/getWalletImage/3d7eb880-7654-431f-ed84-a25712b45200?projectId=45f4062f4f6427f9e6eab952d2452b3c\u0026sdkType=w3m\u0026sdkVersion=js-2.7.1","fqdn":"explorer-api.walletconnect.com","domain":"walletconnect.com","tld":"com"},"ip":{"addr":"172.66.147.126","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:57.109Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"walletconnect.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 05 Feb 2026 12:00:46 GMT","end":"Wed, 06 May 2026 13:00:31 GMT"},"fingerprint":{"sha1":"0B:75:F6:C4:1F:5C:D6:FA:A0:CD:3E:89:69:B2:43:70:98:34:EB:71","sha256":"A7:6F:DB:DB:DF:40:40:BC:E0:FA:21:6A:0A:3B:17:05:37:B7:17:6E:6E:BC:B2:89:3D:F4:E2:7C:EB:48:E6:5E"}}},"request":{"raw":"GET /w3m/v1/getWalletImage/3d7eb880-7654-431f-ed84-a25712b45200?projectId=45f4062f4f6427f9e6eab952d2452b3c\u0026sdkType=w3m\u0026sdkVersion=js-2.7.1 HTTP/1.1\r\nHost: explorer-api.walletconnect.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m-galabet1123.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:57 GMT\r\ncontent-type: image/webp\r\ncontent-length: 2176\r\ncf-ray: 9d40465ffc788a18-ARN\r\ncf-cache-status: HIT\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=86400\r\netag: \"cfepCHWB1qkSi-cNd1o8wsvD9BfmDcyauXnchu_YTSDQ\"\r\nserver: cloudflare\r\nvary: Accept\r\nx-wc-r2-status: HIT\r\ncf-bgj: imgq:86,h2pri\r\ncf-images: internal=ok/- q=0 n=16+2 c=0+1 v=2025.8.5 l=2176 f=false c2=0\r\ncontent-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; img-src data:;\r\nx-content-type-options: nosniff\r\nx-robots-tag: noindex\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2176,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 120x120, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"7b91b6e5024dfdf6e8a4d61f0f74dd13","sha1":"1614f764ed7b516c7768fae0966abab152ac7d1b","sha256":"00e34844a07301274fc65fdbb65891aa95436b94c4c860d9edfcb96331c5487f","sha512":"c3948fdb40f0f4154fce632acb88cf9cf57ce39d2858e4934d8820c4d5729da238c569448b5bcb6d1780e37f005cb9f5ed60093005cfa451a92270c4c0034566","ssdeep":"","tlshash":"48413ab2c3378c72ce2cb5e3e9b2d5168b449a5a91859afc22413d33a4b145cc4b89e4","first_seen":"2025-01-28T05:59:32.007883Z","last_seen":"2026-06-08T13:06:58.362132Z","times_seen":2953,"resource_available":false,"data":null}},"time_used":383,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":383,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/index-BiJIhSTW.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:57.327Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/index-BiJIhSTW.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m-galabet1123.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:57 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=4,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"b6b-1Bg7yjdoLwUGDo0c5teGj4YMq4Y\"\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5BZ5NImRaIvUn6Pugy%2BEaElyo3qgOjSJQz5jlDDSJfREP0Ovy4%2FTiLjL7mq6uq2ZXJ5%2FVuRuO1MB0CwAo8pItOi7hLObhjbiBFad6g2LI8gt\"}]}\r\ncf-ray: 9d4046615e46e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":2923,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (2922)","md5":"290dcee25f8e870092e0107cb9f53b29","sha1":"d4183bca37682f05060e8d1ce6d7868f860cab86","sha256":"0ef379043ea494139dc0f9b188aeea5e4a27103630a8f5fc565f4ece328dbd3b","sha512":"ebcb68e4da4f4a2a0c0f600e0003a5cf9a682273ffeb2352ed169c1e539a082b0c906ad037c92633945224fe94adcc66992a58eb154ffbdd8f137b841c348f30","ssdeep":"","tlshash":"ae5141c7a042e7f4bfe708e6429b10b074378d5cbe1b84a092be58964958752e36bf4d","first_seen":"2026-02-24T14:23:51.440572Z","last_seen":"2026-02-26T17:03:57.799137Z","times_seen":4,"resource_available":true,"data":null}},"time_used":110,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":110,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/index.BJU6hB4z.css","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:53.630Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/index.BJU6hB4z.css HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:53 GMT\r\ncontent-type: text/css\r\npriority: u=2,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"7f2ac-bt5pQaBXQ+YeczGTIrYKEv1cp5o\"\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rz6T4ZwPcoUop66cHayFIQnkUZzt2Cj1SnxkReRDQami9AIsubhfIIG6mVPs4Axo6g827XFLp%2FyAXRbeIWy3%2BnJK%2BAvRExWqU8JPpnTZjGAz\"}]}\r\ncf-ray: 9d40464a2f21e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":520876,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (62128), with no line terminators","md5":"253c91af2c432ec0fb1cfc8c627fa9c3","sha1":"1d9654a6bb1c2b7f5dc0a8c438fb42fa8e0c342d","sha256":"a8db9e05980d2fbda999f3fd56ecbaed76b46ce3626248312fc5124e6e9a3af3","sha512":"89fc45820e9b40d5876f8108083336cb1824b5a24ab8accfbd1ff4ccd4d64d06fbc4336ee497ab3faaaea66290dd3bcebc324d83625eb5e4425bfd6e103ee27e","ssdeep":"3072:ET4qmaD/L6Zt4llM9b+rtIZpbTikkUVnseBr8SaQFr:EcqmaD/L6Zt4llM9bit+kcKRs","tlshash":"3bb4d9a2968822f87b33d61f93c5b39cb014f061d9621e6ff59a612dc6d27900263f7d","first_seen":"2026-02-25T02:34:32.53326Z","last_seen":"2026-02-26T17:03:57.971002Z","times_seen":3,"resource_available":false,"data":null}},"time_used":262,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":115,"receive":147,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"statistics.btcoservice27.com/images/e/s/0/508.png","fqdn":"statistics.btcoservice27.com","domain":"btcoservice27.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:58.169Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"btcoservice27.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 09:41:42 GMT","end":"Sun, 26 Apr 2026 10:41:35 GMT"},"fingerprint":{"sha1":"81:21:C1:62:6C:B3:8C:D6:3B:78:1C:03:98:EB:E4:B5:0B:08:13:4C","sha256":"86:BF:9F:A3:FE:30:F5:BD:7B:AD:63:3C:D7:11:72:E8:91:A7:06:23:A8:B5:1E:96:CD:28:18:3E:4C:48:4C:86"}}},"request":{"raw":"GET /images/e/s/0/508.png HTTP/1.1\r\nHost: statistics.btcoservice27.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:58 GMT\r\ncontent-type: image/png\r\ncontent-length: 1287\r\nserver: cloudflare\r\nlast-modified: Thu, 21 Apr 2016 08:12:32 GMT\r\netag: \"c0fe8ea59bd11:0\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\nx-powered-by: ASP.NET\r\nexpires: Sun, 22 Mar 2026 10:59:20 GMT\r\ncache-control: max-age=2592000\r\npragma: public\r\nx-cache: MISS\r\naccept-ranges: bytes\r\nvia: 1.1 google\r\nage: 532477\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nset-cookie: __cf_bm=UYz7WFD3J3Ei4XcaCkqALEvwbm496N.60NqQ4pIZgoo-1772117638.1394775-1.0.1.1-dv2WfUf.E0t.I.oArYO6tUguHA7b2HzuhD2wR4qqtiPhJitONYlfgEnrUK7tDp2zM2sdos78MMdtfqBVEELKN144hnbIYNWjaoVuCBLP_y82BDiQamZz9SnhKkCs8Eev; HttpOnly; Secure; Path=/; Domain=btcoservice27.com; Expires=Thu, 26 Feb 2026 15:23:58 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8d4tlN4tpR46YQXEd%2BiUDCjpYdZovT2YWLKK5BJam8ftchFF4xJl2t6VLFteCG%2BTZQLEj4FSMsrqRoutM9QzqGD4MBqXowD7nGu5EeKOhOkzPF6Z%2FJna%2FjANBkY%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d4046665e474c11-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]}],"data":{"size":1287,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced","md5":"240195d3bef9ccbadef65b0ca7edd319","sha1":"d66db66472223288df6b2efba965900f062095ba","sha256":"d50d09e4a1da04f755ef8a22ef98b6f3de27ba38d1175e620deb85480008a0f8","sha512":"71b8fb62c75606d1c8b13e7b08e818785252053ea7dcbdc5cc02f25b247962890ce3af62301c2197896e7a39d5e2d109560d62d7282c6f7a439933c5e18f6996","ssdeep":"","tlshash":"a2211aa49f8de8ce4fcca155554126f21066525b77c520c8d120942b44d9fe03996a70","first_seen":"2024-08-20T01:02:42.361347Z","last_seen":"2026-05-23T17:36:46.362523Z","times_seen":133,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/destination?id=G-2CT6DSEQTF\u0026cx=c\u0026gtm=4e62o1","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.178.72","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:54:02.658Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:36:44 GMT","end":"Mon, 27 Apr 2026 08:36:43 GMT"},"fingerprint":{"sha1":"60:4D:15:F0:37:85:71:03:3A:5F:40:31:C7:D1:01:D3:83:25:3A:02","sha256":"67:C0:9E:02:17:D8:19:0D:DC:84:B7:81:9F:AA:72:31:D5:26:0D:A6:E0:AB:41:AD:C9:26:05:57:7C:19:35:3A"}}},"request":{"raw":"GET /gtag/destination?id=G-2CT6DSEQTF\u0026cx=c\u0026gtm=4e62o1 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Thu, 26 Feb 2026 14:54:02 GMT\r\nexpires: Thu, 26 Feb 2026 14:54:02 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\ncontent-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgsrsghrgc:72:0\r\ncross-origin-opener-policy-report-only: same-origin; report-to=ascgsrsghrgc:72:0\r\nreport-to: {\"group\":\"ascgsrsghrgc:72:0\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgsrsghrgc:72:0\"}],}\r\nserver: Google Tag Manager\r\ncontent-length: 150778\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":455441,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (6033)","md5":"42c87bd4b84cb12bbdd5afbdd8463a4f","sha1":"d89d1902dbf3a6061b798023defdd14391da4166","sha256":"ce7c4cdda44052367a4a85c1f1c2d29d5a17d9831b49d1a43cd25416788439ea","sha512":"69c8e370eebfb7f0ae233412b2dd73dc1273684e093c334376508e644ac078c5ca63caa545de1c18f6ce2dfef32c86255f67f26fe75369fa8d0ed6e83f9a5831","ssdeep":"6144:dDkI3dclXYZfoDbvGPR8JLgoQ99orRUO5N8X1XgyznX6:ao+lXYZfoP6R81N8l3G","tlshash":"8ba409ce73d674225297f478903f018ba57b64a2b48cc89af189cce42d7469a4277f7c","first_seen":"2026-02-26T14:54:53.831068Z","last_seen":"2026-02-26T14:54:53.831068Z","times_seen":1,"resource_available":true,"data":null}},"time_used":121,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":69,"receive":52,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1052.com/storage/medias/galabet10/content_751_f00ad00088322c3724f224ea083d15cc.webp","fqdn":"icons.galabet1052.com","domain":"galabet1052.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:57.687Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1052.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:14:03 GMT","end":"Sun, 24 May 2026 11:13:59 GMT"},"fingerprint":{"sha1":"3B:14:63:FD:4D:69:AD:3E:AE:90:AC:62:75:5F:1C:3B:40:70:81:66","sha256":"67:D1:79:82:FD:52:DC:63:91:45:A6:57:3E:F7:D3:BE:95:EE:80:07:4E:A0:E0:43:F1:1C:9D:1B:E1:2E:48:79"}}},"request":{"raw":"GET /storage/medias/galabet10/content_751_f00ad00088322c3724f224ea083d15cc.webp HTTP/1.1\r\nHost: icons.galabet1052.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:57 GMT\r\ncontent-type: image/webp\r\ncontent-length: 24390\r\nserver: cloudflare\r\nlast-modified: Mon, 15 Dec 2025 14:03:09 GMT\r\npriority: u=4,i=?0\r\netag: \"6940151d-5f46\"\r\nexpires: Thu, 05 Mar 2026 14:53:57 GMT\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nset-cookie: __cf_bm=fswlSWBt1GIDkyLj8r7rnGBIuEteUSexdz1QUR0NHns-1772117637.6780343-1.0.1.1-x19KLdzhHgujNmZTRg8MvBGPUCYinmBR0lUxoD2rqC2rgwE2ADMEh7ln84pH.m255BETBj0naFa_G.BdTa_CIsisaiHoV1IzxbrYADXUfzZIuC8nIMYjq9Qne8EbfD1z; HttpOnly; Secure; Path=/; Domain=galabet1052.com; Expires=Thu, 26 Feb 2026 15:23:57 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=VqMJcAfjf%2FxiabXyemGHd8TUBuv5xmd6isr6uW7p4WK8CHwRbGrTN844Y07soJmEKwhYKH1bcbeUUAuJJ2AvTrsdk1d%2BA6R5fuLpOpErhAWKxYFwRw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d404663790135a6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":24390,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"10a343e21bbc8dd82b9a351018ae46fe","sha1":"ea31b5994a6dbc5e2c49d5f6eeaeb1c6b16df3f4","sha256":"08550d26480f3f6cf58fb6b50ba9c247d35c1eba70b6f2ca467abec7c84a19e8","sha512":"7c2cd2364f94f5a82d27ea07f251eabd2b42a03d1e2ddcb671abb80b897803941c05d8d3e2910c5fcc9844d5fb0e608c6b2063f1bf7c932bcd501efc709f5921","ssdeep":"384:lKjKORGzizM3XqK4PhCDkQcL5F0cqx1/v+zgxjfTE/a7PPY+xbyWBuPcCgfLdC:lQ1GzQM39QEkPF0cSN2zWjfTIfKjBe5x","tlshash":"5eb2e089da8861645c84f4483f4e24d7bb7816dcebaf083e978d0ee835c99b577b610c","first_seen":"2025-12-24T22:39:16.06566Z","last_seen":"2026-05-14T23:49:57.36494Z","times_seen":59,"resource_available":false,"data":null}},"time_used":124,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":93,"receive":31,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statistics.btcoservice27.com/images/e/s/0/948.png","fqdn":"statistics.btcoservice27.com","domain":"btcoservice27.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:58.180Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"btcoservice27.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 09:41:42 GMT","end":"Sun, 26 Apr 2026 10:41:35 GMT"},"fingerprint":{"sha1":"81:21:C1:62:6C:B3:8C:D6:3B:78:1C:03:98:EB:E4:B5:0B:08:13:4C","sha256":"86:BF:9F:A3:FE:30:F5:BD:7B:AD:63:3C:D7:11:72:E8:91:A7:06:23:A8:B5:1E:96:CD:28:18:3E:4C:48:4C:86"}}},"request":{"raw":"GET /images/e/s/0/948.png HTTP/1.1\r\nHost: statistics.btcoservice27.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:58 GMT\r\ncontent-type: image/png\r\ncontent-length: 1479\r\nserver: cloudflare\r\nlast-modified: Wed, 11 Apr 2018 06:18:21 GMT\r\netag: \"5363a2e35cd1d31:0\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\nx-powered-by: ASP.NET\r\nexpires: Sat, 28 Mar 2026 01:14:30 GMT\r\ncache-control: max-age=2592000\r\npragma: public\r\nx-cache: MISS\r\naccept-ranges: bytes\r\nage: 49167\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nset-cookie: __cf_bm=WDzz1vBIVoRbVQquUO_sK.MYo5v57LRMi4bagXyrSRU-1772117638.1448865-1.0.1.1-vll.H727ApLyIPWXzN6euoDFGfhcmh9aF2StIaL7FvP2V9IysIvJutODcmiCOq1iongSJt4h2GJ9da5ugFs0UHIgn1Uw2.3qpnQvBw1_m39Vr1gOZX59Ctjujsq.TP.a; HttpOnly; Secure; Path=/; Domain=btcoservice27.com; Expires=Thu, 26 Feb 2026 15:23:58 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ggK%2B8%2B45p%2FaPMGmufCSJQ0vX5fLuYBvcNQVekTpuXEYwR0VJrpxVsDwpMbbV9mmvK91BRjrAR9vcjkReJp9knQjteN0b%2Fh0zt4eLUMAEdzrYu9qvTWRAaqP9qg4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d4046666e974c11-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":1479,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced","md5":"cdd117e74ce4e2128924bb21d38e0e37","sha1":"5c2a6a9c9b3fd6db83ad6377ff8f945154b3bc6f","sha256":"7571ef92df8e2643cab42acadf174497d4d651e348f61617dbe7afa39095b5aa","sha512":"c4587c9ca9649b5b7626a78695dcb32dc0ab65266dd6e0b6c353a607f76f5301a95a6c78e3b25dd6f76e5822d6680bb20a4f26daf19f55a1bce6ae82d5b1c40d","ssdeep":"","tlshash":"7231277328d3784e73837a3f024a018af07a039670028ace1274e12d4ea1cb5585d853","first_seen":"2023-10-14T20:01:15Z","last_seen":"2026-05-10T14:37:17.44974Z","times_seen":209,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1052.com/svg/Predictor.json","fqdn":"icons.galabet1052.com","domain":"galabet1052.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.727Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1052.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:14:03 GMT","end":"Sun, 24 May 2026 11:13:59 GMT"},"fingerprint":{"sha1":"3B:14:63:FD:4D:69:AD:3E:AE:90:AC:62:75:5F:1C:3B:40:70:81:66","sha256":"67:D1:79:82:FD:52:DC:63:91:45:A6:57:3E:F7:D3:BE:95:EE:80:07:4E:A0:E0:43:F1:1C:9D:1B:E1:2E:48:79"}}},"request":{"raw":"GET /svg/Predictor.json HTTP/1.1\r\nHost: icons.galabet1052.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m-galabet1123.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nlast-modified: Mon, 30 Jun 2025 11:10:20 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=bH.y1c4mebrEIhKpZq5qbdR0UqXSWxApZWZuuQlyjz4-1772117635.7928793-1.0.1.1-qKueSmc7J4NF.vnZOohErazNCjHr5D2QFubJBR3k346g6umLj_pLFOj7MsYAerNZJBaJnUK5kh1eb7f3Oa2kN1RCKdSEd1Dt13b09ZuPu6ipnsBw7nrqqg9NeOULmk30; HttpOnly; Secure; Path=/; Domain=galabet1052.com; Expires=Thu, 26 Feb 2026 15:23:55 GMT\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=VzHiHO6lxUTMYTejkqn7LsLZQEHy3IZ%2FDveLwA2PNatKiYSFf8Z6m80fZrx08JiCcXSydYILwsVPHPMDqcAwIZBrIBVVn5YLnKDatdPUAUhhMfaHxA%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\netag: W/\"6862709c-2ce1\"\r\ncontent-encoding: br\r\ncf-ray: 9d404657ba9f4c11-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":11489,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"9b3949596034c0e170589b0d298d8d80","sha1":"3ef85a6cf846b4e3c0453652cd192a92db48165c","sha256":"14ae74f8558911ae15ae063621fa5b3f92699ca40af8034feaf7da18e1c5b5f8","sha512":"cadc1b604d9bbb9116a00b9cae1c19156c46103627ff76f5040c8f249ed6f0215f662f45a25d9fa1654671e8c6cfa4b258cc01d7f165f4a6d1c443671b91f68b","ssdeep":"192:IDzUUkrlb5YU/aMstNifMcLwW/ykO8piJesLUoyua7aASt5KsM50FgJGPbdGl+Jv:Ehk5b5LCNi1LJ6gsM5KgEPJGl0v","tlshash":"d2322fe7cb30c0e038de25bede2a5ed93a1ab4bd5ab1d044536dbc09d6c3dcad628540","first_seen":"2025-08-06T06:15:59.472831Z","last_seen":"2026-05-14T23:49:57.427522Z","times_seen":97,"resource_available":false,"data":null}},"time_used":156,"timings":{"blocked":60,"dns":0,"connect":0,"send":0,"wait":96,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-2CT6DSEQTF\u0026cx=c\u0026gtm=4e62o1","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.178.72","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:54:02.692Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:36:44 GMT","end":"Mon, 27 Apr 2026 08:36:43 GMT"},"fingerprint":{"sha1":"60:4D:15:F0:37:85:71:03:3A:5F:40:31:C7:D1:01:D3:83:25:3A:02","sha256":"67:C0:9E:02:17:D8:19:0D:DC:84:B7:81:9F:AA:72:31:D5:26:0D:A6:E0:AB:41:AD:C9:26:05:57:7C:19:35:3A"}}},"request":{"raw":"GET /gtag/js?id=G-2CT6DSEQTF\u0026cx=c\u0026gtm=4e62o1 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Thu, 26 Feb 2026 14:54:02 GMT\r\nexpires: Thu, 26 Feb 2026 14:54:02 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 150887\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":455432,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (6033)","md5":"fabf35169e1e0124051592ae6194dc8b","sha1":"f460cdc1fab203614a504f0dd2cc0d692352edd9","sha256":"96ade7154003acd2f81ef43c06cad1ee1c3706477559821fa91ced2a7848f2c8","sha512":"d84b2ea5058309b4767d9e9c060050ac22de4e7d8e52956669889cf1360632e52b1057e79af2ab9f9a59edf00a2de0fbaab630a394cf5659ee43e0364a8b4f0b","ssdeep":"6144:dAkI3dclXYZfoDbvGPR8JLgoQ99orRUO5N8X1XgyznX6:Xo+lXYZfoP6R81N8l3G","tlshash":"e0a409ce73d674225297f478903f018ba57b64a2b48cc89af189cce42d7469a4277f7c","first_seen":"2026-02-26T14:54:53.833587Z","last_seen":"2026-02-26T14:54:53.833587Z","times_seen":1,"resource_available":true,"data":null}},"time_used":110,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":62,"receive":48,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/index-B7VgD98L.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.409Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/index-B7VgD98L.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/assets/WagmiConf-DcRD12Of.js\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=1772117635394; twk_idm_key=1j_Pbe3wZINlDTDhzscRH\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=3,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"466b-/Ts+QOKMoXhMODCvlRfElkFQ2ec\"\r\nage: 0\r\ncontent-encoding: br\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XYizAw0p%2BrmDCCWgBUwrI2tZvcNnwWEWhzDU%2BG5x0ecbQ0XBA5Cukf7cifudv2u%2BJd%2Fa78aznhpGapnKBYGHLFd5JOLl5Xs7uT64Ce0DSLWx\"}]}\r\ncf-ray: 9d4046555a42e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":18027,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (17806)","md5":"f3e977cdfcddfa67de40c9532207a4e9","sha1":"fd3b3e40e28ca1784c3830af9517c4964150d9e7","sha256":"ed155181d21e63fe4f536feee6db5319acce059ebcb51d535fda3eac10ee81a2","sha512":"eaf67df8e9b0cc8ea960822bf3065c8e42c3a75184e741550897ea4b7fb58390ee0b877e9e1e73aae3723aea8e9fa825e3a27a88531e74a5c15d18d931310bc5","ssdeep":"384:3Mci40qXFFnJImIjE3QEuAOY2E0/JqNPR3OUFxmZ1d33PdEkBcxJs:3Mci408FFnJrIjE3D/OY2E0xqpc1NKkR","tlshash":"82820ad0e2b4f7a642e86add80392074f2218c28347dd0f1b6b6edd974664cac56dd37","first_seen":"2026-02-24T14:23:51.416772Z","last_seen":"2026-02-26T17:03:57.901098Z","times_seen":4,"resource_available":true,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"statistics.btcoservice27.com/images/e/s/0/880.png","fqdn":"statistics.btcoservice27.com","domain":"btcoservice27.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:58.172Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"btcoservice27.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 09:41:42 GMT","end":"Sun, 26 Apr 2026 10:41:35 GMT"},"fingerprint":{"sha1":"81:21:C1:62:6C:B3:8C:D6:3B:78:1C:03:98:EB:E4:B5:0B:08:13:4C","sha256":"86:BF:9F:A3:FE:30:F5:BD:7B:AD:63:3C:D7:11:72:E8:91:A7:06:23:A8:B5:1E:96:CD:28:18:3E:4C:48:4C:86"}}},"request":{"raw":"GET /images/e/s/0/880.png HTTP/1.1\r\nHost: statistics.btcoservice27.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:58 GMT\r\ncontent-type: image/png\r\ncontent-length: 1423\r\nserver: cloudflare\r\nlast-modified: Tue, 17 Sep 2019 11:24:17 GMT\r\netag: \"3ed7a714a6dd51:0\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\nx-powered-by: ASP.NET\r\nexpires: Thu, 26 Mar 2026 17:36:11 GMT\r\ncache-control: max-age=2592000\r\npragma: public\r\nx-cache: MISS\r\naccept-ranges: bytes\r\nage: 163066\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nset-cookie: __cf_bm=67hzvaVmzv8pwJqCg_4oVvx.6HsRWNrt5sz9KS9UNWQ-1772117638.1429458-1.0.1.1-ZrpPb0USx.JhocALmsXFFykqKLsB4.4w_6ZqPsdvaE6Licune16muK2Ex5MgHdnBIybKdX9I38CnKUvBN3UShQ3ixTcoJJ4x_aHMsmrSM_12.DTWUogbgRO3kKG5lisC; HttpOnly; Secure; Path=/; Domain=btcoservice27.com; Expires=Thu, 26 Feb 2026 15:23:58 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=iHRD6Xl89yipamQqU1%2Bk%2BhE4xpM2uKCFQmIjlgQg4QtPZQHUEoKYXGQMXgXmJJ47mIwmtYfyFN6CeFlfJEhjVV3hWmQunqpeO7ilfSlSP4Dq7nucKqmqgOQbFUA%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d4046666e794c11-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":1423,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced","md5":"800abf58d9a455a564a02191ffa7c161","sha1":"806d2635d3953cca8ea799c89f202df06fcb604e","sha256":"0b8dfea3e04724260819558eb90b8c595196700a42de20a44dbc9256267a1f6f","sha512":"8f1e79718b180c0777d50fa7d708e0e4dee94ff8789427fd30603e59906c05f00e99f613152d8d5cf2e91a0dbea5a171242d3142bdae26c9a892a1e7fad5b4d2","ssdeep":"","tlshash":"ee210be1a80144380ad775a2fdcb94b06db763f7cf61a10a6845e113033cdd9b443d6b","first_seen":"2023-11-25T15:41:35Z","last_seen":"2026-05-22T06:52:51.929519Z","times_seen":246,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/tr-DNMx9v2O.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.018Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/tr-DNMx9v2O.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m-galabet1123.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=4,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"5b3-59/33iOLKMEO4likL9vPTINhKcE\"\r\nage: 0\r\ncontent-encoding: br\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QjiB2%2BFQqt4Q0WNRtFUIIH2ytqd9QKGwQeZmkHPCfaXH82va%2F8E0MuwmoZ4wgrr7ZSBGGRjymXioT%2Fd0EHKJsT3kO4Q%2FwWdOQJ7ZjlfpfwND\"}]}\r\ncf-ray: 9d404652e9a2e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":1459,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (1438)","md5":"1fd777bf8093133bb5a1287bbc2b7a38","sha1":"e7dff7de238b28c10ee258a42fdbcf4c836129c1","sha256":"f3d64453462e4b3cab922024e5433aec52a85ebc8ebe805bea754142a074d3bf","sha512":"0101e21f6937710e2cb6d7a2a8a3c486e1f5551d293e734b62f283fb4651091180358049a6e655e0e2d63048a7a40c5c2dc71b78f41ab1286d2827a266e91707","ssdeep":"","tlshash":"2431624d2906eab2870159878c2f5f44f80d6a087136f5659be4d461ba709ee807eb3e","first_seen":"2026-02-24T14:23:51.318307Z","last_seen":"2026-02-26T17:03:57.781582Z","times_seen":4,"resource_available":true,"data":null}},"time_used":116,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":116,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/menus/header_menu_751_tur.json","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.505Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /menus/header_menu_751_tur.json HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=1772117635494; twk_idm_key=1j_Pbe3wZINlDTDhzscRH\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: application/json\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HxxIDirNGDW6m48ikV3%2F8rnjQWWlRz0sa%2BqGmM1qP5R1Cjlor3e0r5rZxQvIw9GJlpE%2FcI4CHdSVsh%2F%2BFBlSRClaGCJcVnHtBCwsYcpM5Ep%2F\"}]}\r\nx-powered-by: Express\r\nx-cache: HIT\r\netag: W/\"3e20-Axq+sNUh/9HRtNyMoCCJUKo54bo\"\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncf-ray: 9d404655fa7be0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":15904,"size_decoded":0,"mime_type":"application/json","magic":"Unicode text, UTF-8 text, with very long lines (15871), with no line terminators","md5":"807930a4e5a83095316ed056cb74a9ff","sha1":"7cecdf28fcbcca6880b87db53cf2a12b132c252a","sha256":"5987a836da1b8a0fa83ffeee0b1bf2cfe4a7c817f5bd5ab7e3b5f0399207a0ae","sha512":"c991877b093733535a26e9ba10cde6bb2994e2792eca34c778bff6c23b41b81e2287752d27e779f92732c3e1d601bb434d192917620f03c80f50d65b1f02d4ff","ssdeep":"384:McwDCO9HzZmN3dpQ6evgsNnNTiAO2Ba3rqpm+x1A7TENAzgO+jKelbaP:McwDCO9HzZmN3dpQ6AgsNnoAO2Ba3rqA","tlshash":"c6621602f01e5976d3183e007cc76d5b98cd509d6c9d4940ad4e8acecbd94af8eca6eb","first_seen":"2026-02-24T14:23:50.954864Z","last_seen":"2026-03-04T19:25:33.685191Z","times_seen":5,"resource_available":false,"data":null}},"time_used":48,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":48,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1052.com/storage/medias/galabet10/content_751_2ac9238fd8684537d6f4ef60e07608a9.webp","fqdn":"icons.galabet1052.com","domain":"galabet1052.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:56.815Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1052.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:14:03 GMT","end":"Sun, 24 May 2026 11:13:59 GMT"},"fingerprint":{"sha1":"3B:14:63:FD:4D:69:AD:3E:AE:90:AC:62:75:5F:1C:3B:40:70:81:66","sha256":"67:D1:79:82:FD:52:DC:63:91:45:A6:57:3E:F7:D3:BE:95:EE:80:07:4E:A0:E0:43:F1:1C:9D:1B:E1:2E:48:79"}}},"request":{"raw":"GET /storage/medias/galabet10/content_751_2ac9238fd8684537d6f4ef60e07608a9.webp HTTP/1.1\r\nHost: icons.galabet1052.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:56 GMT\r\ncontent-type: image/webp\r\ncontent-length: 175492\r\nserver: cloudflare\r\nlast-modified: Thu, 26 Feb 2026 11:05:18 GMT\r\npriority: u=4,i=?0\r\netag: \"69a028ee-2ad84\"\r\nexpires: Thu, 05 Mar 2026 14:53:56 GMT\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nset-cookie: __cf_bm=sa5cpRR0XlPhK2Xb5z39bFjnVqB3ZGDkOZIHAoi5ZDU-1772117636.7980344-1.0.1.1-JJbhbT3LEPSeTuw87aw4vgE1Ljm42.MSMmaA392c0Iqw9rFK3a2H_8IJ77w0qMXBsLVPM7nJyZ3LQfK.xmWIhb79kwcyqaNHw6_I0ffIJMmLKo_k7BrFNTaflo6wPz.J; HttpOnly; Secure; Path=/; Domain=galabet1052.com; Expires=Thu, 26 Feb 2026 15:23:56 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FKxJLbBF6zrbmdgvAWYZeVoV8cd9S3fSc1yfNkUjNghuzwOcsqjgh5LPmaZfVVf1kvKhSZL2qoUqcx%2BXoKhZjp%2BC%2FBv4CKJA4haTgb4w%2BhSA1JZ6Nw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d40465dfdee35a6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":175492,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 2600x662, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"5c45cb245847803d40e611456ddb734c","sha1":"33412831c3389340f1405a8a6127d11d423a6e96","sha256":"dd4ebf85e456372103474becb402cd62b1d3b2d89da84151bc9d2b53bcd328d1","sha512":"650faf53e33447de1644886e18b8df6fd7efc3e39dd15471ef7e626ab5a390830a9c2ed68f736a06fc550827b9c1b98b289090460c10b040696d2e78b149c9ae","ssdeep":"3072:fr983QljEjvclW+S6rQLdFv4ICYSTBCLB6TJuutN/B5D8dCZ6RW9jnSpwOc6:D983QljEzclZNr6FpnSTB+QJuaN40Z6z","tlshash":"810413154d2e8bb4e97c7b865519b81f3a2f5a3d9dc300921cb4440ac7707ed3a6bfa8","first_seen":"2026-02-26T14:54:53.836756Z","last_seen":"2026-03-07T13:29:05.610235Z","times_seen":5,"resource_available":false,"data":null}},"time_used":179,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":63,"receive":116,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69967ba6a3b/css/max-widget.css","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:57.263Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 06 Jan 2026 07:50:57 GMT","end":"Mon, 06 Apr 2026 08:50:49 GMT"},"fingerprint":{"sha1":"76:A2:1D:87:6A:02:2B:AE:59:CF:63:88:47:0B:0E:A0:A4:71:2D:D7","sha256":"9E:00:F3:80:45:CF:47:97:9A:BA:39:F6:38:6F:52:DD:E7:5F:D6:9B:7E:89:F7:9D:B0:BD:98:6F:1F:45:64:2A"}}},"request":{"raw":"GET /_s/v4/app/69967ba6a3b/css/max-widget.css HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:57 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 19 Feb 2026 02:56:34 GMT\r\netag: W/\"7c8224daff490314bbee102edaf64029\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\nage: 16672\r\nvary: accept-encoding\r\ncf-cache-status: HIT\r\npriority: u=2,i=?0\r\nx-content-type-options: nosniff\r\ncf-ray: 9d404660ee2fe0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":100307,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"7c8224daff490314bbee102edaf64029","sha1":"13aabbb4f10305443e0fbb19c55fd27c149828a6","sha256":"a3652c70ae4477871298cf7fec970ce38a1a5f26a814c06b72cbbafa9c6f3298","sha512":"4a1ac844d0cfc147baefde211336f72422efaaa9c92b4e3a150e434aa3bcd0ca3ab49c34aefca46bed94139738c01ec1af989beb50b48dc747faef0cb8a779b0","ssdeep":"1536:f/Uifm7kUdwddCri1iLc0Lg261F2BBCrikauV3cGiH27PNWE98MGfU0nPROpmi0U:xauVLmi0V0d+tKaK","tlshash":"dda399b2e56710cc7363c22692c1faac1029e370c757caa6f827767d4bc25963562f9c","first_seen":"2026-01-16T00:46:03.978063Z","last_seen":"2026-05-27T07:42:34.872881Z","times_seen":27804,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":19,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/index-BiJIhSTW.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:57.582Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/index-BiJIhSTW.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/assets/index-Dm17uEDJ.js\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=0; twk_idm_key=1j_Pbe3wZINlDTDhzscRH; twk_uuid_69345a05c4e6ba197aefa96c=%7B%22uuid%22%3A%221.92R1qCgyJWowz2iTiEpRwBM0xZehlrdmh8bxgIdk3R7rbioXvAdL6Ij0M1frbRAs6Dh30m1oA1FRvNd3M7KvvDyVS879Xvfp17FFvDm7hE25401h5GP6zS56Sncq%22%2C%22version%22%3A3%2C%22domain%22%3A%22m-galabet1123.com%22%2C%22ts%22%3A1772117636060%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:57 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=3,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"b6b-1Bg7yjdoLwUGDo0c5teGj4YMq4Y\"\r\nage: 0\r\ncontent-encoding: br\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jCLOkswl41u3q0RU8tfaxt9dj8gPLxuD%2BXaBbxN6NI96sZ8lvEqEWBl9PZ6ZuPNzNJKSFVOfol1jSh7hSQ8%2FNFQxUqaJ5n0Ugh0q1DuidKIe\"}]}\r\ncf-ray: 9d404662eea9e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":2923,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (2922)","md5":"290dcee25f8e870092e0107cb9f53b29","sha1":"d4183bca37682f05060e8d1ce6d7868f860cab86","sha256":"0ef379043ea494139dc0f9b188aeea5e4a27103630a8f5fc565f4ece328dbd3b","sha512":"ebcb68e4da4f4a2a0c0f600e0003a5cf9a682273ffeb2352ed169c1e539a082b0c906ad037c92633945224fe94adcc66992a58eb154ffbdd8f137b841c348f30","ssdeep":"","tlshash":"ae5141c7a042e7f4bfe708e6429b10b074378d5cbe1b84a092be58964958752e36bf4d","first_seen":"2026-02-24T14:23:51.440572Z","last_seen":"2026-02-26T17:03:57.799137Z","times_seen":4,"resource_available":true,"data":null}},"time_used":15,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"statistics.btcoservice27.com/images/e/s/0/501.png","fqdn":"statistics.btcoservice27.com","domain":"btcoservice27.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:58.185Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"btcoservice27.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 09:41:42 GMT","end":"Sun, 26 Apr 2026 10:41:35 GMT"},"fingerprint":{"sha1":"81:21:C1:62:6C:B3:8C:D6:3B:78:1C:03:98:EB:E4:B5:0B:08:13:4C","sha256":"86:BF:9F:A3:FE:30:F5:BD:7B:AD:63:3C:D7:11:72:E8:91:A7:06:23:A8:B5:1E:96:CD:28:18:3E:4C:48:4C:86"}}},"request":{"raw":"GET /images/e/s/0/501.png HTTP/1.1\r\nHost: statistics.btcoservice27.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:58 GMT\r\ncontent-type: image/png\r\ncontent-length: 1553\r\nserver: cloudflare\r\nlast-modified: Wed, 11 Apr 2018 05:48:38 GMT\r\netag: \"91bdfabc58d1d31:0\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\nx-powered-by: ASP.NET\r\nexpires: Fri, 27 Mar 2026 20:17:18 GMT\r\ncache-control: max-age=2592000\r\npragma: public\r\nx-cache: MISS\r\naccept-ranges: bytes\r\nage: 66999\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nset-cookie: __cf_bm=PTMqSOJxPylMN31EGvLZuZa5ib8bD_VSXzdnt94su80-1772117638.146764-1.0.1.1-pDjZdV3N0Bixv0rkrEhfpnv3FQuakTF2MFllE_Hcdk_z9jVSd6PpJH_ZJXPPlVCfQJwPTb8SSr_nxi1.6A9sIvDPYakehSFgbCLRYEYkN7L19zdBnLHgC_KkRcg8fgG1; HttpOnly; Secure; Path=/; Domain=btcoservice27.com; Expires=Thu, 26 Feb 2026 15:23:58 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1UQjq3UoulT%2BHzmqtZ1l3fJsL3J7TJ%2BIsUJgCYcpeP5Q4M4qsOBlkl6FWr4%2BBP72r4snIp3fcAWlUVzjKivm%2FLXlignQ2ja8wOhKojIvYNTP719LlgoBKOfUbpc%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d4046666eaf4c11-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1553,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced","md5":"195e42a3ed0da86c469a643f5503d275","sha1":"f397e9c29e76d27a11122ac60780a47366ab8be2","sha256":"38b46854aacc74662d396179b8a5c314b60d439d5371a20225e6cc92b585b89e","sha512":"86ebcbb424eea7834f9691738cd97864463df6f784940b52d5b5048a6c75e1b74c73d93a69c19f4be6435268c71f4302343f97c1a543483ebab98d6bfc69c599","ssdeep":"","tlshash":"d031e8bdb34d5a7dd069239c3724e915ee26327f81110ee2321ca3604338ec94ba9eb1","first_seen":"2024-02-23T14:13:45Z","last_seen":"2026-05-08T19:17:55.831589Z","times_seen":213,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69967ba6a3b/js/twk-chunk-2d21ad1b.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:58.480Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 06 Jan 2026 07:50:57 GMT","end":"Mon, 06 Apr 2026 08:50:49 GMT"},"fingerprint":{"sha1":"76:A2:1D:87:6A:02:2B:AE:59:CF:63:88:47:0B:0E:A0:A4:71:2D:D7","sha256":"9E:00:F3:80:45:CF:47:97:9A:BA:39:F6:38:6F:52:DD:E7:5F:D6:9B:7E:89:F7:9D:B0:BD:98:6F:1F:45:64:2A"}}},"request":{"raw":"GET /_s/v4/app/69967ba6a3b/js/twk-chunk-2d21ad1b.js HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:58 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 19 Feb 2026 02:56:35 GMT\r\netag: W/\"1115e2fca9841903408279b7425f0389\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\nage: 16681\r\nvary: accept-encoding\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nx-content-type-options: nosniff\r\ncf-ray: 9d4046687fb8e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3572,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (3572), with no line terminators","md5":"1115e2fca9841903408279b7425f0389","sha1":"caabdc62a38aeee323b94ce629f1c12f260e7353","sha256":"8ae1a405e5dbd536b519694e1557e6b6ef73e4e679da67cf506cf43ff0f36ec1","sha512":"ff0e62573b59fbf6d2315eeb340a8bd798b0ac2a793b849665b46bf06f5fdbc774a27aff3dca3fde1c06b05cb8b5da46433ade1c441be88bbf0de9b2ebf6b9f8","ssdeep":"","tlshash":"d57193a8f195fbf98603e75240ff5322f0347955916ae025fb70caf803d44da6269f1a","first_seen":"2025-04-29T16:20:56.245573Z","last_seen":"2026-06-07T13:07:36.699952Z","times_seen":478,"resource_available":true,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69967ba6a3b/js/twk-main.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:54.538Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 06 Jan 2026 07:50:57 GMT","end":"Mon, 06 Apr 2026 08:50:49 GMT"},"fingerprint":{"sha1":"76:A2:1D:87:6A:02:2B:AE:59:CF:63:88:47:0B:0E:A0:A4:71:2D:D7","sha256":"9E:00:F3:80:45:CF:47:97:9A:BA:39:F6:38:6F:52:DD:E7:5F:D6:9B:7E:89:F7:9D:B0:BD:98:6F:1F:45:64:2A"}}},"request":{"raw":"GET /_s/v4/app/69967ba6a3b/js/twk-main.js HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m-galabet1123.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:54 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Thu, 19 Feb 2026 02:56:35 GMT\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\ncf-cache-status: MISS\r\netag: W/\"da5bb1dc647470204df0e49f5afac2de\"\r\ncontent-encoding: br\r\ncf-ray: 9d40464fed320b9c-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":121,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with no line terminators","md5":"da5bb1dc647470204df0e49f5afac2de","sha1":"f5cbf596ca5e4fe208e4c55af6e45b71f9febbe8","sha256":"705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c","sha512":"d9c0eda8c93df421f8147960ff4b00f8eacd8791b8386b020f04d0478c6b7a4328767a82b52b8cfbb7c3a44cb55cec488c2d1008670bee709d67d8bdbd887c39","ssdeep":"","tlshash":"d4b09b6c1057f86955e8064ed3b7f65d1d961050811104301658a1753321143c61c55b","first_seen":"2023-03-07T01:02:45Z","last_seen":"2026-06-08T12:51:50.330923Z","times_seen":85431,"resource_available":true,"data":null}},"time_used":137,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":137,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/FavoriteGamesContent-BWhyATt4.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:57.383Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/FavoriteGamesContent-BWhyATt4.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/assets/index-Dm17uEDJ.js\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=0; twk_idm_key=1j_Pbe3wZINlDTDhzscRH; twk_uuid_69345a05c4e6ba197aefa96c=%7B%22uuid%22%3A%221.92R1qCgyJWowz2iTiEpRwBM0xZehlrdmh8bxgIdk3R7rbioXvAdL6Ij0M1frbRAs6Dh30m1oA1FRvNd3M7KvvDyVS879Xvfp17FFvDm7hE25401h5GP6zS56Sncq%22%2C%22version%22%3A3%2C%22domain%22%3A%22m-galabet1123.com%22%2C%22ts%22%3A1772117636060%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:57 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=3,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"ac3-8yWCTrNLVrF3D4CWPHctjyMyETM\"\r\nage: 0\r\ncontent-encoding: br\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=G2qpvBMmdN8HkeadStlocdFZL8FuvQWChMF682qYTgVJZ94EiU3Xvn7GAn9%2BK9zt4w5akv3O74I4dVAtKGOIwFsAYrx9jbmv97OJD%2B8pOeLP\"}]}\r\ncf-ray: 9d4046615e4ee0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":2755,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (1704)","md5":"520492d6f1f44fba5d1f5afca843fae8","sha1":"f325824eb34b56b1770f80963c772d8f23321133","sha256":"c7d7349a97d49fe38ecb60e29f790b95bc64e28929fcaf25d26507769c95df54","sha512":"5e4491318fc800e80ae25f817e14c02f4787708539b9ef5ae96597170f432fe6a924209bbd0450631434b4c53d711a93ed68c09cca99a30f893e60eb80d54508","ssdeep":"","tlshash":"5151c51140415ff8bb9e5eda2e27c064196a438ca286c17da87c4f3e3818640713bffa","first_seen":"2026-02-24T14:23:50.928734Z","last_seen":"2026-02-26T17:03:57.788556Z","times_seen":4,"resource_available":true,"data":null}},"time_used":100,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":100,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"crm-lib.fasttrack-solutions.com/lib/css/fasttrack-crm-app.css?v=caaa61a","fqdn":"crm-lib.fasttrack-solutions.com","domain":"fasttrack-solutions.com","tld":"com"},"ip":{"addr":"172.67.73.148","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:57.432Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fasttrack-solutions.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 25 Jan 2026 02:49:52 GMT","end":"Sat, 25 Apr 2026 03:49:32 GMT"},"fingerprint":{"sha1":"AC:2D:A6:7A:37:80:2E:24:CB:68:71:7C:86:FC:30:1E:1E:D5:AC:5F","sha256":"BD:5F:72:18:CF:A9:84:64:5F:E2:CB:09:75:97:03:8D:AC:00:57:4C:64:66:E8:35:8B:BE:B8:14:A0:84:32:AF"}}},"request":{"raw":"GET /lib/css/fasttrack-crm-app.css?v=caaa61a HTTP/1.1\r\nHost: crm-lib.fasttrack-solutions.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m-galabet1123.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:58 GMT\r\ncontent-type: text/css\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET\r\naccess-control-expose-headers: ETag\r\naccess-control-max-age: 3000\r\nlast-modified: Wed, 11 Feb 2026 13:55:46 GMT\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: zbjvR4XmwNBIJlxjEvxcm_sn.IUZfztx\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=u2GByGvVGgv8wjGoyN2vpNfEepjFa71fGQLCsGRY3yG1lECDmOgjwfJsPSreb92jQ9BJyLFNcpCy5anvz87vbcSJZQouXbQrZnIr0CtZZz0H5gJWk9k2YkH8y2A8HQ%3D%3D\"}]}\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 30a448a0dbd4a52ea118d2e64f0535c8.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P1\r\nx-amz-cf-id: bV79b0DMOVvVmx4ZtkyC6Ewqh55RvKrowiJUt__pIp2AagG2_diAAA==\r\nage: 1382\r\ncache-control: max-age=31536000\r\ncf-cache-status: REVALIDATED\r\netag: W/\"7906aada543698dba1005a917ffae2a7\"\r\ncontent-encoding: br\r\ncf-ray: 9d4046623c5e1ecb-ARN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":27953,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (27953), with no line terminators","md5":"7906aada543698dba1005a917ffae2a7","sha1":"7f00d6655894909587fe280ebf09bf57f66b4100","sha256":"5e2a69854668603fcd556f0b8a3da306e3de6d5ad4dee7a9e9a57ca998269d76","sha512":"262f19709cde3e7abb7bb6d9724437b042fe626636083b80376e35a91d1ea9b39aec82463626711cb60a8c516a1b909d53aac644f056e77929e736fed6d1706b","ssdeep":"384:cFukqharVUf5rKbHWkAB1MG4TmpcHyH3XHZw/XNPalHfI:ckkqharVUf5rKbHWkAB1MG4Tmpc+J6aO","tlshash":"78c2442302c02288ac2b892b73d50599d93ec836651b6dedd7433955c7cb77e3a6b34e","first_seen":"2025-10-24T22:03:16.572036Z","last_seen":"2026-06-06T23:43:56.076642Z","times_seen":141,"resource_available":false,"data":null}},"time_used":1159,"timings":{"blocked":38,"dns":3,"connect":8,"send":0,"wait":1080,"receive":0,"ssl":28},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1052.com/storage/medias/galabet10/content_751_4c091674cc1b8a757edda70f9a97662f.webp","fqdn":"icons.galabet1052.com","domain":"galabet1052.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:57.688Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1052.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:14:03 GMT","end":"Sun, 24 May 2026 11:13:59 GMT"},"fingerprint":{"sha1":"3B:14:63:FD:4D:69:AD:3E:AE:90:AC:62:75:5F:1C:3B:40:70:81:66","sha256":"67:D1:79:82:FD:52:DC:63:91:45:A6:57:3E:F7:D3:BE:95:EE:80:07:4E:A0:E0:43:F1:1C:9D:1B:E1:2E:48:79"}}},"request":{"raw":"GET /storage/medias/galabet10/content_751_4c091674cc1b8a757edda70f9a97662f.webp HTTP/1.1\r\nHost: icons.galabet1052.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:57 GMT\r\ncontent-type: image/webp\r\ncontent-length: 19028\r\nserver: cloudflare\r\nlast-modified: Tue, 01 Oct 2024 12:45:14 GMT\r\npriority: u=4,i=?0\r\netag: \"66fbeeda-4a54\"\r\nexpires: Thu, 05 Mar 2026 14:53:57 GMT\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nset-cookie: __cf_bm=mSw2h..EBHPSpypibBlojmF67aNfBE5PY2xvdkjD1qs-1772117637.679105-1.0.1.1-2OuEKCopxNePsgd9Cw6_pbc.ihdI.7AYOWG.MWb5KaHN55NjQ.El8VWYIWDjnWSNnmYc4XFvxEm5xbb5v0SJ_X6dj6EviZe5DZIQK8WkzphLKIjOVNoc7nExoA.AmOrU; HttpOnly; Secure; Path=/; Domain=galabet1052.com; Expires=Thu, 26 Feb 2026 15:23:57 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4oLEsfjJwBUA%2F%2Fd9YNqdDtj0MEME4jCE96OSqufl79E2GaWmuZUbo8GPnTN6LITpk4jCAwHHoJyTDyEbXpoTnAArqF9ogzbDoy1WyC%2FEr8leT70GGQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d404663790d35a6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":19028,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"470ce435d160ed8e1bb2c716c12f2bd4","sha1":"42647d800b75281936e1427193e663f6c6aea371","sha256":"adf12d4f2eef34d98c80198b305fc79522cef8ffe98b36263a852afe7c7d3a54","sha512":"03487ca714d93651cc162135dfc4558db1a3ed137e1386aebdf37fba4957861664f6461c2ee462ad22e21484e3e8d4c87286b1935b412972047668e6a063c396","ssdeep":"384:TTMuAQQFE/lQynoYVSZv8D9gHyuiL7vF11TN2pWeLTmSdF//xIjYhop1uCCKEhN4:8u5K2o0WHNiL7vF172pWATpdNxS5pxEc","tlshash":"d582d13a8138838b86d7388ad4dd1964ba674a4c6d2a3815d37c6f8fd8f114d137587d","first_seen":"2025-12-24T22:39:16.382831Z","last_seen":"2026-06-06T23:43:56.120301Z","times_seen":55,"resource_available":false,"data":null}},"time_used":49,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":48,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"va.tawk.to/v1/session/start","fqdn":"va.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.235Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 06 Jan 2026 07:50:57 GMT","end":"Mon, 06 Apr 2026 08:50:49 GMT"},"fingerprint":{"sha1":"76:A2:1D:87:6A:02:2B:AE:59:CF:63:88:47:0B:0E:A0:A4:71:2D:D7","sha256":"9E:00:F3:80:45:CF:47:97:9A:BA:39:F6:38:6F:52:DD:E7:5F:D6:9B:7E:89:F7:9D:B0:BD:98:6F:1F:45:64:2A"}}},"request":{"raw":"OPTIONS /v1/session/start HTTP/1.1\r\nHost: va.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://m-galabet1123.com/\r\nOrigin: https://m-galabet1123.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/3 200 OK\r\nx-served-by: visitor-application-preemptive-g12n\r\naccess-control-allow-origin: https://m-galabet1123.com\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 3600\r\naccess-control-allow-methods: POST,OPTIONS\r\naccess-control-allow-headers: content-type,x-tawk-token\r\ncache-control: public, s-maxage=600, max-age=600\r\ncontent-type: text/html; charset=utf-8\r\nvary: Accept-Encoding\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\npriority: u=4,i=?0\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\ncf-cache-status: DYNAMIC\r\nserver: cloudflare\r\ncontent-encoding: br\r\ncf-ray: 9d40465438b34435-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T13:34:10.574604Z","times_seen":16240797,"resource_available":true,"data":null}},"time_used":146,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":146,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/__proxy-cms-api/casino/getGames?partner_id=751\u0026lang=tur\u0026is_mobile=0\u0026country=NO\u0026category=28\u0026limit=10","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:56.425Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /__proxy-cms-api/casino/getGames?partner_id=751\u0026lang=tur\u0026is_mobile=0\u0026country=NO\u0026category=28\u0026limit=10 HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/tr/\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=0; twk_idm_key=1j_Pbe3wZINlDTDhzscRH; twk_uuid_69345a05c4e6ba197aefa96c=%7B%22uuid%22%3A%221.92R1qCgyJWowz2iTiEpRwBM0xZehlrdmh8bxgIdk3R7rbioXvAdL6Ij0M1frbRAs6Dh30m1oA1FRvNd3M7KvvDyVS879Xvfp17FFvDm7hE25401h5GP6zS56Sncq%22%2C%22version%22%3A3%2C%22domain%22%3A%22m-galabet1123.com%22%2C%22ts%22%3A1772117636060%7D\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:59 GMT\r\ncontent-type: application/json; charset=utf-8\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS\r\naccess-control-allow-headers: X-Requested-With,Content-Type,Origin,Accept,Accept-Encoding,Accept-Response\r\nset-cookie: __cf_bm=6MdR4hc7fNLOaZpxICoOCbjYYAq8YwucGvGXMRA6c7E-1772117638-1.0.1.1-sn63QrRYrVVtSTOYDnUPFlhnSoUWmD4FH4WMJLE47SRJuwSsX7gmIqeCRziX2KRfVxjLfayPoif85YCFSqW6Zih3gE82VECS8ffpWuhBeyE; path=/; expires=Thu, 26-Feb-26 15:23:58 GMT; domain=.betcoapps.com; HttpOnly; Secure; SameSite=None\r\ncache-control: max-age=600\r\nvary: Accept-Encoding\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wj4bcI%2BIpmJZBe2BtXHgorqz%2FZWVdt3PJItv1V5RWn0EZG3M04QA2dGKPdWJQegStHAjV938gMgb%2FXCM5RFCoIxmCvsvyeTEUcVGInQUJpFB\"}]}\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncf-ray: 9d40465b5c80e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":14740,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"c85bef594b944db4c3980bf09b941858","sha1":"60ce791ae1c7efed04f6def08c2e3fd460187b87","sha256":"d0731218fc07ab0f2cac6a2823f5c4e67cebb1497be3b93716365e1491145cdb","sha512":"a1455b26e134e81734cbf7a73b7dc412f6ce2b93d42b1df143d1592ea7dd11edcf9592fe90ddc379b852a380ce527c95790d607e3d29c58f2b40d5150258b910","ssdeep":"192:I1Z9D5iomhaMVMM55YnwKP56cz5FiM4MfcMfqw5J6if483/3Z9a5ioFlFyhFVcT7:Y5iuu5pQ51JU5iJ5s5f5I5TX54jsE","tlshash":"046222221e28ffe55f1a5c9228963c4ed8fd1ba39456bdc04eb9d8ed41e40d243b12e7","first_seen":"2026-02-26T14:54:53.841691Z","last_seen":"2026-02-26T17:03:57.770304Z","times_seen":2,"resource_available":false,"data":null}},"time_used":2677,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2650,"receive":27,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/assets/images/attention-grabbers/168-r-br.svg","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:56.893Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 06 Jan 2026 07:50:57 GMT","end":"Mon, 06 Apr 2026 08:50:49 GMT"},"fingerprint":{"sha1":"76:A2:1D:87:6A:02:2B:AE:59:CF:63:88:47:0B:0E:A0:A4:71:2D:D7","sha256":"9E:00:F3:80:45:CF:47:97:9A:BA:39:F6:38:6F:52:DD:E7:5F:D6:9B:7E:89:F7:9D:B0:BD:98:6F:1F:45:64:2A"}}},"request":{"raw":"GET /_s/v4/assets/images/attention-grabbers/168-r-br.svg HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:56 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Sat, 22 May 2021 07:25:19 GMT\r\netag: W/\"f66e029841759471d2ec78b86760dca7\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\nage: 16658\r\nvary: accept-encoding\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nx-content-type-options: nosniff\r\ncf-ray: 9d40465e9d90e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":22356,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"f66e029841759471d2ec78b86760dca7","sha1":"d9db67738984efee3dd63cb144759ac0521c7dda","sha256":"5108ef00c54e1f6ce859852834135447457cf19ee19aa7b0fb55b64b425cb526","sha512":"56ec42c707f42339dc21f9bbba6465e75fbfb92c42b4ea180c7f18120e522284b1fa792c63a214fd472ea47f93203af98ce67cc06ac317d945e619e3ba4e87eb","ssdeep":"384:yNDpPg81DH4/8j2CDFmKIk+pv4osVQ37MTNDsPa2vFqrXdCImKkkppDX0skQ3sdv:gDY/mxmKSpv4HQ3YcvEAImKJpDXGQ3sR","tlshash":"83a2243d46a0c3fd9ac5d2fdaf619068904da0ced1f7c74283e6869046e39d9f20d4ea","first_seen":"2023-04-11T22:59:01Z","last_seen":"2026-06-08T12:06:52.057034Z","times_seen":36674,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":18,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1052.com/storage/medias/galabet10/content_751_d74a4ebe29a311acd768d7a041714545.webp","fqdn":"icons.galabet1052.com","domain":"galabet1052.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:57.677Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1052.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:14:03 GMT","end":"Sun, 24 May 2026 11:13:59 GMT"},"fingerprint":{"sha1":"3B:14:63:FD:4D:69:AD:3E:AE:90:AC:62:75:5F:1C:3B:40:70:81:66","sha256":"67:D1:79:82:FD:52:DC:63:91:45:A6:57:3E:F7:D3:BE:95:EE:80:07:4E:A0:E0:43:F1:1C:9D:1B:E1:2E:48:79"}}},"request":{"raw":"GET /storage/medias/galabet10/content_751_d74a4ebe29a311acd768d7a041714545.webp HTTP/1.1\r\nHost: icons.galabet1052.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:57 GMT\r\ncontent-type: image/webp\r\ncontent-length: 30648\r\nserver: cloudflare\r\nlast-modified: Mon, 15 Dec 2025 14:01:17 GMT\r\npriority: u=4,i=?0\r\netag: \"694014ad-77b8\"\r\nexpires: Thu, 05 Mar 2026 14:53:57 GMT\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nset-cookie: __cf_bm=4t5VApLi7cs4ciIUTW9oHIm108yjbdZRrMKMdRKacf0-1772117637.6501696-1.0.1.1-2xwliVNeDkMgdxwM1Ti9wvdQku6KMpcy7qiRtY8WMpfPwvHcnZaoESr3oj9LFqgZsEcgHuFNqFBZxaYgodsNtIG4l9D7Kpn5.e8NvSaIIflmS_LdvgteD9EDkxXflyBF; HttpOnly; Secure; Path=/; Domain=galabet1052.com; Expires=Thu, 26 Feb 2026 15:23:57 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=06GuAXeJh38HLUlLhyiJhPhvBHWRdEG0Mjax9UgCZ3iuL6bVEKETciN6xXp0Yt52Ewmrx7FcZA%2BqjRzAjx8SCOgD1pPjRr58VxPUd3F1FMUhQkBBlw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d4046634ffd35a6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":30648,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"7e44c769c8b50867b3c5a5f351efe25c","sha1":"13946ee2cd8c9ff6b74ce804ffc950b06d3b096e","sha256":"ba8112aeb4f696d5320c61972a04ed6a623bcab169a49bf3e4c15309c1b8e013","sha512":"26c9ce08f0b8b8059777d5dd806b09613006bc84cedc0ff3ee4b8c01e3e1b07f3a5e06a698ba2674a46128901ae5dfff43ba656124bb8a6ce9b135d6008fb378","ssdeep":"768:wj3t8z10BKltBMdANvhvUsEDcb4f92KK4cduloRN1YfSh2+:wjY10oVymvU9Dcb4fkN1Yfy2+","tlshash":"0dd2f1f45e14f4d273822d3b6783643b64a7c0ff2e9b5db1279a007d9e36859540e28e","first_seen":"2025-12-24T22:39:16.17862Z","last_seen":"2026-06-03T04:20:31.99561Z","times_seen":58,"resource_available":false,"data":null}},"time_used":140,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":100,"receive":40,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/assets/images/default-profile.svg","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:58.482Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 06 Jan 2026 07:50:57 GMT","end":"Mon, 06 Apr 2026 08:50:49 GMT"},"fingerprint":{"sha1":"76:A2:1D:87:6A:02:2B:AE:59:CF:63:88:47:0B:0E:A0:A4:71:2D:D7","sha256":"9E:00:F3:80:45:CF:47:97:9A:BA:39:F6:38:6F:52:DD:E7:5F:D6:9B:7E:89:F7:9D:B0:BD:98:6F:1F:45:64:2A"}}},"request":{"raw":"GET /_s/v4/assets/images/default-profile.svg HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:58 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Sat, 22 May 2021 07:25:18 GMT\r\netag: W/\"eacd4642ddb798db835cf8f285bbbb19\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\nage: 16672\r\nvary: accept-encoding\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nx-content-type-options: nosniff\r\ncf-ray: 9d4046687fb9e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4153,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"eacd4642ddb798db835cf8f285bbbb19","sha1":"a2a781dfa78e4c6dfc46dce8c4ba794153769dcd","sha256":"d30ef5a13391aefdea0738a1e15d88c19e986f865409f9457e5c7d8468e15817","sha512":"7a0c8d76e514600948e2476762204bd1623e80557935953b2030e089a9a261172e2118d4b8c772f1f0f48930ec0370de302f1a110d453289f8e253c01cdb290d","ssdeep":"96:669HR7ixPzTDJs19oeU0vEbPo2U0vEZv8JLJA5tBLJyl5a:BR7g3DJsfzUdPFUzkp6PReo","tlshash":"93813068c358e3799dd287fcef7aa4f0a0aa50ced1f783544168865032a29dcf34e8d5","first_seen":"2023-05-02T11:30:58Z","last_seen":"2026-06-04T21:03:57.742303Z","times_seen":537,"resource_available":false,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/__config.js?v=1772117448018","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:53.623Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /__config.js?v=1772117448018 HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:53 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\npriority: u=2,i=?0\r\nx-powered-by: Express\r\ncache-control: no-cache, no-store\r\netag: W/\"169-x2mpUKtIHtZCiLq2+Zi7uuHVLMQ\"\r\ncontent-encoding: br\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=m1qZgxymlzT7YpnqyPr3vN29ez6EIff%2FQcMWnStw%2B7XSRx0sZT4nThtiQQeRnC2C5Y1VlgeW3a%2FW%2BB6CDCAeY3TACLHDdsg71%2FVAgKxlhCkC\"}]}\r\ncf-ray: 9d40464a2f1be0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":361,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text","md5":"2e7261456f5abea81d7523bd45bf9c08","sha1":"c769a950ab481ed64288bab6f998bbbae1d52cc4","sha256":"5128a0dec3d3e8442b757502e33a2adc2225b1cb5e29887fca5ddc391e6b4830","sha512":"c548c96bdea284ab95c4229dcffdc54677f58cd80542f91eeeeff524dc54aef0d45c34275a89612918895cf6a5c559f23c262c2d243ec388503615af2248512c","ssdeep":"","tlshash":"58e06820ed50087203256426541a1603391ac1cf0a0dbd0632e0186c9f8527f8db39ba","first_seen":"2026-01-26T08:13:17.653624Z","last_seen":"2026-04-26T13:53:22.515958Z","times_seen":26,"resource_available":true,"data":null}},"time_used":108,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":108,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/___vite-browser-external_commonjs-proxy-A4ecGj_W.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.227Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/___vite-browser-external_commonjs-proxy-A4ecGj_W.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m-galabet1123.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=4,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"b2-QM+wmhU62+2MgqFzZ/0RSwzshfU\"\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=aJtrxW5cmtEsIfkdTf6aRSiIGP%2FlYOubliPbqZIn1QliLs2c3uayX92OSM2lSkU1g2BXGWrUWJ9XD6jYsfUhalD9ny5Uy0ucoSWN%2BsaUGHw1\"}]}\r\ncf-ray: 9d40465429e6e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":178,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text","md5":"b0079630f69a9e2cdbe4b40abd97bff7","sha1":"40cfb09a153adbed8c82a17367fd114b0cec85f5","sha256":"63d661545d56e99771af0791fb8d64df0442fa66bf15c3cd130a4b9554809a5b","sha512":"df1a0c04bb298ac8e6b2bbe3f4b791a1d97597cebd1dfe507bebb9c6024dc97086dc2dc32eb2eb4add9184364d7c1ab3ba24eb3a6024a0c522b3963e0735fe78","ssdeep":"","tlshash":"63c080451a54ecb052871d828a159402d94c8d6d73f4f9d1bb4d8d55060258b627cf57","first_seen":"2026-02-24T14:23:50.964464Z","last_seen":"2026-02-26T17:03:57.910946Z","times_seen":4,"resource_available":true,"data":null}},"time_used":112,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":112,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1052.com/svg/live.json","fqdn":"icons.galabet1052.com","domain":"galabet1052.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.708Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1052.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:14:03 GMT","end":"Sun, 24 May 2026 11:13:59 GMT"},"fingerprint":{"sha1":"3B:14:63:FD:4D:69:AD:3E:AE:90:AC:62:75:5F:1C:3B:40:70:81:66","sha256":"67:D1:79:82:FD:52:DC:63:91:45:A6:57:3E:F7:D3:BE:95:EE:80:07:4E:A0:E0:43:F1:1C:9D:1B:E1:2E:48:79"}}},"request":{"raw":"GET /svg/live.json HTTP/1.1\r\nHost: icons.galabet1052.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m-galabet1123.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nlast-modified: Mon, 30 Jun 2025 11:11:19 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=gEEodWyRikeBdarpm3GPtWT_aYiHSWZzo.l9SCKI0.w-1772117635.7899632-1.0.1.1-StO6kNsINd4Av33HNTmaisKWYc.T9OFW2tnfOccoQx5HQYwMwrXMRO7_ONkurtrbyAZD.pQu7hQbnx3KTeB3Dyhpaf2ra1XlNMYxwUA0qmoELow1fZhIhyoWSnDqQFmg; HttpOnly; Secure; Path=/; Domain=galabet1052.com; Expires=Thu, 26 Feb 2026 15:23:55 GMT\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NJw6EziS%2FUYWyGhZhaL5iJnd6HkZnXP19tNU2%2B781si%2By%2FfKPqXU9qIocUnNNHiB1ktX%2FHOp3ib4M0A5x%2FiuF8ho%2F8ZJikX50enl%2Ba4AmT0JX0L%2Bhw%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\netag: W/\"686270d7-223\"\r\ncontent-encoding: br\r\ncf-ray: 9d404657aa814c11-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":547,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"177a1ecefa857471d64fb388cf5125d1","sha1":"726ab602ef7c82c9db251ac2a8dbdd142a28cedd","sha256":"e9bbd35f8b3d2bd962d3811c39e4cf82d2448f40576bf0e2fc495f5231b2cd1b","sha512":"b17c2fbeb47ae4e82b2e4b65e0874d54bfe07636406d4d56c25df1af1ee331f298538b63766cb21fa96cad217f86c61c2a1a3baee117ceb992c194d80ee87513","ssdeep":"","tlshash":"10f0e9e8e0b48a583948712c1b1c28952e3b32330dd18a39306be32e1f1254673cb659","first_seen":"2025-07-08T10:50:27.692829Z","last_seen":"2026-06-08T11:36:24.458862Z","times_seen":1692,"resource_available":false,"data":null}},"time_used":270,"timings":{"blocked":78,"dns":29,"connect":1,"send":0,"wait":101,"receive":0,"ssl":54},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/withPanelButton-h06qeZmb.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.820Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/withPanelButton-h06qeZmb.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m-galabet1123.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=4,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"441-LWBOtd77nT3oKQgrlf/bFPUt0tI\"\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=BkieyUu2bAhRoiKVgjwr%2BvaNnckJyFGwMJ5CAEBzC89JMKrXL6208Vn0028ePFFM3LWkCqFNg8ztwuO00rKEBO0WOLaWVJ5i2rvljJBnPvP9\"}]}\r\ncf-ray: 9d404657baf4e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":1089,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (1088)","md5":"dc9a073bc116168bb1ccb3db6362b167","sha1":"2d604eb5defb9d3de829082b95ffdb14f52dd2d2","sha256":"b2a956b6195a69a32dceb99f54f6ed7835b54ec4a5c855ca7bdedd26536e97b1","sha512":"05c7a6f302c209e94029ef151d80b3ee05d9d20e6398ec5a3515584fe9bdab6cc7a305803e23110d3233ef57f2925ace9d82d67f74be4b530563b2f9a809fa8b","ssdeep":"","tlshash":"5311fce5f584a9b2e0c41188577b2cb6759a32c9dce114d031b6c8ea5fa80489a1e9ae","first_seen":"2026-02-24T14:23:50.979064Z","last_seen":"2026-02-26T17:03:57.873198Z","times_seen":4,"resource_available":true,"data":null}},"time_used":107,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":107,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/LiveChatInc-OVRSkU-M.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.877Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/LiveChatInc-OVRSkU-M.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/assets/index-Dm17uEDJ.js\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=1772117635494; twk_idm_key=1j_Pbe3wZINlDTDhzscRH\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=3,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"b68-u9zW9EjILAcuyKhar5S8lTW2WtU\"\r\nage: 0\r\ncontent-encoding: br\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MbGFPQwI1mARxToDEiOH9XMPvJ9x%2FD9U0qnmpXKX%2FZYwE3NYENTkYLg4nVU8kjmrcbmc%2BVhpUB9Opvs8RGaoUVAoluqpdxPLXIuXSMVjWanj\"}]}\r\ncf-ray: 9d404657eb2de0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":2920,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (2919)","md5":"386e892ab3803bf0ef0d5646d2308a0e","sha1":"bbdcd6f448c82c072ec8a85aaf94bc9535b65ad5","sha256":"e552579fd260888f85f2e29cd20c8c273cc94ffca451e80d79fce5f624465b54","sha512":"ffe631aa185f8a9db4a51fccbccee3cf40be2ffa228698cefb5d720f76cd3046f3858f6495c556212e84cc1454ec249017eb94c7a452a72f67f7e6bacbe635fe","ssdeep":"","tlshash":"975134dec43cb8b092aa67d1323f7b5f711a571ad4008d31656c4b0af61e4cbc467aca","first_seen":"2026-02-24T14:23:50.94711Z","last_seen":"2026-02-26T17:03:57.958513Z","times_seen":4,"resource_available":true,"data":null}},"time_used":91,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":91,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/PromotedProductsWidget-DSoPzSu9.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:56.404Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/PromotedProductsWidget-DSoPzSu9.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m-galabet1123.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:56 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=4,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"7a0-RzNYavmAQgZgwaYozgIKNiEGsW4\"\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2F8Plw7eqYqwHIGUrt3kQ2jU07TbSfZMnDRxWFH4jdmw1lnTGvSm9ThNLcgyFjWR8xHjuajQZpRtokKpcXHGwUdBFjyVZ9ozfyZla8cs3SNq5\"}]}\r\ncf-ray: 9d40465b4c60e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1952,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (1951)","md5":"d25f49c76bf72dfb92284c6c8f2dc43a","sha1":"4733586af980420660c1a628ce020a362106b16e","sha256":"2ac7c3f2e2427cdc73697125a1738aa01a5fe580bbef638ef5212dd8a5294adc","sha512":"d86d81adbadb6bf8b8413a53dd5a04b75efebeca14413a687d0bcff91e54809a670e26d12566633c3048257c0e7577073444220d4b0890e9ffbdf6464d43f84f","ssdeep":"","tlshash":"d2415443d535a2b9f23a5dec264210c43c167d34d5b148a5a0b7bd1e9039826fb92ffc","first_seen":"2026-02-24T14:23:50.993184Z","last_seen":"2026-02-26T17:03:57.830859Z","times_seen":4,"resource_available":true,"data":null}},"time_used":102,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":102,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/useNotificationsProvider-BxGEeL4T.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:56.407Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/useNotificationsProvider-BxGEeL4T.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m-galabet1123.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:56 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=4,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"5c-rUe/qyjmXYNkrRlPutI65eeaFt4\"\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9VFQ6Y2Q7M2dXc%2BLTlKLebPRXGArfEvDlfLu%2BYtcaG9rmeai0lm0DUi3K3jimmnk1lfYKa6YDIrwDZIu5mb%2FkpzmTnnyGXbVfLC0F9IEhOAi\"}]}\r\ncf-ray: 9d40465b4c67e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":92,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text","md5":"2d9d5bd0509144a8bc2d18c111af42af","sha1":"ad47bfab28e65d8364ad194fbad23ae5e79a16de","sha256":"2546dc615d6b471b0a8c83a0f9b156a345134b4484caf6574eb58c5954ba9100","sha512":"b5cde42dac7ae4b2a865530dfc69039ee3efe535764378d517e156747a03a735449ca23f15fe699894692ffcdeba8bd13ef0f84fb297d1605496ddb7f0a13144","ssdeep":"","tlshash":"c3b01213884013f061010cdc11149c294f31483c3381cbb05034811c11e80858b0e901","first_seen":"2026-02-24T14:23:51.043147Z","last_seen":"2026-02-26T17:03:57.849061Z","times_seen":4,"resource_available":true,"data":null}},"time_used":115,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":115,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/jackpot-jNbP6Duk.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:56.750Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/jackpot-jNbP6Duk.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/assets/JackpotPoolsWidgetContainer-CG5gkeJb.js\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=0; twk_idm_key=1j_Pbe3wZINlDTDhzscRH; twk_uuid_69345a05c4e6ba197aefa96c=%7B%22uuid%22%3A%221.92R1qCgyJWowz2iTiEpRwBM0xZehlrdmh8bxgIdk3R7rbioXvAdL6Ij0M1frbRAs6Dh30m1oA1FRvNd3M7KvvDyVS879Xvfp17FFvDm7hE25401h5GP6zS56Sncq%22%2C%22version%22%3A3%2C%22domain%22%3A%22m-galabet1123.com%22%2C%22ts%22%3A1772117636060%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:56 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=3,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"178-HTAHDn0O0IONuuIsgcQUMPs9DUU\"\r\nage: 0\r\ncontent-encoding: br\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=r9ar7iTfJiXKxhQXdufabL59Vxqp2PpGZyH13%2Fdzj7wpjOEZfoaTv7WjojeAF6%2B4Dl%2BbDhpyM1cuTM66JvyKgz%2BUg6NjmFKHw6ifR1mU1r6K\"}]}\r\ncf-ray: 9d40465d7d45e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":376,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (375)","md5":"c4e89512f1192d8bdeb452c2cce992bc","sha1":"1d30070e7d0ed0838dbae22c81c41430fb3d0d45","sha256":"4a7f2a8747580d38cb522b361b5cc73a8ebcdb6690f3f8d92d7dded5be8a36fd","sha512":"b548c62816c00d3df156b43a8e608d5d7de55931f121ecfda4e7296e5cd65208ffaf60871ba3b035cd43b5e2aae82b0965329a8c9b5a0821de5a23fbdbc12626","ssdeep":"","tlshash":"00e068eed8c08dfb967007552bb018840e2416ca101ec9e4be2672611800b8828f8239","first_seen":"2026-02-24T14:23:51.255604Z","last_seen":"2026-06-07T06:35:51.65736Z","times_seen":99,"resource_available":true,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/useOpenLiveChat-DW9DTPvg.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.859Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/useOpenLiveChat-DW9DTPvg.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m-galabet1123.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=4,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"247-rmFrwy1jZK2IkzLjPuIguAtMyFQ\"\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fP60d4SgsA%2FKcS9X9nVmC6KpiO9rR9OWzAHQjya36ak5Io3%2BT2wWYsms%2F89lgK0ZVD4uTjmAyH8WcI1nqn10DUROmiyjywjeCe4n60o01QdB\"}]}\r\ncf-ray: 9d404657db17e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":583,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (582)","md5":"e9ab582a29b68015b7e4ddf4398ef218","sha1":"ae616bc32d6364ad889332e33ee220b80b4cc854","sha256":"0f2ee7cc918524f36e5698ff96bf1d9a671b9cef7dbebc73cd1434e9e8cbd7cd","sha512":"ea403228177e00db134af06a47eced70c0a176ba505a98d37d158056b49443531257168c5aaff6e57543baad9cad1e990f2a9c29188801d9bae9ac5eaff1b3de","ssdeep":"","tlshash":"57f041da86804fbc81c0cec1405be5f45b2c0ae4700dc480a43fac985824c00467ac53","first_seen":"2026-02-24T14:23:51.066851Z","last_seen":"2026-02-26T17:03:57.79217Z","times_seen":4,"resource_available":true,"data":null}},"time_used":117,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":117,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/SmartMarketEvent-CIsZCpQX.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:56.859Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/SmartMarketEvent-CIsZCpQX.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/assets/FeaturedGames-CmnWY5V8.js\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=0; twk_idm_key=1j_Pbe3wZINlDTDhzscRH; twk_uuid_69345a05c4e6ba197aefa96c=%7B%22uuid%22%3A%221.92R1qCgyJWowz2iTiEpRwBM0xZehlrdmh8bxgIdk3R7rbioXvAdL6Ij0M1frbRAs6Dh30m1oA1FRvNd3M7KvvDyVS879Xvfp17FFvDm7hE25401h5GP6zS56Sncq%22%2C%22version%22%3A3%2C%22domain%22%3A%22m-galabet1123.com%22%2C%22ts%22%3A1772117636060%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:56 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=3,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"323-72zIQ/YxcmEEcwD4YQB/NBtjDF8\"\r\nage: 0\r\ncontent-encoding: br\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qKbfksqpTd2JTMBJX1Zn0WdbDDDevvWtZQOybYi6s2b0vj80V4uaydONUNvKfuRnyWKZCfwkkR3IMlElqHhYjromGgf%2BMWo4m6DbvUUFp%2F%2Fn\"}]}\r\ncf-ray: 9d40465e4d72e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":803,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (802)","md5":"f3521a316d53fa50c2e0381363feea63","sha1":"ef6cc843f6317261047300f861007f341b630c5f","sha256":"9a19b1d16ffc3ae168cc81796555a5a30f33875120447d64b6e5bf0d1f1cc0ea","sha512":"cddae7eec47f003557983c216afce6b7c676027eaff33b7433724e29a41398528363ed9be78486b068174c44719c49ed394238ddd2e816b53e04addce34c096b","ssdeep":"","tlshash":"3401d0a6e85172720072ccbcd2109b43961812d3cb710255dddf8aba7bfc86e939df19","first_seen":"2026-02-24T14:23:51.208759Z","last_seen":"2026-02-26T17:03:57.767639Z","times_seen":4,"resource_available":true,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1052.com/storage/medias/galabet10/content_751_1da498fdc42586f4951ac17d7f37ac22.webp","fqdn":"icons.galabet1052.com","domain":"galabet1052.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:57.685Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1052.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:14:03 GMT","end":"Sun, 24 May 2026 11:13:59 GMT"},"fingerprint":{"sha1":"3B:14:63:FD:4D:69:AD:3E:AE:90:AC:62:75:5F:1C:3B:40:70:81:66","sha256":"67:D1:79:82:FD:52:DC:63:91:45:A6:57:3E:F7:D3:BE:95:EE:80:07:4E:A0:E0:43:F1:1C:9D:1B:E1:2E:48:79"}}},"request":{"raw":"GET /storage/medias/galabet10/content_751_1da498fdc42586f4951ac17d7f37ac22.webp HTTP/1.1\r\nHost: icons.galabet1052.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:57 GMT\r\ncontent-type: image/webp\r\ncontent-length: 33990\r\nserver: cloudflare\r\nlast-modified: Wed, 17 Dec 2025 11:17:11 GMT\r\npriority: u=4,i=?0\r\netag: \"69429137-84c6\"\r\nexpires: Thu, 05 Mar 2026 14:53:57 GMT\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nset-cookie: __cf_bm=uaozumsmdKPPAQshuvXhAeN6f5S7UOU1FXx.wiIaGRY-1772117637.6754303-1.0.1.1-r8qiu7jBZGyHmiamBM5jPvZ3o8GjTaEWnzGOXHbvORDULwyDDd4.5T8ZgC7DUylZt37HmWjtlU0il0V62KHqN03KfQJ1KOQ6eBjI6MNjz5jpHJFs1VhCYJ2SVdqNTBUP; HttpOnly; Secure; Path=/; Domain=galabet1052.com; Expires=Thu, 26 Feb 2026 15:23:57 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gzE1dSpFddib0iS%2Bsgo6FfrNvzKVFXaWl2yC2G60W8nv4sI%2FLXgJGCBXNrOEAU%2BhEPqbaqEcA5%2FzBUZ%2B3n53OIPGcpqEiNVMXMIstsQn5E1W8iAe5Q%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d40466378e135a6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":33990,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"d56d2398c08343d9952cf54a2a7c677b","sha1":"3a413ecdabafa2928ebb8d3fba0e1c35c7fd0999","sha256":"99567ef402f8006b0b83959ff9d76e89b907d548a51d771d04c5570b431b11b0","sha512":"fc03c48b3202a3e3f975a49f54bf2b05a3a19895581812a1fa51e20b4af4aecf0840a04041ab8ca1c065098e9c9552e7fcb5e76da460662b6c5c726028d70fea","ssdeep":"768:LihWEwcrCPjUS9evbbemPNwF0O+gnVgaDwz0aix8jktQWF881Z:mhWEwcrCcPRPNwF0OfVDDwz0atj2Q0Z","tlshash":"fce2f157951b4f7b58588cf2aa088a813d0986d03ca19beadf18ac3ff21e577f309464","first_seen":"2025-12-24T22:39:16.197206Z","last_seen":"2026-06-03T04:20:32.009927Z","times_seen":27,"resource_available":false,"data":null}},"time_used":128,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":96,"receive":32,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"crm-lib.fasttrack-solutions.com/lib/js/fasttrack-crm-app.js?v=caaa61a","fqdn":"crm-lib.fasttrack-solutions.com","domain":"fasttrack-solutions.com","tld":"com"},"ip":{"addr":"172.67.73.148","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:57.804Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fasttrack-solutions.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 25 Jan 2026 02:49:52 GMT","end":"Sat, 25 Apr 2026 03:49:32 GMT"},"fingerprint":{"sha1":"AC:2D:A6:7A:37:80:2E:24:CB:68:71:7C:86:FC:30:1E:1E:D5:AC:5F","sha256":"BD:5F:72:18:CF:A9:84:64:5F:E2:CB:09:75:97:03:8D:AC:00:57:4C:64:66:E8:35:8B:BE:B8:14:A0:84:32:AF"}}},"request":{"raw":"GET /lib/js/fasttrack-crm-app.js?v=caaa61a HTTP/1.1\r\nHost: crm-lib.fasttrack-solutions.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m-galabet1123.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:57 GMT\r\ncontent-type: text/javascript\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET\r\naccess-control-expose-headers: ETag\r\naccess-control-max-age: 3000\r\nlast-modified: Wed, 11 Feb 2026 13:55:46 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: jD3YWZG5NtFt4BcajB7OMpiBQ.UUxxmD\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RzqAO4VxFnFcT0pzeUYz0LrsFekY1I%2FuIS2Itar8CVAMAKynrbDzVwPBrLrQM5tx7WP4Xiqj2tUsTfoK6L3mpuaZBKJFYo997yGksgTxuuSLz6yVBtT0it3ncrskGg%3D%3D\"}]}\r\nserver: cloudflare\r\nvary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 4ded1750dc7e0bef188a5520fb9fef28.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P1\r\nx-amz-cf-id: -hV8Wv2wgF17EngOtyyibVTgTospDx3hL8ITh2OrMFPEstlcfpaJ2A==\r\ncache-control: max-age=31536000\r\ncf-cache-status: REVALIDATED\r\netag: W/\"c2b96460440b1358a43a511913fcc46a\"\r\ncontent-encoding: br\r\ncf-ray: 9d4046644b3f1ecb-ARN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":75107,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"c2b96460440b1358a43a511913fcc46a","sha1":"815bc669e0c05413dd3618b44e995de5200098b8","sha256":"6a86bcf9466e23eb5dd702ffae4b53f730cde0c3a160ccfff8afca7169cd7c98","sha512":"64c88dfbdb85e2b328f8e690a4829accddbc943dfe479a4210ddf28c872f5fccedd46f23c525e2653f27d6e3d24aefaac7d9500f8027c0f08ab2be0abbe58d13","ssdeep":"768:HQzjpSkGROiRfEu8T3eSwKo2hWN0Kh4yPaw6ANGp2u+A47WFfVVoO4kC:wHpSbROiVJ88hawKV+A47OVo2C","tlshash":"4773b88db1d2badd4de32021535b3604f23b1974542bd484f7acedd52a28b0be227b6d","first_seen":"2026-02-12T21:09:52.719393Z","last_seen":"2026-04-14T09:08:05.884309Z","times_seen":63,"resource_available":true,"data":null}},"time_used":60,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":60,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statistics.btcoservice27.com/images/e/s/0/450.png","fqdn":"statistics.btcoservice27.com","domain":"btcoservice27.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:58.026Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"btcoservice27.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 09:41:42 GMT","end":"Sun, 26 Apr 2026 10:41:35 GMT"},"fingerprint":{"sha1":"81:21:C1:62:6C:B3:8C:D6:3B:78:1C:03:98:EB:E4:B5:0B:08:13:4C","sha256":"86:BF:9F:A3:FE:30:F5:BD:7B:AD:63:3C:D7:11:72:E8:91:A7:06:23:A8:B5:1E:96:CD:28:18:3E:4C:48:4C:86"}}},"request":{"raw":"GET /images/e/s/0/450.png HTTP/1.1\r\nHost: statistics.btcoservice27.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:58 GMT\r\ncontent-type: image/png\r\ncontent-length: 1537\r\nserver: cloudflare\r\nlast-modified: Tue, 17 Sep 2019 06:26:22 GMT\r\netag: \"ff29cbd2206dd51:0\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\nx-powered-by: ASP.NET\r\nexpires: Fri, 27 Mar 2026 14:11:25 GMT\r\ncache-control: max-age=2592000\r\npragma: public\r\nx-cache: MISS\r\naccept-ranges: bytes\r\nage: 88952\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nset-cookie: __cf_bm=f_5SKVEpdFRsZj83g9W7Y7DypFdRrpqGmw7xpHwGwvA-1772117638.0177028-1.0.1.1-3EIiKeRsL6FgHURm_OBQevYTlmmAalXyPqrtZP4wPrWfIiQFtt_Ew4bN.N_Mu2Bopz8sr2ZcICTmw8Vf6GF1iJlV2K3uNzOxtwTHIBmYfeYBG888xumyZVejbYO9j9Mg; HttpOnly; Secure; Path=/; Domain=btcoservice27.com; Expires=Thu, 26 Feb 2026 15:23:58 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Ean1r2ux5JwJcKjzdgkUtCEZ5T1eYEmiT%2FUIAr49ptQMev%2FmoifmphXfvOKMKGyuLITUg9JlzOYeNXDUeAuQR4Te4gCKepEs3sXqCPxasPL%2B6vt16LnP6oPWKjM%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d40466599fb4c11-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]}],"data":{"size":1537,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced","md5":"c621e52d6b711ec345a8eaccf9912212","sha1":"5cdd33fa5427446f27ae2d5d99de4ed458f4ffbe","sha256":"0181a3b87cffe7f19d7eceefd667a310ee356a09f39d0fb9aee47c228ac636cf","sha512":"8c3cbad9100e6b7131f61eb01f25e1c04f46708174e93c0cdf338f71645db838366a6d79d5840f5ef3807384743ac13d3a7bac0fe9b7502c7cca0e3be504c740","ssdeep":"","tlshash":"ec31e7b47781822dccef10a195de2254c4a1a0eabce03fae1f10822012658c93f75ba6","first_seen":"2023-09-23T15:54:58Z","last_seen":"2026-05-16T13:14:11.637502Z","times_seen":172,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statistics.btcoservice27.com/images/e/s/0/388.png","fqdn":"statistics.btcoservice27.com","domain":"btcoservice27.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:58.080Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"btcoservice27.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 09:41:42 GMT","end":"Sun, 26 Apr 2026 10:41:35 GMT"},"fingerprint":{"sha1":"81:21:C1:62:6C:B3:8C:D6:3B:78:1C:03:98:EB:E4:B5:0B:08:13:4C","sha256":"86:BF:9F:A3:FE:30:F5:BD:7B:AD:63:3C:D7:11:72:E8:91:A7:06:23:A8:B5:1E:96:CD:28:18:3E:4C:48:4C:86"}}},"request":{"raw":"GET /images/e/s/0/388.png HTTP/1.1\r\nHost: statistics.btcoservice27.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T13:34:10.574604Z","times_seen":16240797,"resource_available":true,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statistics.btcoservice27.com/images/e/s/1/2659.png","fqdn":"statistics.btcoservice27.com","domain":"btcoservice27.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:58.091Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"btcoservice27.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 09:41:42 GMT","end":"Sun, 26 Apr 2026 10:41:35 GMT"},"fingerprint":{"sha1":"81:21:C1:62:6C:B3:8C:D6:3B:78:1C:03:98:EB:E4:B5:0B:08:13:4C","sha256":"86:BF:9F:A3:FE:30:F5:BD:7B:AD:63:3C:D7:11:72:E8:91:A7:06:23:A8:B5:1E:96:CD:28:18:3E:4C:48:4C:86"}}},"request":{"raw":"GET /images/e/s/1/2659.png HTTP/1.1\r\nHost: statistics.btcoservice27.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T13:34:10.574604Z","times_seen":16240797,"resource_available":true,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/__inject.js?v=1772117448018","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:53.625Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /__inject.js?v=1772117448018 HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:53 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\npriority: u=2,i=?0\r\nx-powered-by: Express\r\ncache-control: no-cache, no-store\r\netag: W/\"119e5-uTAcT3+qzeJ3/+PTxl4IWpEjC6E\"\r\ncontent-encoding: br\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RlAFlsKQ3SG32wRtnuJ7ZMCmx2ohYQx1gTV6ZcnFxIJKFLa%2B8xEnHCv7puOREyHd%2FSeS1sYDx5m6BpDvgAbBE3okia0RFJ%2B5tTt3rsw5I%2Fpy\"}]}\r\ncf-ray: 9d40464a2f1ce0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":72165,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"1340220c02aa62dab157d1571e682c87","sha1":"c5a3e1e847953c9b1f0525466708564e74a4b0a4","sha256":"8cf463fc8ee61935dcb5fb7b66db46f80bd78c4a310fb9ef762b6f7cb1196823","sha512":"371afb6cb43d82b1529e1b3ed616a8a338dfe3976a5381a69146229c0bd902c99fa763ccba30bce97a7748f3eb71ac7efeda9f6bbadbba535bfe6e543f7a7a3d","ssdeep":"1536:oQMg8n9FTFcFuFDruVnkQCwGvPKwriA0xA:oWvl+","tlshash":"316396487ef262b2577ba2ae2787b240753240031006ee517fec47246fc6a6dc576bde","first_seen":"2026-02-26T14:54:53.85247Z","last_seen":"2026-02-26T17:03:57.890663Z","times_seen":2,"resource_available":true,"data":null}},"time_used":175,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":117,"receive":58,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/index-yvd_ZnLz.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.523Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/index-yvd_ZnLz.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/assets/index-B7VgD98L.js\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=1772117635494; twk_idm_key=1j_Pbe3wZINlDTDhzscRH\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=3,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"26774-4VQ3rXaF5h+HKJ0UpMi2xQnnN+Y\"\r\nage: 0\r\ncontent-encoding: br\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vzsbzS3Ip1BuNjS47Yde4qg55wrOBPYEMXlF3LFso8Jcvo7jcYwTtF03HDUNFe8EtJNvQPWr78vQcb%2FWwK%2B12wGld08h6UVI1xq9D60f4TBc\"}]}\r\ncf-ray: 9d4046560a85e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":157556,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"1fba2e1c245c140f4c56b555946eb95d","sha1":"e15437ad7685e61f87289d14a4c8b6c509e737e6","sha256":"e2fc3b5224d0d5e9cf9b6055ec32b340db14dac24312e4652c31eea4484784f8","sha512":"1c97606c460c23d83456ecc27d5ea0e862e10ca933a194daefa3f4c75c665b128639821faccceed7bcec42921a1ec987579acd0f0894019b9ec4dcba59eba281","ssdeep":"3072:m1waIFmmU4Hxsu9jbgkqJFHSWotoOwhWBx9/F1FV:MwhFHU4HNwFH7MoOWexZFHV","tlshash":"bff34ce063b4e17db603836e97e605e0e21cb444f729c0f4b6ed87f540c3599deaa629","first_seen":"2026-02-24T14:23:51.093868Z","last_seen":"2026-02-26T17:03:57.73553Z","times_seen":4,"resource_available":true,"data":null}},"time_used":188,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":104,"receive":84,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/DepositCountTracking-De1I4Mce.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.875Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/DepositCountTracking-De1I4Mce.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/assets/index-Dm17uEDJ.js\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=1772117635494; twk_idm_key=1j_Pbe3wZINlDTDhzscRH\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=3,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"285-1SQwAyYPW8GxXr0iZep8jn2Uz9o\"\r\nage: 0\r\ncontent-encoding: br\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wi4wKI%2BsrWCZxoRtH7y5tovXdpmAO%2Fz08Xou341%2FT8yUL5eK%2B1GJ3%2Bvb1JRLhyh3en4n5QYmUojeMNxpdA2cmbpS9QxtVYbkqqmP%2BDNl4TRr\"}]}\r\ncf-ray: 9d404657eb29e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":645,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (644)","md5":"2045707223a5f38768732a2b5bbd3ba2","sha1":"d5243003260f5bc1b15ebd2265ea7c8e7d94cfda","sha256":"7c77670e6513887e7a5d0931da2f6cd0c40820dc4f6a04f9dbc342ffbb83901f","sha512":"4369d6ce9fb4b1abb3b82c1679590f2293e7953da296dc18c75043818c4245e43e04df6f825843431822700cc874e547399839227d5630bffebe1da8bb36e106","ssdeep":"","tlshash":"6ff0dd576878e2f58a892a8472c6a8a367f0a55cb956c8c381bd8d4a0208002e4dcd1b","first_seen":"2026-02-24T14:23:51.429292Z","last_seen":"2026-02-26T17:03:57.814227Z","times_seen":4,"resource_available":true,"data":null}},"time_used":100,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":100,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/useJackpot-DIZu1EfL.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:56.400Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/useJackpot-DIZu1EfL.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m-galabet1123.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:56 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=4,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"529-bFoXraFaLuEIo1H06Ma3rbmpYPg\"\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KpfzEbQrI2aQ7RJk9w44%2F57Xi1DiSo5AUw85jMWg25swHL%2B32XBs3p1UGMg3VggHDv309SJVB5WfLEmaruvmC84Cscs%2FxV1I3hRN5it19bms\"}]}\r\ncf-ray: 9d40465b4c5ce0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":1321,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (1320)","md5":"f51e23fa741958fcc0acdce4b55fa46c","sha1":"6c5a17ada15a2ee108a351f4e8c6b7adb9a960f8","sha256":"7f255dbd2ebc95805077d7472e6cd99de2b6a488a4b6de2e3a50d6fa20a29d52","sha512":"2208a19286c5e3159732a8e30c75655fbd4bbd9fbaca53ea603e91996901533b4fefb57d23a5e7a859edacce3dfb03b856226dbdf2ac6d159600f466a254d577","ssdeep":"","tlshash":"8621264e5049e2f8f48988f20022537b7b3c3f29b590e0b094ed5d6da269d96fa30a46","first_seen":"2026-02-24T14:23:50.971725Z","last_seen":"2026-02-26T17:03:57.940737Z","times_seen":4,"resource_available":true,"data":null}},"time_used":101,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":101,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69967ba6a3b/js/twk-chunk-2d0c8092.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:56.421Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 06 Jan 2026 07:50:57 GMT","end":"Mon, 06 Apr 2026 08:50:49 GMT"},"fingerprint":{"sha1":"76:A2:1D:87:6A:02:2B:AE:59:CF:63:88:47:0B:0E:A0:A4:71:2D:D7","sha256":"9E:00:F3:80:45:CF:47:97:9A:BA:39:F6:38:6F:52:DD:E7:5F:D6:9B:7E:89:F7:9D:B0:BD:98:6F:1F:45:64:2A"}}},"request":{"raw":"GET /_s/v4/app/69967ba6a3b/js/twk-chunk-2d0c8092.js HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:56 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 19 Feb 2026 02:56:35 GMT\r\netag: W/\"77424425bd755d02077922d40a96c207\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\nage: 16687\r\nvary: accept-encoding\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nx-content-type-options: nosniff\r\ncf-ray: 9d40465b5c7ce0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5261,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (5261), with no line terminators","md5":"77424425bd755d02077922d40a96c207","sha1":"9702eba70ac4506031d55a8c9cf6732a66853b2b","sha256":"1128f463d0038310bb65c71ee2bd50f52e40dd9dfc0489e127f3912a1aa728ce","sha512":"2ac723d6ab08dc1cf45141cc44966d9b0f01c892511f40148d785de61ac084e014799555bb3b574f6f8b78e9410df8c112fd437eafe0aa747babdc52b451d1a7","ssdeep":"96:zNC9Hqt7pEma7hY/rcKaJBPDRIv6hJQ7i16p3n4vkjvxQcsD:zKHhNYcLRIvgx43nVY","tlshash":"13b1859ef247b456c156225150ef3b1df33a281ca61ccdc8a66565f218784cba077b39","first_seen":"2026-02-19T03:13:10.646706Z","last_seen":"2026-04-15T01:21:42.571941Z","times_seen":8490,"resource_available":true,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1052.com/storage/medias/galabet10/content_751_fe9ce82a9594faeb677c9458656719b5.webp","fqdn":"icons.galabet1052.com","domain":"galabet1052.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:56.828Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1052.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:14:03 GMT","end":"Sun, 24 May 2026 11:13:59 GMT"},"fingerprint":{"sha1":"3B:14:63:FD:4D:69:AD:3E:AE:90:AC:62:75:5F:1C:3B:40:70:81:66","sha256":"67:D1:79:82:FD:52:DC:63:91:45:A6:57:3E:F7:D3:BE:95:EE:80:07:4E:A0:E0:43:F1:1C:9D:1B:E1:2E:48:79"}}},"request":{"raw":"GET /storage/medias/galabet10/content_751_fe9ce82a9594faeb677c9458656719b5.webp HTTP/1.1\r\nHost: icons.galabet1052.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:56 GMT\r\ncontent-type: image/webp\r\ncontent-length: 36170\r\nserver: cloudflare\r\nlast-modified: Fri, 20 Feb 2026 16:07:43 GMT\r\npriority: u=4,i=?0\r\netag: \"699886cf-8d4a\"\r\nexpires: Thu, 05 Mar 2026 14:53:56 GMT\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nset-cookie: __cf_bm=kFkaKeY1Bkv5CGg.kCK1K49GvEtba9Ye0LGuQnVurgo-1772117636.8147178-1.0.1.1-d.yT9SQFN7lRTHFtd2F.ND8Z8nr8phmIraBMEuquwUvBOp96lXeTSekoG9whGVgKK.7EUWjLSddU8Ib4MbemYLMTcLzpQnNxCzpKi2Dm425thQNZ5jLmGV.i2nL1H_lq; HttpOnly; Secure; Path=/; Domain=galabet1052.com; Expires=Thu, 26 Feb 2026 15:23:56 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IOn917Qw8e6O78AHtH4GAcvGmDtA2DmOtjsPN7RVdNCahQb8Z1AQ9EtUDiHTdpHaNelPPDYuqZ5vCFiSdngOXFhPuENdGemY50dxRgGtYsdfPxcMwA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d40465e1e7035a6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":36170,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1600x160, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"a83b05531898576aab1511504f06dab4","sha1":"372d24176c30f75b37d3cc07212f361906a58fb4","sha256":"f8397e3631fe3dbd5c2d5ead34b45887d38955afb4d7f6d3555000d34b29ab97","sha512":"19aa79e670b63c99cfccc79af5161a770c1d39c18199beaa6eae3ec8a05670d86820b24f34ca5b58ef8186c5b7943ef558c1cf2eb5f885e407fa6212b6a79ca6","ssdeep":"768:g22tJXYDhekvdp93zWQTEqHtx/xSxehsNzJAGo9uf:b23Kdn3zWQTEqHtOsazJAGowf","tlshash":"10f2f1f1d81baecc77a0c7558c350b1361a892295d2f45fc6efd0a5ac5d30682e362e7","first_seen":"2026-02-24T14:23:51.442647Z","last_seen":"2026-02-26T17:03:57.83982Z","times_seen":4,"resource_available":false,"data":null}},"time_used":92,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":56,"receive":36,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1052.com/svg/TvGames2.json","fqdn":"icons.galabet1052.com","domain":"galabet1052.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.730Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1052.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:14:03 GMT","end":"Sun, 24 May 2026 11:13:59 GMT"},"fingerprint":{"sha1":"3B:14:63:FD:4D:69:AD:3E:AE:90:AC:62:75:5F:1C:3B:40:70:81:66","sha256":"67:D1:79:82:FD:52:DC:63:91:45:A6:57:3E:F7:D3:BE:95:EE:80:07:4E:A0:E0:43:F1:1C:9D:1B:E1:2E:48:79"}}},"request":{"raw":"GET /svg/TvGames2.json HTTP/1.1\r\nHost: icons.galabet1052.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m-galabet1123.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nlast-modified: Thu, 03 Jul 2025 10:31:07 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=pHALU06g.rpMc0uJRnfzMM4UbFJQoq0Se8YBww4sogU-1772117635.7961507-1.0.1.1-O5EeMR9gYwYCxMFxFj6WeVGdFMY9DlJ0bOAeFCFBnlxWdD5ispH07zA_sE9DAb_udDEWwCjwQLk6xBotADi2hSkSCRfg5RqQrEnj39GfBDiKum.7nE4H0S4sqR6fDNHc; HttpOnly; Secure; Path=/; Domain=galabet1052.com; Expires=Thu, 26 Feb 2026 15:23:55 GMT\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=AEbCRiJdwLjwJ%2Ft2BU%2BuvFsqxEdiCfoAQa4xB8SzIB7wJRbxo6skfzc9SlLV3w0Ub9hmHljPguHTKnjXNFc9YdiCKsUmzzy%2Bxq5ADgoxZcHFYzJ5wQ%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\netag: W/\"68665beb-8dc\"\r\ncontent-encoding: br\r\ncf-ray: 9d404657babb4c11-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":2268,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"60d24e57914ca41e702277a9ce44e813","sha1":"bfb08c8dce26d91b1fdaa008ffdea07bc100e0c7","sha256":"144a8bd1616f38a95bc6e7f59283e462f358a2dcf79e10cd7bd256d49e6e4134","sha512":"43503c3df559cc8b5fab3dcd299f5dbfc8d5a6f9dbd458781c53a409d859ed730ffc24420d462b914b4ef96f1d63d9bb508ef733bad33edadc5a2d12b22e4eb5","ssdeep":"","tlshash":"7f4165f9efb091f46dd94fa9ef324cec750e68fd9f220a84812c861c66a3d94d644410","first_seen":"2025-10-09T13:22:28.980997Z","last_seen":"2026-06-06T21:30:11.472171Z","times_seen":73,"resource_available":false,"data":null}},"time_used":160,"timings":{"blocked":61,"dns":0,"connect":0,"send":0,"wait":99,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/__proxy-cms-api/api/public/v1/tur/partners/751/popups?type=per_page\u0026platform=0\u0026country=NO","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.756Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /__proxy-cms-api/api/public/v1/tur/partners/751/popups?type=per_page\u0026platform=0\u0026country=NO HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/tr/\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=1772117635494; twk_idm_key=1j_Pbe3wZINlDTDhzscRH\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: application/json; charset=utf-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wEYvGNYOONjW0HmAK8NOzCibv4FSyMt0Q4267OvzIb%2FUODwSCdGk1Qz18hh2AfYDG3qcjQEEa6IP%2F3zxCsnZhmvU7uhmA%2FCI1o96pe9R4nLL\"}]}\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS\r\naccess-control-allow-headers: X-Requested-With,Content-Type,Origin,Accept,Accept-Encoding,Accept-Response\r\nset-cookie: __cf_bm=KrBDizNm1DlJDxBBf.YkRmcumj1BHoqMpO6CdfVrup8-1772117635-1.0.1.1-YY_AesrQc89H78RxgiL4GLFJMj4OgHzsOZMkzOfMTjjK_X41wLGV986mPA6.gfv1IjaM2SFmnBQSjXcMi9TljW0hXiiBTQrZALb1VkYsQps; path=/; expires=Thu, 26-Feb-26 15:23:55 GMT; domain=.betcoapps.com; HttpOnly; Secure; SameSite=None\r\ncache-control: max-age=600\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncf-ray: 9d4046578ae3e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":49,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"0574eaff1e45adea018a5aa1e9177f41","sha1":"a1bb710af34c53bcfec01a4ab8773c2ae5877b28","sha256":"2eae6bca13b339eb6ecdf941c29ee842a5788b210f695a10907dccf0435bdc8c","sha512":"38b7154aca04a476a5f13f581f842c1f7c28a078381e6d1483e28c559b5742c48c423b193c7cad9d64ea2a4d2d7e8ab04637dfe4d27f71284d39fceeda34a263","ssdeep":"","tlshash":"569002011e059471b4022145412e9d4125b871125110402099dd57248b10121688382a","first_seen":"2023-06-07T21:20:12Z","last_seen":"2026-06-08T11:36:24.228224Z","times_seen":1912,"resource_available":false,"data":null}},"time_used":155,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":154,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/Odometer-BX62fBgg.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:56.399Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/Odometer-BX62fBgg.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m-galabet1123.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:56 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=4,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"3ccf-ipesN87ir5lKz7/J8s8U41JsfE4\"\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3XF11OPsMb4emMgQlLxX1t2rFnU4XHozHjy0ySXwHtfog%2FrtOqqupzq77iTU6G9cRla9iSu1Dn24lGHXSs68JroNYySJozvrsw0Dynk9JPJK\"}]}\r\ncf-ray: 9d40465b3c5be0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":15567,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (15566)","md5":"55a1a4b91300616965d78a3641eacb56","sha1":"8a97ac37cee2af994acfbfc9f2cf14e3526c7c4e","sha256":"ffaf29e279a90410cade3f3daa9ef47a21684c027c281f7d196cac20604a450e","sha512":"b61b1b1f088df62ff5ee4e38e7ab6b1820a320e3fc2c0c37415ff1d9bdfeafba35817b9b62cf4b731f95ddb43487dc610fc89c1ae16de536a04714d3062fe67b","ssdeep":"192:2FZd7KNJtQae0S09YJFF2UXxx3HjmHHXpkauLPHMBNeSYpkYxSBrC7TlzUgrPND:2cVQae099YJT3DmHHMPrFtUhGxrPx","tlshash":"de620a8a796272344393b1e015bb0609773f9d6a3808405db67caeda7e32c19d12bff5","first_seen":"2026-02-24T14:23:51.358719Z","last_seen":"2026-02-26T17:03:57.766878Z","times_seen":4,"resource_available":true,"data":null}},"time_used":131,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":108,"receive":23,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"explorer-api.walletconnect.com/w3m/v1/getWalletImage/a38db32b-8291-4d25-9aae-4bf4b6e6f300?projectId=45f4062f4f6427f9e6eab952d2452b3c\u0026sdkType=w3m\u0026sdkVersion=js-2.7.1","fqdn":"explorer-api.walletconnect.com","domain":"walletconnect.com","tld":"com"},"ip":{"addr":"172.66.147.126","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:57.104Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"walletconnect.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 05 Feb 2026 12:00:46 GMT","end":"Wed, 06 May 2026 13:00:31 GMT"},"fingerprint":{"sha1":"0B:75:F6:C4:1F:5C:D6:FA:A0:CD:3E:89:69:B2:43:70:98:34:EB:71","sha256":"A7:6F:DB:DB:DF:40:40:BC:E0:FA:21:6A:0A:3B:17:05:37:B7:17:6E:6E:BC:B2:89:3D:F4:E2:7C:EB:48:E6:5E"}}},"request":{"raw":"GET /w3m/v1/getWalletImage/a38db32b-8291-4d25-9aae-4bf4b6e6f300?projectId=45f4062f4f6427f9e6eab952d2452b3c\u0026sdkType=w3m\u0026sdkVersion=js-2.7.1 HTTP/1.1\r\nHost: explorer-api.walletconnect.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m-galabet1123.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:57 GMT\r\ncontent-type: image/webp\r\ncontent-length: 2444\r\ncf-ray: 9d40465fec638a18-ARN\r\ncf-cache-status: HIT\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=86400\r\netag: \"cfEskOIKWizVhJrvVnrMlrV9p-fmDcyauXnchu_YTSDQ\"\r\nserver: cloudflare\r\nvary: Accept\r\nx-wc-r2-status: HIT\r\ncf-bgj: imgq:86,h2pri\r\ncf-images: internal=ok/- q=0 n=19+0 c=6+17 v=2023.9.8 l=2444\r\ncontent-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'\r\nx-content-type-options: nosniff\r\nx-robots-tag: noindex\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2444,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 120x120, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"4b44902a539b26f42ca501a8fc2eca9a","sha1":"c9156f826c8af47c13c4e95a4953987d2c34a74f","sha256":"e1473cf463a4e737486548692bef2ff33e1435ccb7b1d4d9e4428371b57a2666","sha512":"2dd9d9716c420f8d993a738149c8ed8a18bb8ee2034cadb05c3743cbab9ecb9eaabfa064be34e53fad571e80eeebdf7292cb9811a369dd67d51da327fd80fef2","ssdeep":"","tlshash":"db513db78f5778c0ec5c0e4b60017a48e401be0053f0e18caab51dd2069c629d371a8b","first_seen":"2024-06-21T17:22:35Z","last_seen":"2026-06-06T21:30:11.65097Z","times_seen":1640,"resource_available":false,"data":null}},"time_used":700,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":700,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/__proxy-cms-api/api/public/v1/tur/partners/751/components/6713/contents?use_webp=1\u0026platform=0\u0026country=NO","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:57.199Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /__proxy-cms-api/api/public/v1/tur/partners/751/components/6713/contents?use_webp=1\u0026platform=0\u0026country=NO HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/tr/\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=0; twk_idm_key=1j_Pbe3wZINlDTDhzscRH; twk_uuid_69345a05c4e6ba197aefa96c=%7B%22uuid%22%3A%221.92R1qCgyJWowz2iTiEpRwBM0xZehlrdmh8bxgIdk3R7rbioXvAdL6Ij0M1frbRAs6Dh30m1oA1FRvNd3M7KvvDyVS879Xvfp17FFvDm7hE25401h5GP6zS56Sncq%22%2C%22version%22%3A3%2C%22domain%22%3A%22m-galabet1123.com%22%2C%22ts%22%3A1772117636060%7D\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:57 GMT\r\ncontent-type: application/json; charset=utf-8\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS\r\naccess-control-allow-headers: X-Requested-With,Content-Type,Origin,Accept,Accept-Encoding,Accept-Response\r\nset-cookie: __cf_bm=1cWbjCUULuzFnrlCj0hHuAKa_3cfjWV.0EvX.uTGZSY-1772117637-1.0.1.1-BnhUVb23S3elwwUQg0hPhbUpLOaljUr00HdvBrPuF7tmxJFy3L4GsDcnkd1PUHlhl4gkIUWreG7C_2EKlmkhjcJK5Axb6fQ5lw2IaH4rBTw; path=/; expires=Thu, 26-Feb-26 15:23:57 GMT; domain=.betcoapps.com; HttpOnly; Secure; SameSite=None\r\ncache-control: max-age=600\r\nvary: Accept-Encoding\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rqVvtR5l4ZHojLrzlQcTGLaKMGBnIXXIRaO2rPS%2B%2B8W6AHI3qc%2BWlacphedUIkwBNWl8Mhs3ScSwJ%2FTIGUsuYBGci4Au4%2BdqMKJCFV24%2Bb2J\"}]}\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncf-ray: 9d4046608e18e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":3050,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"01efa608c5a85de4b95ac270e6ce6a51","sha1":"e7be08d5603538dd307167f616a58eafd2cf395e","sha256":"b57a383dff0f0ec071dcff3a9f724683f352d1e852ed3beda60502fa56f52610","sha512":"73eef946ca760c8a9ee1e84b0f9c66be7196fdbe7d952f93cf19d76f55f3d14c43a9ad62a347e77c756236ad658cdc03e39a339ed2ba38aa0037704fb8bed0b9","ssdeep":"","tlshash":"eb519d23706d9daa5b507740b8c7395ac8ee2447dc0a5670ec498f8d82fa63ac6d33d7","first_seen":"2026-02-24T14:23:51.337716Z","last_seen":"2026-03-04T19:25:33.597242Z","times_seen":5,"resource_available":false,"data":null}},"time_used":140,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":140,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"statistics.btcoservice27.com/images/e/s/0/392.png","fqdn":"statistics.btcoservice27.com","domain":"btcoservice27.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:58.212Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"btcoservice27.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 09:41:42 GMT","end":"Sun, 26 Apr 2026 10:41:35 GMT"},"fingerprint":{"sha1":"81:21:C1:62:6C:B3:8C:D6:3B:78:1C:03:98:EB:E4:B5:0B:08:13:4C","sha256":"86:BF:9F:A3:FE:30:F5:BD:7B:AD:63:3C:D7:11:72:E8:91:A7:06:23:A8:B5:1E:96:CD:28:18:3E:4C:48:4C:86"}}},"request":{"raw":"GET /images/e/s/0/392.png HTTP/1.1\r\nHost: statistics.btcoservice27.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:58 GMT\r\ncontent-type: image/png\r\ncontent-length: 1732\r\nserver: cloudflare\r\nlast-modified: Wed, 18 Apr 2018 11:08:52 GMT\r\netag: \"25168aa25d7d31:0\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\nx-powered-by: ASP.NET\r\nexpires: Thu, 26 Mar 2026 17:36:11 GMT\r\ncache-control: max-age=2592000\r\npragma: public\r\nx-cache: MISS\r\naccept-ranges: bytes\r\nage: 163066\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nset-cookie: __cf_bm=cbJycQvrkrZ0YcspFpYf4mlNU0t8s5sTscfshTmNbbs-1772117638.1601603-1.0.1.1-VfpKSoAfPuKBTre4X0tTBJ2plsJ5QYTr4PobjYuq6Ma0NXJFRaMVyKAgmvCGLuBcijFP8YFf1w4xn7JEO2FkjAMcSLpDf2nUanUTv7fs2OjZ1iNNiwRV.bxRDddKohwQ; HttpOnly; Secure; Path=/; Domain=btcoservice27.com; Expires=Thu, 26 Feb 2026 15:23:58 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QqfgW3qteKhjMf5yh%2F6xG%2BmD763CnR8%2FmPM9mGf3IbUV0nY9b638%2FgFJqiPGmMFxTn0dk4fdbWSyWs99sQasNfSbMww60%2Bjx1PKtEK%2BuXurS1WjuOKrGWgRCx%2BY%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d4046667f2d4c11-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1732,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced","md5":"8167aaffc690bf733d77fe67e7e82385","sha1":"69174f1a4a0e6df0dd5e024d47d19c9c0c3128f3","sha256":"09722c44419f5a5633a09de3481abce270e484af3130606ae5353a199d29687a","sha512":"0cf98012f1fa9d19e5b5c6144f249db4e516a9b7daef2a6932ce79926e5bdc0210df88d803ec16f4b260c1d99b842440465e15394c2236edb2cc3ceec13f2164","ssdeep":"","tlshash":"4e310b830d7c6c1d85ce387f75450c75e1143ca6d7006e767ac70aeda26d95932f9e10","first_seen":"2023-05-08T15:58:08Z","last_seen":"2026-05-22T22:07:06.724173Z","times_seen":258,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/loader.png?v=1767600520","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:54.590Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /loader.png?v=1767600520 HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:54 GMT\r\ncontent-type: image/png\r\ncontent-length: 456\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"1c8-ia8wVKtM84nn6QXS7HVglYAWgM0\"\r\naccept-ranges: bytes\r\ncf-cache-status: EXPIRED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yxMOJiVDCTiifVjwYAt9k4UTtlRo1CyBCfygp8nLgelkOewPQMv%2BoTEjO2%2BJKvp0V6FOc3%2Bko%2BDJTqngE%2Fx32elIHtuxvwcvHlDZdB7sOwyj\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncf-ray: 9d40465038d5e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":456,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 60 x 60, 8-bit gray+alpha, non-interlaced","md5":"ce13d4aab7656181924146d7eefb42a7","sha1":"89af3054ab4cf389e7e905d2ec756095801680cd","sha256":"393b5575ab9863a7702eb2a6bd7405f3118d0da53ff1a3257d1d7353a056a59c","sha512":"4153a0d45eb10ca02aa1bca3f3dc78529b3d1a23d582ab9f5831ba71b9a5de126253d469d28276160f1ed27de41049491125726144c40e17a5fe2c26a77406b2","ssdeep":"","tlshash":"14f023d69fe31ffaccc05a9a7437c3710c22824a829936149107009c645ad2f8dc4e1d","first_seen":"2025-12-24T22:39:16.322656Z","last_seen":"2026-06-03T04:20:31.988411Z","times_seen":59,"resource_available":false,"data":null}},"time_used":119,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":119,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/flags.png","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.743Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/flags.png HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/assets/index.BJU6hB4z.css\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=1772117635494; twk_idm_key=1j_Pbe3wZINlDTDhzscRH\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: image/png\r\ncontent-length: 94974\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"172fe-w5wJfXBMdUKU4/vtI7gOUCBUOW4\"\r\naccept-ranges: bytes\r\ncf-cache-status: EXPIRED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jOjimVPzaJ4Q7J%2BQ%2FCYQv5GKWwLm43krarZTuMiicKA8bKl9b1XA7HdMf%2BHogd10IA8JczLIuEczduex4jKShoEIfTHlUtzKA5ZIn2G9CfRw\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9d4046577adce0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":94974,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 66 x 17960, 8-bit colormap, non-interlaced","md5":"02c3b5af3d0ec1f21c51bf21a22241e9","sha1":"c39c097d704c754294e3fbed23b80e502054396e","sha256":"1c0578c469db9a3da5c0b6fa0258f99b2a2ac602d0027ab6fcb7b218c3acbb75","sha512":"bb097e3532e83aa4db8e8dd7cd16d95d83ae77f4cc19207f04f3b929ca695ebcd7f5730e9ea888763108c95028f40f81490a03093ef8d57665c6f4393091dc63","ssdeep":"1536:wxq8h3gUrI89XxfLcduXa08ucH+te2RIr8T8hKdPzgkjM+PDRzSKR2JLDpzm5NLX:Sq8h3e85FquXPAeExk8odPFg+tzSKe3M","tlshash":"509302ab06de36c6e10b2e9408902d3c720f65fdcba545ad497cc743d8e5a68d48feb4","first_seen":"2025-12-12T09:55:43.277784Z","last_seen":"2026-06-08T11:36:24.208609Z","times_seen":817,"resource_available":false,"data":null}},"time_used":153,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":98,"receive":54,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/DepositCountTracking-De1I4Mce.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.852Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/DepositCountTracking-De1I4Mce.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m-galabet1123.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=4,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"285-1SQwAyYPW8GxXr0iZep8jn2Uz9o\"\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=OR%2FVHUe697lYqjleb%2BTHg5Ip%2FzuB6TGSJMzDU9ZaHrD1eANK01gDnNQdE6iaoQ6VZsDodH5jmPUJi8d%2Fw4Km5Z6CozeNFgp9KT9w36PHGrh4\"}]}\r\ncf-ray: 9d404657db14e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":645,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (644)","md5":"2045707223a5f38768732a2b5bbd3ba2","sha1":"d5243003260f5bc1b15ebd2265ea7c8e7d94cfda","sha256":"7c77670e6513887e7a5d0931da2f6cd0c40820dc4f6a04f9dbc342ffbb83901f","sha512":"4369d6ce9fb4b1abb3b82c1679590f2293e7953da296dc18c75043818c4245e43e04df6f825843431822700cc874e547399839227d5630bffebe1da8bb36e106","ssdeep":"","tlshash":"6ff0dd576878e2f58a892a8472c6a8a367f0a55cb956c8c381bd8d4a0208002e4dcd1b","first_seen":"2026-02-24T14:23:51.429292Z","last_seen":"2026-02-26T17:03:57.814227Z","times_seen":4,"resource_available":true,"data":null}},"time_used":116,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":116,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/InternalDataspotTracking-DB2Ht68F.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.857Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/InternalDataspotTracking-DB2Ht68F.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m-galabet1123.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=4,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"f66-7nzjmPMHKKxUpAXaSrEXvMWmk+k\"\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=c4LetbiKBke43iwYTnfDqGEhRCxUD6DmU%2F2KIdQaA3GY5NmcekiNT9BOLaySAsxLEe2aVPHa9q4%2FVqdkD%2BRk0ATDZY10lI1jjqVIu6YqfkY7\"}]}\r\ncf-ray: 9d404657db13e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":3942,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (3941)","md5":"28d8d80edd5ad66eefb0fc684755c355","sha1":"ee7ce398f30728ac54a405da4ab117bcc5a693e9","sha256":"2e8b31d05474087678a43335a1ae8e9257fe9a1a690b7d7fbe36e74c4d12c5f2","sha512":"c7a4ae165f4e0f5bf2b1331d3881ef08b3940022b8a5a9319657b7ede16edfdb12b37f16020ee2bb3ba6f2e1e7a7ee9064c197d5c51b121be530edba74832e5a","ssdeep":"","tlshash":"f681741fd83c08b070a0cad9583bc957857d3cc9a590d8f06037de6a660fe09d6f1a9b","first_seen":"2026-02-24T14:23:51.294039Z","last_seen":"2026-02-26T17:03:57.827934Z","times_seen":4,"resource_available":true,"data":null}},"time_used":105,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":105,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/if-defined-CWaLTnLW.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:56.385Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/if-defined-CWaLTnLW.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/assets/index-yvd_ZnLz.js\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=0; twk_idm_key=1j_Pbe3wZINlDTDhzscRH; twk_uuid_69345a05c4e6ba197aefa96c=%7B%22uuid%22%3A%221.92R1qCgyJWowz2iTiEpRwBM0xZehlrdmh8bxgIdk3R7rbioXvAdL6Ij0M1frbRAs6Dh30m1oA1FRvNd3M7KvvDyVS879Xvfp17FFvDm7hE25401h5GP6zS56Sncq%22%2C%22version%22%3A3%2C%22domain%22%3A%22m-galabet1123.com%22%2C%22ts%22%3A1772117636060%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:56 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=3,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"cff9-3CQS8BSHCmzdXT/mRzShI3Ky5mw\"\r\nage: 0\r\ncontent-encoding: br\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9eOYGyDQAxSKo8WX5Ghu9hTv0lZ%2F31kXZKtniEGis%2BASGT%2BnhU4pCK62FHYGDRctaRWBk76vFqEvH613a%2FhhDv3R3lSPb23%2BLEtDoyzM3LES\"}]}\r\ncf-ray: 9d40465b2c49e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":53241,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (18566)","md5":"a3b110c47aadc250e8c08286a3927c90","sha1":"dc2412f014870a6cdd5d3fe64734a12372b2e66c","sha256":"ff1673476716b35b4481265e15bbbf19e034f23574e163b4f79ab7e39ee93d55","sha512":"a4b3491b2b16d7c8346d302b6c57643dfd39947c2bd5292310d2f86940fd9980430abd20062b49151f9417afc5d133f9056f0da838e0afe5e1c0b3b561b5580e","ssdeep":"1536:vMetjKG9nc1EM27QiZmqog9o/LxGRbVkT68QEC07G8:v5UZg9o/LxGRbVkT68Qup","tlshash":"203308d472d671a243d386e5843b001bf3753824382d846cba2de9dbbd35a4691bbf39","first_seen":"2025-06-12T05:59:20.504038Z","last_seen":"2026-06-06T21:30:11.633829Z","times_seen":639,"resource_available":true,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"statistics.btcoservice27.com/images/e/s/0/397.png","fqdn":"statistics.btcoservice27.com","domain":"btcoservice27.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:58.211Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"btcoservice27.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 09:41:42 GMT","end":"Sun, 26 Apr 2026 10:41:35 GMT"},"fingerprint":{"sha1":"81:21:C1:62:6C:B3:8C:D6:3B:78:1C:03:98:EB:E4:B5:0B:08:13:4C","sha256":"86:BF:9F:A3:FE:30:F5:BD:7B:AD:63:3C:D7:11:72:E8:91:A7:06:23:A8:B5:1E:96:CD:28:18:3E:4C:48:4C:86"}}},"request":{"raw":"GET /images/e/s/0/397.png HTTP/1.1\r\nHost: statistics.btcoservice27.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:58 GMT\r\ncontent-type: image/png\r\ncontent-length: 1824\r\nserver: cloudflare\r\nlast-modified: Wed, 18 Apr 2018 11:20:48 GMT\r\netag: \"9e30ff4c7d7d31:0\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\nx-powered-by: ASP.NET\r\nexpires: Mon, 23 Mar 2026 13:51:47 GMT\r\ncache-control: max-age=2592000\r\npragma: public\r\nx-cache: MISS\r\naccept-ranges: bytes\r\nvia: 1.1 google\r\nage: 435730\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nset-cookie: __cf_bm=.esLKJNUGzfWhCjeQB2HM9lkJTQfi2Ic_rWZiPcP6no-1772117638.160231-1.0.1.1-qfKi8NFaMtyZG9TJWPFMCkGP68oQUDqnfrIlTd8uCiuzNFvPM_d0V8TGqsK2KInqS.EpPSCu36C6WN4H9usDWlwLkTDvyCbRWm4dsP3wIjT7TJ1TanrVerna5BH4GuDx; HttpOnly; Secure; Path=/; Domain=btcoservice27.com; Expires=Thu, 26 Feb 2026 15:23:58 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wmRsDNTuvsQ2v7tg1MhelpDCUc%2F14n8QVjtm%2B9LUq5h3tnL2Y6TnWtvANA5fN70e03EDRW3Kg84Ep5E%2FkzwTH1S9hGaYKVELycCqAQZ23%2BOiUVD9%2F4t%2BkHxpqMI%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d4046667f284c11-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]}],"data":{"size":1824,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced","md5":"777348d6c88c0f9752d20313165bf7e3","sha1":"ec83db9126d3827e51a4a09e714562525618eaaf","sha256":"b33304692a78a1ca4b0591f7bc94dff978ec0f74bdd34a8b5825353a3875160c","sha512":"5487355868eab4280f747f9ce6c66f206df35f886c5a49bdb93ec55fb7799d84412cbda93e97e7aef6ac66932b7fefc5d1bf59d433744b1e31f9bbd17f558549","ssdeep":"","tlshash":"96311903626c6fdc8a096493d32a628760684af5c075bd28bc0c05457e3006ede7968b","first_seen":"2023-05-28T18:20:13Z","last_seen":"2026-05-22T22:07:06.352544Z","times_seen":335,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statistics.btcoservice27.com/images/e/s/0/454.png","fqdn":"statistics.btcoservice27.com","domain":"btcoservice27.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:58.215Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"btcoservice27.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 09:41:42 GMT","end":"Sun, 26 Apr 2026 10:41:35 GMT"},"fingerprint":{"sha1":"81:21:C1:62:6C:B3:8C:D6:3B:78:1C:03:98:EB:E4:B5:0B:08:13:4C","sha256":"86:BF:9F:A3:FE:30:F5:BD:7B:AD:63:3C:D7:11:72:E8:91:A7:06:23:A8:B5:1E:96:CD:28:18:3E:4C:48:4C:86"}}},"request":{"raw":"GET /images/e/s/0/454.png HTTP/1.1\r\nHost: statistics.btcoservice27.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:58 GMT\r\ncontent-type: image/png\r\ncontent-length: 1236\r\nserver: cloudflare\r\nlast-modified: Sat, 09 Apr 2016 09:02:11 GMT\r\netag: \"f1d68e803e92d11:0\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\nx-powered-by: ASP.NET\r\nexpires: Sun, 22 Mar 2026 10:13:22 GMT\r\ncache-control: max-age=2592000\r\npragma: public\r\nx-cache: MISS\r\naccept-ranges: bytes\r\nage: 535235\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nset-cookie: __cf_bm=t3OUPZosLoAUEbh0v.puAK3aFFeN5u8TxgWZcizGRuM-1772117638.163718-1.0.1.1-t5jbiV1qATl4ClORXFNc_bFB4YGsWp.PCm1jYxPsPlmccwBHBU3qdeTmqiZ4xfztUEMGIKXu_WUI0AV4Ogc8a8Twodj.V0ewM0yF1CapO8HynqYc4PLGqJXYiVL7ZWb0; HttpOnly; Secure; Path=/; Domain=btcoservice27.com; Expires=Thu, 26 Feb 2026 15:23:58 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=cHjWrV3eT8YYxY26SiIVZbMzvvjKGsyEfXqvaPPDT0PdtCKCk78z0v4Ebq3BTI%2BpBkGJ3ox0pwu8CSzhw7WyUUd%2B5EMOe2cvSUItAxmLsi0sqBcyUV5r38VGBaA%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d4046668f4c4c11-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]}],"data":{"size":1236,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced","md5":"afc3a4da5fb039d37bcfd50861d4954a","sha1":"ef9130577e78a52760a6d45ab20ce2c155c324ab","sha256":"bb958610492c84590233b0d30c27e5f1d5fc320d4ece0f29c61828eb349b9fff","sha512":"d1fbc915e520885b5baa728288e7508cc8abd0301d36d14ab4d8fe1a5db86c8e67473c97e668cc758bfe1334970b2d4ef6ea16cab64c8160421f1fa05be1cd8b","ssdeep":"","tlshash":"b021eaf33d809e7271c160b9576bebc011c5637f04616384b5e5f2b40d2ae8671d56f2","first_seen":"2023-09-18T21:18:01Z","last_seen":"2026-05-16T13:14:11.681316Z","times_seen":379,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/69345a05c4e6ba197aefa96c/1jbq7v9mq","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:53.979Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 06 Jan 2026 07:50:57 GMT","end":"Mon, 06 Apr 2026 08:50:49 GMT"},"fingerprint":{"sha1":"76:A2:1D:87:6A:02:2B:AE:59:CF:63:88:47:0B:0E:A0:A4:71:2D:D7","sha256":"9E:00:F3:80:45:CF:47:97:9A:BA:39:F6:38:6F:52:DD:E7:5F:D6:9B:7E:89:F7:9D:B0:BD:98:6F:1F:45:64:2A"}}},"request":{"raw":"GET /69345a05c4e6ba197aefa96c/1jbq7v9mq HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m-galabet1123.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:54 GMT\r\ncontent-type: application/x-javascript\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=7200, s-maxage=3600\r\netag: W/\"stable-v4-69967ba6a3b\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\ncf-cache-status: MISS\r\nx-content-type-options: nosniff\r\nserver: cloudflare\r\ncf-ray: 9d40464c9b8b0b9c-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2123,"size_decoded":0,"mime_type":"application/x-javascript","magic":"JavaScript source, ASCII text","md5":"1cb8503928873fb0c37ddda8d9be2156","sha1":"5319387ef374c51d8602797090fed03402de834c","sha256":"f13f816cd905b4f21e6e1cb8f007a1a620bc765cc87dd54f77da47934cf78fad","sha512":"4dccac9b09a71eacf324e11bde2da2f4317c5360141051d7720cfdaa788e5987990302172d8af111afa579951c8a640cbd74266f563b35b073b5ad3c7fb7bc3c","ssdeep":"","tlshash":"8941ddea5b4f1c56b22410d90dbef90ef47620f749da6892870c085272657ad2f8ee38","first_seen":"2026-02-24T14:23:51.198663Z","last_seen":"2026-02-26T17:03:57.919065Z","times_seen":4,"resource_available":true,"data":null}},"time_used":217,"timings":{"blocked":36,"dns":6,"connect":8,"send":0,"wait":145,"receive":0,"ssl":20},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets.json?v=1772117700000","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:54.502Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets.json?v=1772117700000 HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:54 GMT\r\ncontent-type: application/json\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LjuTi9B0BfpYIcxKoB%2F9jRJo39KaK1r4UK6XFG8CDB5ZsqBlstwxaxIROXJicnGQlkkxXTo5oXWKq3BgepbJ%2Fzmd%2B9QuLQEzZuK%2B%2Fcuup%2FRc\"}]}\r\nx-powered-by: Express\r\nx-cache: HIT\r\netag: W/\"6c-/Qm+p2fEH07OzI/hfElHCuJaqCo\"\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncf-ray: 9d40464fa88ce0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":108,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"4ab76b84119b58e0274ebb7773c304e9","sha1":"fd09bea767c41f4ececc8fe17c49470ae25aa82a","sha256":"ed3f85642bcbcd5f01e24e07081e8c0cb4a2afb0e45475bfef46d8b5a1fedc83","sha512":"a19491809a33023feb5f4c6789e18bde6011500fb40806e367822393b3bae10fba4d339abefabd268b6297c5af3560f255448f36063aa4784f6631644d68b163","ssdeep":"","tlshash":"a3b002995a3985159746e888474d2906d000d1a3cbae1b5a50570568c3e07b6c694909","first_seen":"2026-02-24T14:23:51.200303Z","last_seen":"2026-03-23T14:49:47.185058Z","times_seen":17,"resource_available":false,"data":null}},"time_used":46,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":46,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/logo.png?v=1767600520","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.587Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /logo.png?v=1767600520 HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=1772117635494; twk_idm_key=1j_Pbe3wZINlDTDhzscRH\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T13:34:10.574604Z","times_seen":16240797,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/FacebookTracking-3dL4n6uM.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.840Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/FacebookTracking-3dL4n6uM.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m-galabet1123.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=4,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"2a8-IASiAHvSjivV5cscT/+MWf6wyak\"\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6l%2F%2FMj%2F95JxBBY9omITFKU8neGn6rfpL1lrE6kJ6WgZ7LUA02o8AUuC9NNquZQiQbpqa50au1QF5OS9SV2FIFR6vFVD2hQgxWPQx9hHaXWig\"}]}\r\ncf-ray: 9d404657db10e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":680,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (679)","md5":"140e6f6f98e0fa8d3b0be5a3a4600dbc","sha1":"2004a2007bd28e2bd5e5cb1c4fff8c59feb0c9a9","sha256":"86621dcf5dc5a1b34c4539fb729e72c42ae3fe9bdf8eacfea3b3313b43b7e3cb","sha512":"75615ef7f6a0e1a3bf5d09e5d022ab408abda5aa2632928b514b1bea7824cb439a0025caf9ff607f42016b5a64e255803a8b012cb78879e66cfcd15099850c41","ssdeep":"","tlshash":"5a01fe0f2c45b479167c18b8d3bbd8142aba990a258b45a5c6c7c9b92a24546848db8d","first_seen":"2026-02-24T14:23:51.217193Z","last_seen":"2026-02-26T17:03:57.815026Z","times_seen":4,"resource_available":true,"data":null}},"time_used":117,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":117,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"statistics.btcoservice27.com/images/e/s/2/4125.png","fqdn":"statistics.btcoservice27.com","domain":"btcoservice27.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:58.220Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"btcoservice27.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 09:41:42 GMT","end":"Sun, 26 Apr 2026 10:41:35 GMT"},"fingerprint":{"sha1":"81:21:C1:62:6C:B3:8C:D6:3B:78:1C:03:98:EB:E4:B5:0B:08:13:4C","sha256":"86:BF:9F:A3:FE:30:F5:BD:7B:AD:63:3C:D7:11:72:E8:91:A7:06:23:A8:B5:1E:96:CD:28:18:3E:4C:48:4C:86"}}},"request":{"raw":"GET /images/e/s/2/4125.png HTTP/1.1\r\nHost: statistics.btcoservice27.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:58 GMT\r\ncontent-type: image/png\r\ncontent-length: 1040\r\nserver: cloudflare\r\nlast-modified: Thu, 05 Apr 2018 07:16:35 GMT\r\netag: \"267ad07aeccd31:0\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\nx-powered-by: ASP.NET\r\nexpires: Fri, 27 Mar 2026 15:10:52 GMT\r\ncache-control: max-age=2592000\r\npragma: public\r\nx-cache: MISS\r\naccept-ranges: bytes\r\nage: 85385\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nset-cookie: __cf_bm=N7ZmeS0GluO.M35cRiCaWemFb64RGUUYQtF8xPONQwo-1772117638.1655514-1.0.1.1-pB75ER5CS4ijyUe7VFTVay.0w40ff1FQnqRxfJP4jNh2lZNF0jz9lChk_FadSxHjKsiU68vJWYUrmnvRXE4m3YBs.WbuTEaA24095bCPFEXg4hxUBvT2K9QfuLnOn2Tq; HttpOnly; Secure; Path=/; Domain=btcoservice27.com; Expires=Thu, 26 Feb 2026 15:23:58 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KwL6jkeOGIBPxmqatA7%2FDLCp%2Bo2OWQ3Meq9ozaQD8qPNcKwErknHseVT5g0SVh4r2BPgmuc8%2FQl5kI9tnymzLsnNd250UZQ8EEigwat6znCENMe92I19O7geang%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d4046668f5a4c11-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]}],"data":{"size":1040,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced","md5":"5ce448e131a4273dc1c738df70520e84","sha1":"845080285e3d8884da1214fa0ed5c1fe03a96ada","sha256":"e4bf426759260c1fc2b5ae3b63376674ed4e3710a14d2e6b8abe0ac8047c2a6a","sha512":"f47587511258fae5a3a96a24991f846b07671cc57d26f079e62f9bceae18281f28baf8d561254ac231fc40a60ccbde8ec85b724c666e98e0db1e471ddbe54e4b","ssdeep":"","tlshash":"6b11d848081a8828e98d70323d184430d7f947fb43b9ee07b363e33d47c7a424b819ba","first_seen":"2024-08-19T20:31:49.096436Z","last_seen":"2026-05-23T17:36:46.361859Z","times_seen":118,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"my.rtmark.net/img.gif?f=sync\u0026partner=139a886e39fc38c92e86d82c241e5af2bdde29b6844bc7ddeb0c099f62648e4a\u0026ttl=\u0026rurl=https%3A%2F%2Fm-galabet1123.com%2Ftr%2F","fqdn":"my.rtmark.net","domain":"rtmark.net","tld":"net"},"ip":{"addr":"104.18.41.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:54:03.279Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"my.rtmark.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 21 Feb 2026 19:28:29 GMT","end":"Fri, 22 May 2026 20:28:25 GMT"},"fingerprint":{"sha1":"36:C6:D1:CA:01:47:A4:1B:73:8E:62:DB:CB:24:79:4D:06:01:3B:B5","sha256":"11:41:34:A5:A1:10:2F:10:C6:7F:8A:F2:77:75:66:AA:39:99:F9:E7:00:8D:1E:EE:4E:30:42:B7:A3:82:28:31"}}},"request":{"raw":"GET /img.gif?f=sync\u0026partner=139a886e39fc38c92e86d82c241e5af2bdde29b6844bc7ddeb0c099f62648e4a\u0026ttl=\u0026rurl=https%3A%2F%2Fm-galabet1123.com%2Ftr%2F HTTP/1.1\r\nHost: my.rtmark.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Feb 2026 14:54:03 GMT\r\ncontent-type: image/gif\r\ncontent-length: 43\r\ncf-ray: 9d4046868946c759-OSL\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token\r\naccess-control-expose-headers: Authorization\r\naccess-control-allow-credentials: true\r\nset-cookie: ID=0882e9e13347453af1b82103b992774d; expires=Fri, 26 Feb 2027 14:54:03 GMT; secure; SameSite=None\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ntiming-allow-origin: *\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"b4491705564909da7f9eaf749dbbfbb1","sha1":"279315d507855c6a4351e1e2c2f39dd9cd2fccd8","sha256":"4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49","sha512":"b8d82d64ec656c63570b82215564929adad167e61643fd72283b94f3e448ef8ab0ad42202f3537a0da89960bbdc69498608fc6ec89502c6c338b6226c8bf5e14","ssdeep":"","tlshash":"c5900403d140d041c351c0300d0cc740174471304514030f70fc175dfc353510c13000","first_seen":"2023-04-05T09:54:56Z","last_seen":"2026-06-08T12:18:10.909392Z","times_seen":101096,"resource_available":true,"data":null}},"time_used":45,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":45,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69967ba6a3b/js/twk-vendor.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:54.544Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 06 Jan 2026 07:50:57 GMT","end":"Mon, 06 Apr 2026 08:50:49 GMT"},"fingerprint":{"sha1":"76:A2:1D:87:6A:02:2B:AE:59:CF:63:88:47:0B:0E:A0:A4:71:2D:D7","sha256":"9E:00:F3:80:45:CF:47:97:9A:BA:39:F6:38:6F:52:DD:E7:5F:D6:9B:7E:89:F7:9D:B0:BD:98:6F:1F:45:64:2A"}}},"request":{"raw":"GET /_s/v4/app/69967ba6a3b/js/twk-vendor.js HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m-galabet1123.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:54 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Thu, 19 Feb 2026 02:56:35 GMT\r\netag: W/\"3b341e35b39f6195793ecaf5db7c1d63\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nx-content-type-options: nosniff\r\ncf-ray: 9d40464fed3b0b9c-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":82913,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65472)","md5":"3b341e35b39f6195793ecaf5db7c1d63","sha1":"3ef56ed9ac8bfbf5347dc4592653703f59763083","sha256":"548669d6434f5204dca25b9a6f8a02f63301b8c1b58a717b91fec8b6c2918305","sha512":"6b222121b74ffeabd4de7b69f354ad25283d0989376e8e3f6d97f829e28175291eab0a535ca77c22d3f65595250ad9ad3909525c2eb74bf9783f4955c3d7cde2","ssdeep":"768:kURUFvX9zXAfE4dm9+fuDosXRfMySUHM1ONdYO31hY6d/o6cyO4fefHvSAW64F:kURUZXGfzd1uU+8ODY6JORfHBWJF","tlshash":"b483e6dcb295b57117ab20b5417f050bf33a7815a80ac0a4f266f4da7c7848ea06bf7d","first_seen":"2024-03-08T05:46:53Z","last_seen":"2026-06-08T12:51:50.312897Z","times_seen":58959,"resource_available":true,"data":null}},"time_used":259,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1052.com/svg/games.json","fqdn":"icons.galabet1052.com","domain":"galabet1052.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.731Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1052.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:14:03 GMT","end":"Sun, 24 May 2026 11:13:59 GMT"},"fingerprint":{"sha1":"3B:14:63:FD:4D:69:AD:3E:AE:90:AC:62:75:5F:1C:3B:40:70:81:66","sha256":"67:D1:79:82:FD:52:DC:63:91:45:A6:57:3E:F7:D3:BE:95:EE:80:07:4E:A0:E0:43:F1:1C:9D:1B:E1:2E:48:79"}}},"request":{"raw":"GET /svg/games.json HTTP/1.1\r\nHost: icons.galabet1052.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m-galabet1123.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nlast-modified: Mon, 30 Jun 2025 11:09:51 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=XAu3aDoUYM9p8VC.f46cDMYsEbyrVuxU0ePYu3W1I0A-1772117635.7964864-1.0.1.1-1TEcMcLkv1vMjFMr28BlEVMdfH5ZvF84.NmQpHPEtuCUfdGCw4sXqrRiZm6AHYxgDwzAWgq67PbHf17W3Vt.ZQfYVW40QgXljkqGeHw4fMiA2RY.3aHW1nU8xLk6MhUy; HttpOnly; Secure; Path=/; Domain=galabet1052.com; Expires=Thu, 26 Feb 2026 15:23:55 GMT\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zT0SkFcXo2ZcxemCmh3q5bBlZkH26tr9tJSyMrmAXWOj7XXqiQFQ89bWCtJD%2FIKIcbwukwVvyLnfpewYHJ1WRT9AH7cnhWB7QmRe3jQRH0P92uNQlQ%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\netag: W/\"6862707f-525\"\r\ncontent-encoding: br\r\ncf-ray: 9d404657babd4c11-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1317,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"1124c704ce353b78a51dd2190edbf761","sha1":"969751af8092f4dfa4450def11dc616eff99a8e4","sha256":"02b58d0aaacddd78f61fcc4a92e72d8526294443ec8e695fe41a763a24d873b7","sha512":"62371f1a27dc5a9f43dc9d738c81641e16ad577f02a50973cd1515f41053160ac5286128dc60ba13ce57271eb462d1f258f830125048ecaad0944f9f5153e39c","ssdeep":"","tlshash":"fe21e14c573150fcfd4fb3e9a32e6b787449f2156823c878c05e45cc268aa4b64dc861","first_seen":"2025-08-01T03:40:47.562391Z","last_seen":"2026-06-08T11:36:24.435879Z","times_seen":1059,"resource_available":false,"data":null}},"time_used":146,"timings":{"blocked":62,"dns":0,"connect":0,"send":0,"wait":84,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/__proxy-cms-api/api/public/v1/tur/partners/751/components/4273/contents?use_webp=1\u0026platform=0\u0026country=NO","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:56.423Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /__proxy-cms-api/api/public/v1/tur/partners/751/components/4273/contents?use_webp=1\u0026platform=0\u0026country=NO HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/tr/\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=0; twk_idm_key=1j_Pbe3wZINlDTDhzscRH; twk_uuid_69345a05c4e6ba197aefa96c=%7B%22uuid%22%3A%221.92R1qCgyJWowz2iTiEpRwBM0xZehlrdmh8bxgIdk3R7rbioXvAdL6Ij0M1frbRAs6Dh30m1oA1FRvNd3M7KvvDyVS879Xvfp17FFvDm7hE25401h5GP6zS56Sncq%22%2C%22version%22%3A3%2C%22domain%22%3A%22m-galabet1123.com%22%2C%22ts%22%3A1772117636060%7D\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:56 GMT\r\ncontent-type: application/json; charset=utf-8\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS\r\naccess-control-allow-headers: X-Requested-With,Content-Type,Origin,Accept,Accept-Encoding,Accept-Response\r\nset-cookie: __cf_bm=VrwAtZ0r2asdWNun9Ive32j9Q7LqciMvODehOdvLal0-1772117636-1.0.1.1-iIcn69iDCJkgKRbZ3_DCEnPvdJo1r9ht_E.2QObYfGODwcc7aldcO2BV6K6LSIVefk5oI2Iakt7VLPdVtfAgT0qSyJgAdcJ9dXuPg8neUxI; path=/; expires=Thu, 26-Feb-26 15:23:56 GMT; domain=.betcoapps.com; HttpOnly; Secure; SameSite=None\r\ncache-control: no-cache\r\npragma: no-cache\r\nvary: Accept-Encoding\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RceyDAcQWl9M8aSAIlQjuSsHh3s4awYdmv0PKsbxzhC6RsTpVNO%2B04NE7wCKybPj1TcL%2BNG4BVcFaYzuQI5EZVw3WjUU4z6bfpBDxlmWe7Xu\"}]}\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncf-ray: 9d40465b5c7ee0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":2144,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"86ecb33a83dd540847fd6e6e6c06016e","sha1":"01e225aa2a31738ff436a07a6f43081772272ca2","sha256":"f2773b7b808404c6d968c35c4d68724a764f931d3a673f5443fdba364b9f2d3e","sha512":"4462bf4b7ecb35c5445f65161e26ff50400a51d5d298e726f943eaa6b72fb190d5fc686ccfecd8382fcdc68fe1a826d7ad17f8f10841320294dd0d0328dbbbdb","ssdeep":"","tlshash":"6f41be13b42d887a5b543b40b4d3354a88ad5847ac0e8a74dd898f8d92ee63dc6e33d7","first_seen":"2026-02-26T14:54:53.870664Z","last_seen":"2026-02-26T17:03:57.84758Z","times_seen":2,"resource_available":false,"data":null}},"time_used":144,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":144,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/useOpenLiveChat-DW9DTPvg.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:56.441Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/useOpenLiveChat-DW9DTPvg.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/assets/LiveChatInc-OVRSkU-M.js\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=0; twk_idm_key=1j_Pbe3wZINlDTDhzscRH; twk_uuid_69345a05c4e6ba197aefa96c=%7B%22uuid%22%3A%221.92R1qCgyJWowz2iTiEpRwBM0xZehlrdmh8bxgIdk3R7rbioXvAdL6Ij0M1frbRAs6Dh30m1oA1FRvNd3M7KvvDyVS879Xvfp17FFvDm7hE25401h5GP6zS56Sncq%22%2C%22version%22%3A3%2C%22domain%22%3A%22m-galabet1123.com%22%2C%22ts%22%3A1772117636060%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:56 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=3,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"247-rmFrwy1jZK2IkzLjPuIguAtMyFQ\"\r\nage: 0\r\ncontent-encoding: br\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LNVaaWR7%2BQ4v2LPP5tvAV16NN6K32q8L2AQaQrJueBZIYlKF4YT5xNeRjedCpmxNoYCL2A%2FJovCa1KUiT1OX7zw8c8yGO3s048%2Ffnh0x2qT1\"}]}\r\ncf-ray: 9d40465b7c92e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":583,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (582)","md5":"e9ab582a29b68015b7e4ddf4398ef218","sha1":"ae616bc32d6364ad889332e33ee220b80b4cc854","sha256":"0f2ee7cc918524f36e5698ff96bf1d9a671b9cef7dbebc73cd1434e9e8cbd7cd","sha512":"ea403228177e00db134af06a47eced70c0a176ba505a98d37d158056b49443531257168c5aaff6e57543baad9cad1e990f2a9c29188801d9bae9ac5eaff1b3de","ssdeep":"","tlshash":"57f041da86804fbc81c0cec1405be5f45b2c0ae4700dc480a43fac985824c00467ac53","first_seen":"2026-02-24T14:23:51.066851Z","last_seen":"2026-02-26T17:03:57.79217Z","times_seen":4,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/Odometer-BX62fBgg.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:56.752Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/Odometer-BX62fBgg.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/assets/JackpotPoolsWidgetContainer-CG5gkeJb.js\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=0; twk_idm_key=1j_Pbe3wZINlDTDhzscRH; twk_uuid_69345a05c4e6ba197aefa96c=%7B%22uuid%22%3A%221.92R1qCgyJWowz2iTiEpRwBM0xZehlrdmh8bxgIdk3R7rbioXvAdL6Ij0M1frbRAs6Dh30m1oA1FRvNd3M7KvvDyVS879Xvfp17FFvDm7hE25401h5GP6zS56Sncq%22%2C%22version%22%3A3%2C%22domain%22%3A%22m-galabet1123.com%22%2C%22ts%22%3A1772117636060%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:56 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=3,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"3ccf-ipesN87ir5lKz7/J8s8U41JsfE4\"\r\nage: 0\r\ncontent-encoding: br\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hxl19YZgYFhg2N615TEu0Ez8KGqpTg%2FNjBuLFbSvunpcfrenhgPQJ8z43A0c5H51Yf7rNoRratZueeuieFR1wKft6I24%2FK9B%2B6nAmu35RN%2Bs\"}]}\r\ncf-ray: 9d40465d7d47e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":15567,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (15566)","md5":"55a1a4b91300616965d78a3641eacb56","sha1":"8a97ac37cee2af994acfbfc9f2cf14e3526c7c4e","sha256":"ffaf29e279a90410cade3f3daa9ef47a21684c027c281f7d196cac20604a450e","sha512":"b61b1b1f088df62ff5ee4e38e7ab6b1820a320e3fc2c0c37415ff1d9bdfeafba35817b9b62cf4b731f95ddb43487dc610fc89c1ae16de536a04714d3062fe67b","ssdeep":"192:2FZd7KNJtQae0S09YJFF2UXxx3HjmHHXpkauLPHMBNeSYpkYxSBrC7TlzUgrPND:2cVQae099YJT3DmHHMPrFtUhGxrPx","tlshash":"de620a8a796272344393b1e015bb0609773f9d6a3808405db67caeda7e32c19d12bff5","first_seen":"2026-02-24T14:23:51.358719Z","last_seen":"2026-02-26T17:03:57.766878Z","times_seen":4,"resource_available":true,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/UnavailableMarketEvent-wtkKsClH.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:56.412Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/UnavailableMarketEvent-wtkKsClH.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m-galabet1123.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:56 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=4,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"134-UhhjmnVS/fKpCCkN/S6cRA6/3rQ\"\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=t8kibWdCHZf4GLxfr5I6OZuCr7cdOjHOLIeUP2FKhygTrx4nL11q0qnc%2BesW9GPhlX%2BOGiE%2FA8JtGq2Ta%2FbOWdu%2B2prm2RmZ%2FwUZRNIu6a0t\"}]}\r\ncf-ray: 9d40465b4c6fe0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":308,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (307)","md5":"98b9533851974b6ee03f009832ec9b0e","sha1":"5218639a7552fdf2a908290dfd2e9c440ebfdeb4","sha256":"9abebbd29b2f027411a623d5b140792a129165b070e618f803c4257da6978b95","sha512":"0170e9059b93228cbb5e6b27ea363c91b851c327080a46e85a96739c2b51562f56ba0c25f7ede463ff65a12a3f5ebfc832261f11f0db5e0eeeacaeec2353dd56","ssdeep":"","tlshash":"2be0cd0aa104bbf6d5255cccce3a8f4da90307b5d7ea45d3d1f951281b34265390ee96","first_seen":"2026-02-24T14:23:51.155949Z","last_seen":"2026-02-26T17:03:57.841108Z","times_seen":4,"resource_available":true,"data":null}},"time_used":113,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":113,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"galabet.winwingames.io/check-auth","fqdn":"galabet.winwingames.io","domain":"winwingames.io","tld":"io"},"ip":{"addr":"172.67.157.158","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://galabet.winwingames.io/","date":"2026-02-26T14:53:56.565Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"winwingames.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 08 Feb 2026 19:47:04 GMT","end":"Sat, 09 May 2026 20:45:41 GMT"},"fingerprint":{"sha1":"5F:A1:45:1D:4B:B7:61:A8:B4:5F:25:27:8B:2E:35:9F:B2:AE:4E:72","sha256":"80:69:5A:6E:C6:E7:5E:F3:BF:B1:27:9B:EC:BD:81:46:6D:C9:B0:59:00:CC:90:C4:6D:BC:45:CE:D4:38:E5:01"}}},"request":{"raw":"GET /check-auth HTTP/1.1\r\nHost: galabet.winwingames.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://galabet.winwingames.io/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccess-control-allow-origin: *\r\ncontent-type: application/json\r\ndate: Thu, 26 Feb 2026 14:53:56 GMT\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Fy2Wg1VhSpShiJbW7zOCG5TSQE8BKzBnTU91f65i03HrIba%2BrpmfGSSrwjXehMCo2C0iOSOlpz4UE9DR3INhAToPZ44e63xVjVO8ho8VL6osHS8zMb4%3D\"}]}\r\ncf-ray: 9d40465c7cede0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":19,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"0d0ef894fa1c5fc383cce96e2d857de6","sha1":"fe19a48e71f224e79f27804ed7d5632c065e5de3","sha256":"0b3443a9377c829f10dc4dbc281475c7bf89f141d56af637ad5c59b74d00b2ca","sha512":"988a2be034f9f80c25a7cdcbd2659e4310baea3e590b0f9fe75ac9d0d7b1d90a8e8b07f33fde07627f3f61eae405d36f9afd6cbd20061b3088ab844a0821abf7","ssdeep":"","tlshash":"4c70000202000222ea80000803002a3388008838832020200008a02000230880002802","first_seen":"2025-09-21T05:18:37.922942Z","last_seen":"2026-06-03T04:20:31.934463Z","times_seen":90,"resource_available":false,"data":null}},"time_used":107,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":107,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statistics.btcoservice27.com/images/e/s/0/327.png","fqdn":"statistics.btcoservice27.com","domain":"btcoservice27.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:57.976Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"btcoservice27.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 09:41:42 GMT","end":"Sun, 26 Apr 2026 10:41:35 GMT"},"fingerprint":{"sha1":"81:21:C1:62:6C:B3:8C:D6:3B:78:1C:03:98:EB:E4:B5:0B:08:13:4C","sha256":"86:BF:9F:A3:FE:30:F5:BD:7B:AD:63:3C:D7:11:72:E8:91:A7:06:23:A8:B5:1E:96:CD:28:18:3E:4C:48:4C:86"}}},"request":{"raw":"GET /images/e/s/0/327.png HTTP/1.1\r\nHost: statistics.btcoservice27.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:57 GMT\r\ncontent-type: image/png\r\ncontent-length: 1270\r\nserver: cloudflare\r\nlast-modified: Thu, 19 Apr 2018 18:33:40 GMT\r\netag: \"76f16df0cd8d31:0\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\nx-powered-by: ASP.NET\r\nexpires: Sat, 28 Mar 2026 01:14:30 GMT\r\ncache-control: max-age=2592000\r\npragma: public\r\nx-cache: MISS\r\naccept-ranges: bytes\r\nage: 49167\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nset-cookie: __cf_bm=s8vDPYNqVtmEtvXXxgnOx1vFr4s3bJQP2AEQrNorcZQ-1772117637.9776733-1.0.1.1-wHUa954qjrTIwyB7qLWF1ILchc0Z8pB.q60n_f5pHH7JSvQ4KAwKOYoPedqFVQ37uyNo2w9sRMTbtKACmIsnBqJcuerlW2pbVtxz9Qiqpx9h7T92vHaoMTd.A3w1ijCt; HttpOnly; Secure; Path=/; Domain=btcoservice27.com; Expires=Thu, 26 Feb 2026 15:23:57 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1PRW%2BKpD8wKQMjnt%2BzgQofrgKZZy8PQhirS1trCvgm6aXIETIGW5KT3EnqcnTEGCkSMAJM7L%2BmxfsDYZ1xum5MpyZ1f1fPXHa%2BXmDIs%2BN%2FDjAbGRL7YpmdwnalU%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d404665589e4c11-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1270,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced","md5":"df8828e50ab62af9995e91cfae20161e","sha1":"bb027a65862a8c0aed68d45553dc29f07e65243a","sha256":"4eee0f6174c938a486a78482970e8fffad98e794f7661f0cf856596b4441c440","sha512":"ee1726c164e8487378311286b7be25db0aafc1a57bff920199a7dea27dc58bb3390cf68b8272f577b0b6c7ae9cfdf0ddfb90df330d6c3ee62228a3b2c778bc25","ssdeep":"","tlshash":"a721e7a3ff241c4bd8e67297ab7d0a88cef612a6249be16055b0c23c0a1516004daee1","first_seen":"2025-10-05T21:52:36.047183Z","last_seen":"2026-05-30T18:23:45.155338Z","times_seen":21,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statistics.btcoservice27.com/images/e/s/0/459.png","fqdn":"statistics.btcoservice27.com","domain":"btcoservice27.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:58.196Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"btcoservice27.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 09:41:42 GMT","end":"Sun, 26 Apr 2026 10:41:35 GMT"},"fingerprint":{"sha1":"81:21:C1:62:6C:B3:8C:D6:3B:78:1C:03:98:EB:E4:B5:0B:08:13:4C","sha256":"86:BF:9F:A3:FE:30:F5:BD:7B:AD:63:3C:D7:11:72:E8:91:A7:06:23:A8:B5:1E:96:CD:28:18:3E:4C:48:4C:86"}}},"request":{"raw":"GET /images/e/s/0/459.png HTTP/1.1\r\nHost: statistics.btcoservice27.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:58 GMT\r\ncontent-type: image/png\r\ncontent-length: 1536\r\nserver: cloudflare\r\nlast-modified: Sat, 01 Jul 2023 07:42:28 GMT\r\netag: \"87e5d695efabd91:0\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\nx-powered-by: ASP.NET\r\nexpires: Fri, 27 Mar 2026 14:11:25 GMT\r\ncache-control: max-age=2592000\r\npragma: public\r\nx-cache: MISS\r\naccept-ranges: bytes\r\nage: 88952\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nset-cookie: __cf_bm=ulb_Ec9O2g54eWOwUA4vuWGM6qNDVA.qTTXockDcnzQ-1772117638.1580608-1.0.1.1-2nOmpSuO1s8JFuyXvASpOD40EX3eerOtyg0sBJBcPnlUObDrzErEcsDZJx97OJBvG0nrG9bAn_FlNXZNXFAnLQZQtBmdwoMMoAEq..VTWkUlFNHmJSfbqagS47wsNezR; HttpOnly; Secure; Path=/; Domain=btcoservice27.com; Expires=Thu, 26 Feb 2026 15:23:58 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yL7d4iMqj5cSAghTAbuk2s558fg5ePO5%2By%2F%2Fpb71ZJO7a0zTacY%2BjYUDckE6a6pPwUhiT2SbUE3lyujJhzPFx4J2oCzP3YSuIENLGua%2Be%2Fbt%2FN%2BOePcx9F9P5Ds%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d4046667f0c4c11-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]}],"data":{"size":1536,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced","md5":"c170eee63d41ac7ab51493f7390ca364","sha1":"8fa7adeb23d679469788e787637d020190ca4e57","sha256":"f541b4b97b1604da29a2632ddbd3a3008b0794397bb0937f94078414d04965a7","sha512":"498854019e89b4120a56cadb29b9a77f138286bf18c3869db0c0fcd0afea62949a6334bd0cbc939f7fbe4878147b49e400b8e591307762e58435eedd80971ebf","ssdeep":"","tlshash":"5a31da157e6e387cd21a41b2183254875819c37b07e9159de715cf2ed9428ac40f8bd3","first_seen":"2023-10-14T20:01:15Z","last_seen":"2026-05-10T14:37:17.363826Z","times_seen":242,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69967ba6a3b/js/twk-chunk-vendors.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:54.546Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 06 Jan 2026 07:50:57 GMT","end":"Mon, 06 Apr 2026 08:50:49 GMT"},"fingerprint":{"sha1":"76:A2:1D:87:6A:02:2B:AE:59:CF:63:88:47:0B:0E:A0:A4:71:2D:D7","sha256":"9E:00:F3:80:45:CF:47:97:9A:BA:39:F6:38:6F:52:DD:E7:5F:D6:9B:7E:89:F7:9D:B0:BD:98:6F:1F:45:64:2A"}}},"request":{"raw":"GET /_s/v4/app/69967ba6a3b/js/twk-chunk-vendors.js HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m-galabet1123.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:54 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Thu, 19 Feb 2026 02:56:35 GMT\r\netag: W/\"b057293b718ae7060a9acc593ff83f67\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nx-content-type-options: nosniff\r\ncf-ray: 9d40464fed410b9c-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":324696,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65465)","md5":"b057293b718ae7060a9acc593ff83f67","sha1":"991ec4ae783d59b4ae91113a0ecb5e6b21d19d45","sha256":"39d3bf235a12d663f4c2564a4d0311e4c902370219bdf1c4b81d2d1698dae888","sha512":"61865e60d018bd21ca9c737aeb975e8f52b0d0fa74128720cd03fb59f7766362efc8d84b06def39558f302b15d1bb39e44dde7cf0a840d62cdcaec6932df4f52","ssdeep":"3072:NTX1gABPVhOj6y1ekyYadM/9LJQMoZmVodXsJ5Ar6VKkOPmx/:FGABPVhO5wdKJCMo4VJ5Ar6kOx/","tlshash":"11644bc8f183b0b606e7a1a5009f5207737a151968ed8498f574dee968e8e5c633bf3c","first_seen":"2026-02-19T03:13:10.628072Z","last_seen":"2026-04-21T03:41:36.073067Z","times_seen":12668,"resource_available":true,"data":null}},"time_used":383,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":383,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1052.com/svg/VideoBingo.json","fqdn":"icons.galabet1052.com","domain":"galabet1052.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.729Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1052.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:14:03 GMT","end":"Sun, 24 May 2026 11:13:59 GMT"},"fingerprint":{"sha1":"3B:14:63:FD:4D:69:AD:3E:AE:90:AC:62:75:5F:1C:3B:40:70:81:66","sha256":"67:D1:79:82:FD:52:DC:63:91:45:A6:57:3E:F7:D3:BE:95:EE:80:07:4E:A0:E0:43:F1:1C:9D:1B:E1:2E:48:79"}}},"request":{"raw":"GET /svg/VideoBingo.json HTTP/1.1\r\nHost: icons.galabet1052.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m-galabet1123.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nlast-modified: Mon, 30 Jun 2025 11:12:41 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=.FS0dnbhlcrf_mY1sJejZrZ6kbJ4ThJJlF9u6d5tck8-1772117635.795679-1.0.1.1-cO3sDAYABULf7i5PlyfFZu8MDuj_p4WIi.xsG9jaYnmE0MNH5rbSTJ7Wl1OkP5avCLm.ui.3MTxnqwclFlV_6QaTONlLmf_WBPuHWZ41HQrEVritW_qdgHG36mi6Ub25; HttpOnly; Secure; Path=/; Domain=galabet1052.com; Expires=Thu, 26 Feb 2026 15:23:55 GMT\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9BtxQPt%2BzqciC%2FglpvF8NQrSb0ojbBrFLtZUy6QRh83PLXw0kG2BJA0fHQUTigUifGI5lgwmEbYdgPzYewa1TT3OQMuv9r2TeS0EhFN95TWTQO8e8w%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\netag: W/\"68627129-7c7\"\r\ncontent-encoding: br\r\ncf-ray: 9d404657bab74c11-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":1991,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"cbae8aa582bac1aa011b5159e475a38f","sha1":"0d140fc00b303fd23250218e03c28ccf986a39c7","sha256":"dcd44096973914fc9f8fdeb79a3dc5379403c3d1411854e634ab7fe444578271","sha512":"05e2c75c337a1fad9f895fa0b1635725d1681e774084ed34084444508df8dc8501c01644b19ab4f9a948c1e5b6621fd67df4fec41eaaeaf187d1a9e90c58244b","ssdeep":"","tlshash":"e24133d5e7b0a6ac2ccca59d6f2148d7350ae0bf6db36a5ce22edc580b53e1c0611c99","first_seen":"2025-09-19T18:19:26.310809Z","last_seen":"2026-06-08T11:36:24.299552Z","times_seen":76,"resource_available":false,"data":null}},"time_used":145,"timings":{"blocked":59,"dns":0,"connect":0,"send":0,"wait":86,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/DataspotTracking-BGnsxVvd.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.831Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/DataspotTracking-BGnsxVvd.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m-galabet1123.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=4,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"1f60-o/BUZZv5OqLTw2M0TJ02rvoKaWU\"\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xZ5o6mzlSGViAOu9qnoE%2BK2oz0O2%2FIUmPk8RKkBKWvbtVndBIBNflN6LUt5a4NFwviqf2wREjc31P%2B94%2B%2FUfSAGmDxUiL7ktFq%2FRaiTQJ%2BP%2B\"}]}\r\ncf-ray: 9d404657cb01e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":8032,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (8031)","md5":"6eb0adb294d6e0b4be4655a714d18cf8","sha1":"a3f054659bf93aa2d3c363344c9d36aefa0a6965","sha256":"1903da0a3931978e3bf11cd481394054ee369eac77e1e9eb33dec25253c83ca9","sha512":"a704e987bddeddbfcf41a894099cab890cbc9b2499a6ba6e06f649e1f716331a64145953bc618d0da4f392ad06eb946e6679642593b509023ed2cdac75826b11","ssdeep":"192:a5xZqJXykg/uKb0n5OnB7tv1/3iYtWSsftQUs3:uZUXykg/b7ZFSXSsfDs3","tlshash":"2cf10355741e78bca033c6ac0d47616218387051e6329de476a6cf5aae3d8c28bf77cb","first_seen":"2026-02-24T14:23:50.919041Z","last_seen":"2026-02-26T17:03:57.92747Z","times_seen":4,"resource_available":true,"data":null}},"time_used":139,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":119,"receive":20,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dataspot-bucket.m-galabet1123.com/configs/d212f7f1f16e55d50593214ba05a0f99.js","fqdn":"dataspot-bucket.m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:57.202Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /configs/d212f7f1f16e55d50593214ba05a0f99.js HTTP/1.1\r\nHost: dataspot-bucket.m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nCookie: twk_uuid_69345a05c4e6ba197aefa96c=%7B%22uuid%22%3A%221.92R1qCgyJWowz2iTiEpRwBM0xZehlrdmh8bxgIdk3R7rbioXvAdL6Ij0M1frbRAs6Dh30m1oA1FRvNd3M7KvvDyVS879Xvfp17FFvDm7hE25401h5GP6zS56Sncq%22%2C%22version%22%3A3%2C%22domain%22%3A%22m-galabet1123.com%22%2C%22ts%22%3A1772117636060%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:57 GMT\r\ncontent-type: text/plain; charset=utf-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=C10a34OOQkqrf7mXBWOfB%2BfMNZOcMxeoTWq8DUMmqmxb0uvnWane8Y1p0fPUxwm5U3E81mDtYRnxzEp3jBwXuWLv0cmFKkaXdVofFfsVbVuxlf1iV4XWZX8%2Fqo9ya%2BssTw%3D%3D\"}]}\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\nx-content-type-options: nosniff\r\nx-cache: MISS\r\nvary: Accept-Encoding\r\ncache-control: max-age=14400\r\ncf-cache-status: EXPIRED\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncf-ray: 9d4046609e1ee0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T13:34:10.574604Z","times_seen":16240797,"resource_available":true,"data":null}},"time_used":179,"timings":{"blocked":3,"dns":0,"connect":0,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"dataspot-bucket.m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"dataspot-bucket.m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"dataspot-bucket.m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"dataspot-bucket.m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"dataspot-bucket.m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/WagmiConf-DcRD12Of.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.231Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/WagmiConf-DcRD12Of.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/assets/index-Dm17uEDJ.js\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=1772117635193; twk_idm_key=1j_Pbe3wZINlDTDhzscRH\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=3,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"18a72-vMQwheISi0s/E7Pjyype023mj6k\"\r\nage: 0\r\ncontent-encoding: br\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DBOcWvLNHcKe9HhBkHQOdxnOLaI4n1QCLocaDwwxZjIBR4ycOlGiSoRN%2F4YsQZZO8JFkcB4aIeH8eGNROTByRfPE24WEIKkoXtvA6fK3QLkq\"}]}\r\ncf-ray: 9d40465429ebe0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":100978,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (48214)","md5":"347fde358585510327d4cbde65cdf27c","sha1":"bcc43085e2128b4b3f13b3e3cb2a5ed36de68fa9","sha256":"4cb419c9f2956a83ad68b8f5ddc2add8a7e1aad05d56254bdf8e345ce1d9c066","sha512":"4106a31be84ecfe3f80e2350266a55d60aebf4ef67f4794bac22a7ff7465ecc92da7e01db1ef5014c1c2139d8eac287ab732b72e82b25457e7cafc9f2655f36a","ssdeep":"1536:/2Caz/SCdwD7ZajZlO7jMMDWOx6uxG7k8UhVxSuS7XUF3waGBfGYBgEytq2bPVAV:OCaSlx5xG7NU+WEy1bPuv1K/XGd","tlshash":"15a34ad07196b46103a74ae008bf440bf239ac34200e565cf269ecde79b96e99277f7d","first_seen":"2026-02-24T14:23:51.189846Z","last_seen":"2026-02-26T17:03:57.755082Z","times_seen":4,"resource_available":true,"data":null}},"time_used":168,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":96,"receive":72,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/events-Bn7gRKKo.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.500Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/events-Bn7gRKKo.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m-galabet1123.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=4,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"17fd-tS/3I7ybaX1JRyB4J25+x9y/+PQ\"\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zGak%2Bcw3h%2BbqMCSOGGsN%2FoREuTvlX0Vm0tmqO4lF0QG05GWxGHeisxrkVbOKc23aN2EZgt%2FSp7y%2BMiR52At6%2FU%2FWKibZOoyC9zcCHLl0ppVM\"}]}\r\ncf-ray: 9d404655ea72e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":6141,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (6140)","md5":"090be51e82542a30e21e332ca13babfc","sha1":"b52ff723bc9b697d49472078276e7ec7dcbff8f4","sha256":"75312eb0c62a763d09fc4297b47a9432ff15df3e82e2398247716855e7d21583","sha512":"b8b9804b08e0ca7f898643e26e9277b1273e6a53b8a6dfc29f97ca560c5d4f91e23527d7120989911d65fdb3cfa467ddb2ae4986cd90f6adeff0cb8e406d66a1","ssdeep":"96:Pd9bkM29yWHs9qYfoJCOoRLRlqSpbDq6v3WZHbK3hMSNPaVqsVqH:P3IM2sWMtBq6n3PzH","tlshash":"27c143ccb38578b013e7d3abb07f520bf134a598740c5108b61aecf9696bd9a4126b78","first_seen":"2026-02-24T14:23:51.051447Z","last_seen":"2026-02-26T17:03:57.746676Z","times_seen":4,"resource_available":true,"data":null}},"time_used":106,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":105,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/FastTrackTracking-BNZErIta.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.868Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/FastTrackTracking-BNZErIta.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/assets/index-Dm17uEDJ.js\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=1772117635494; twk_idm_key=1j_Pbe3wZINlDTDhzscRH\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=3,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"52a-ID+LSbOKIKNMAl7iu1W5dkk6c+8\"\r\nage: 0\r\ncontent-encoding: br\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dv3Z46VIKi0u5iUeDi5g3mKltzB9nTyBXCpno01QhiGLvxViKUW3kgUePOHgFhjWn1OSEhQSbm1Qdsp2wKBbYauLzhNdmbzRodwhwiV91oTx\"}]}\r\ncf-ray: 9d404657db22e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":1322,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (1321)","md5":"1861326333be5ba0826cb14fc624519d","sha1":"203f8b49b38a20a34c025ee2bb55b976493a73ef","sha256":"51bf4e13eb7ae22577f81b7802fe6f66aba230e326f393a6593af81d306e496c","sha512":"8b7e06061c38400895b375cbece5a404410a986df6ad8dab6b4625d6bee1d6de78743cf69dc89fef75ca29971ab2b267bbefcfb468156737f1cd3b6e4fac0edb","ssdeep":"","tlshash":"1721530f80d443b478804d8da3dba261993e9975711ec4e1f07a0bad3f0ca66839ac97","first_seen":"2026-02-24T14:23:50.96774Z","last_seen":"2026-02-26T17:03:57.835165Z","times_seen":4,"resource_available":true,"data":null}},"time_used":104,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":104,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/userJWE-BFPhdtVH.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:56.472Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/userJWE-BFPhdtVH.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/assets/FastTrackTracking-BNZErIta.js\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=0; twk_idm_key=1j_Pbe3wZINlDTDhzscRH; twk_uuid_69345a05c4e6ba197aefa96c=%7B%22uuid%22%3A%221.92R1qCgyJWowz2iTiEpRwBM0xZehlrdmh8bxgIdk3R7rbioXvAdL6Ij0M1frbRAs6Dh30m1oA1FRvNd3M7KvvDyVS879Xvfp17FFvDm7hE25401h5GP6zS56Sncq%22%2C%22version%22%3A3%2C%22domain%22%3A%22m-galabet1123.com%22%2C%22ts%22%3A1772117636060%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:56 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=3,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"c1-uLiTEQmQR8VZPQfe1CMxM6ZxiAE\"\r\nage: 0\r\ncontent-encoding: br\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=VZucJlZCUf0CX0O%2Bqy361rIXzy%2BVgP6aJ64PIrcU6VWe1NVamz8oOB7T735qXWnjl2%2FpWyIucveDobXB1pQ2%2FbTukyMsHl0Iqh91LQjxD7lZ\"}]}\r\ncf-ray: 9d40465bbcaee0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":193,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text","md5":"61aca6b0f0e9aa3213323f0d42cf93c3","sha1":"b8b89311099047c5593d07ded4233133a6718801","sha256":"e5a44888979239c112e0fe094fec9a2b04b32f3c381b0b0b9c96ee9a843f7ad3","sha512":"a2f5abf9458a3a50960a852fcd13144ca1e36fe5ae42445706b382ee9d39dd8b291c120f60e6a8b4c5e0fce83b3c25361dfaaf27cb5552ed9555fc94996f9bdc","ssdeep":"","tlshash":"d6c0c0db4cc411f7c5582c441005ed13c7307914a3d8d3519b0cc3fe7a5500bf90ca10","first_seen":"2026-02-24T14:23:50.941413Z","last_seen":"2026-02-26T17:03:57.968001Z","times_seen":4,"resource_available":true,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.gstatic.com/recaptcha/releases/AWtrSI7lAmTAfV1rzWqEqz54/recaptcha__en.js","fqdn":"www.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.20.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:59.755Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 08:40:56 GMT","end":"Mon, 20 Apr 2026 08:40:55 GMT"},"fingerprint":{"sha1":"C0:70:82:EC:9D:28:B5:4B:51:02:7A:C7:BE:63:94:B1:DC:64:29:FF","sha256":"5E:E3:2A:C0:F5:10:AE:D1:9D:11:A4:88:D0:66:44:3B:31:B7:05:05:0D:A7:35:66:17:B5:35:88:23:3C:E3:F1"}}},"request":{"raw":"GET /recaptcha/releases/AWtrSI7lAmTAfV1rzWqEqz54/recaptcha__en.js HTTP/1.1\r\nHost: www.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m-galabet1123.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha-scs\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"recaptcha-scs\"\r\nreport-to: {\"group\":\"recaptcha-scs\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/recaptcha-scs\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 367429\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 24 Feb 2026 22:50:52 GMT\r\nexpires: Wed, 24 Feb 2027 22:50:52 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Tue, 24 Feb 2026 17:02:26 GMT\r\ncontent-type: text/javascript\r\nvary: Accept-Encoding\r\nage: 144187\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":861792,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (586)","md5":"5d76c1cd54bfa6d632bdce4917dabe51","sha1":"8e6de70150687c9f54210ea7887f8d72a36a398c","sha256":"abcf7e70c37225416bc5c4dab4beb331be3e0a7fa478e267224af9b0d4c6855c","sha512":"558cc2e5c5baa8f91f3882ed43e1ad9241f88997d78cf53e5f70d3382eb3c661a5152fc05546baf9214c3db7e635ef3d38ddb5d1a8da00015dde503b32833e36","ssdeep":"12288:3XOybJb8FoAZFOlhDN4/6M4peznNwcLXtsnKrfPSekrMj1EL95LnAF+Om1L:sR46necLXz6kw5bM+n","tlshash":"12054adc75427661c322fcf6a067204ca37d95aac49c191db19ad8f02fb190da07afb7","first_seen":"2026-02-25T19:48:53.036897Z","last_seen":"2026-05-11T00:14:47.527289Z","times_seen":8685,"resource_available":true,"data":null}},"time_used":188,"timings":{"blocked":66,"dns":2,"connect":8,"send":0,"wait":9,"receive":45,"ssl":54},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gstatic.com/recaptcha/api2/logo_48.png","fqdn":"www.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.20.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.recaptcha.net/recaptcha/api2/anchor?ar=1\u0026k=6LcKXcgUAAAAABnErUWDwYMpRiWUfgDhsWTkyPIJ\u0026co=aHR0cHM6Ly9tLWdhbGFiZXQxMTIzLmNvbTo0NDM.\u0026hl=en\u0026v=AWtrSI7lAmTAfV1rzWqEqz54\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=30000\u0026cb=6cuqg1jf8bo2","date":"2026-02-26T14:54:00.686Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 08:40:56 GMT","end":"Mon, 20 Apr 2026 08:40:55 GMT"},"fingerprint":{"sha1":"C0:70:82:EC:9D:28:B5:4B:51:02:7A:C7:BE:63:94:B1:DC:64:29:FF","sha256":"5E:E3:2A:C0:F5:10:AE:D1:9D:11:A4:88:D0:66:44:3B:31:B7:05:05:0D:A7:35:66:17:B5:35:88:23:3C:E3:F1"}}},"request":{"raw":"GET /recaptcha/api2/logo_48.png HTTP/1.1\r\nHost: www.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.gstatic.com/recaptcha/releases/AWtrSI7lAmTAfV1rzWqEqz54/styles__ltr.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha-scs\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"recaptcha-scs\"\r\nreport-to: {\"group\":\"recaptcha-scs\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/recaptcha-scs\"}]}\r\ncontent-length: 2228\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 26 Feb 2026 08:38:19 GMT\r\nexpires: Thu, 05 Mar 2026 08:38:19 GMT\r\ncache-control: public, max-age=604800\r\nlast-modified: Tue, 03 Mar 2020 20:15:00 GMT\r\ncontent-type: image/png\r\nage: 22541\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2228,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced","md5":"ef9941290c50cd3866e2ba6b793f010d","sha1":"4736508c795667dcea21f8d864233031223b7832","sha256":"1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a","sha512":"a0c69c70117c5713caf8b12f3b6e8bbb9cdaf72768e5db9db5831a3c37541b87613c6b020dd2f9b8760064a8c7337f175e7234bfe776eee5e3588dc5662419d9","ssdeep":"","tlshash":"c34149bb68287f1be14b501d319001e4b5bb891327c8f24180bf974e4662eaad10f118","first_seen":"2023-04-05T07:17:57Z","last_seen":"2026-06-08T12:34:47.753092Z","times_seen":648634,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/___vite-browser-external_commonjs-proxy-A4ecGj_W.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.408Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/___vite-browser-external_commonjs-proxy-A4ecGj_W.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/assets/WagmiConf-DcRD12Of.js\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=1772117635394; twk_idm_key=1j_Pbe3wZINlDTDhzscRH\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=3,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"b2-QM+wmhU62+2MgqFzZ/0RSwzshfU\"\r\nage: 0\r\ncontent-encoding: br\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ua7BtFbwgcFggymelz8po0yIk4ZYQBikKzlXaQMhek%2FdyRyqo1jSLDEvlbunL10g16u7AbdMI6FzMVy2hDGPgVfZNZWDDAjncTu%2B7fe9oEPO\"}]}\r\ncf-ray: 9d4046555a41e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":178,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text","md5":"b0079630f69a9e2cdbe4b40abd97bff7","sha1":"40cfb09a153adbed8c82a17367fd114b0cec85f5","sha256":"63d661545d56e99771af0791fb8d64df0442fa66bf15c3cd130a4b9554809a5b","sha512":"df1a0c04bb298ac8e6b2bbe3f4b791a1d97597cebd1dfe507bebb9c6024dc97086dc2dc32eb2eb4add9184364d7c1ab3ba24eb3a6024a0c522b3963e0735fe78","ssdeep":"","tlshash":"63c080451a54ecb052871d828a159402d94c8d6d73f4f9d1bb4d8d55060258b627cf57","first_seen":"2026-02-24T14:23:50.964464Z","last_seen":"2026-02-26T17:03:57.910946Z","times_seen":4,"resource_available":true,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"statistics.btcoservice27.com/images/e/s/0/406.png","fqdn":"statistics.btcoservice27.com","domain":"btcoservice27.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:58.167Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"btcoservice27.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 09:41:42 GMT","end":"Sun, 26 Apr 2026 10:41:35 GMT"},"fingerprint":{"sha1":"81:21:C1:62:6C:B3:8C:D6:3B:78:1C:03:98:EB:E4:B5:0B:08:13:4C","sha256":"86:BF:9F:A3:FE:30:F5:BD:7B:AD:63:3C:D7:11:72:E8:91:A7:06:23:A8:B5:1E:96:CD:28:18:3E:4C:48:4C:86"}}},"request":{"raw":"GET /images/e/s/0/406.png HTTP/1.1\r\nHost: statistics.btcoservice27.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:58 GMT\r\ncontent-type: image/png\r\ncontent-length: 1214\r\nserver: cloudflare\r\nlast-modified: Tue, 17 Sep 2019 11:05:29 GMT\r\netag: \"2c5057d1476dd51:0\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\nx-powered-by: ASP.NET\r\nexpires: Fri, 27 Mar 2026 20:17:18 GMT\r\ncache-control: max-age=2592000\r\npragma: public\r\nx-cache: MISS\r\naccept-ranges: bytes\r\nage: 66999\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nset-cookie: __cf_bm=TCSflnLiOAv_aMXZjQxgIbKVRu5rPRGaV7le8bOHN.c-1772117638.1366086-1.0.1.1-lbCstx4M8uX_JacNUxPU5yaMAlD6xPtbxp52ME8grwlZa2oVfwlKUG0srEpqbqWa6wieMPnM99r5vo1DvWpMeTZxWmu3x_RMsiZ5STkkH3q1CZi3rhxg33Dki2Nj4DdY; HttpOnly; Secure; Path=/; Domain=btcoservice27.com; Expires=Thu, 26 Feb 2026 15:23:58 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0njeLR8UQ1lZJUulD4Do%2BwF18Hth6F75vn1xCpWyOVQuE5aaI6rrzPusmEJtarV%2BxbL95tzeepT20XhWdRhoJBBRGAvgICakOdqswe8VDkOSqKz2q5qw2nrOeqM%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d4046665e284c11-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":1214,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced","md5":"f27d1089064588a58716b46e852aefa8","sha1":"611252f39196be7d9ec55e4e06b61c91b0dbf989","sha256":"2796385e12ccc5245fa52e4e2a23c1a740f11ee2ca1fd93a5105f363bb5667ac","sha512":"54c869ca1eaf6b74d66c96874e16640e6402fca1a7c3ad1d0729f8fe1e08eecfe619f6aa0a905430f6b35e72c2dd7d80146a66d755f5f1cc000210120eedbdeb","ssdeep":"","tlshash":"2f210ab4cf7cfc37d8599e1f210b4a98dd0e201c9138900c4678d1a09c28595cc17885","first_seen":"2023-11-27T06:31:39Z","last_seen":"2026-05-22T06:52:51.86192Z","times_seen":204,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statistics.btcoservice27.com/images/e/s/0/455.png","fqdn":"statistics.btcoservice27.com","domain":"btcoservice27.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:58.186Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"btcoservice27.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 09:41:42 GMT","end":"Sun, 26 Apr 2026 10:41:35 GMT"},"fingerprint":{"sha1":"81:21:C1:62:6C:B3:8C:D6:3B:78:1C:03:98:EB:E4:B5:0B:08:13:4C","sha256":"86:BF:9F:A3:FE:30:F5:BD:7B:AD:63:3C:D7:11:72:E8:91:A7:06:23:A8:B5:1E:96:CD:28:18:3E:4C:48:4C:86"}}},"request":{"raw":"GET /images/e/s/0/455.png HTTP/1.1\r\nHost: statistics.btcoservice27.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:58 GMT\r\ncontent-type: image/png\r\ncontent-length: 980\r\nserver: cloudflare\r\nlast-modified: Tue, 17 Sep 2019 06:22:05 GMT\r\netag: \"2c16b939206dd51:0\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\nx-powered-by: ASP.NET\r\nexpires: Fri, 27 Mar 2026 14:11:25 GMT\r\ncache-control: max-age=2592000\r\npragma: public\r\nx-cache: MISS\r\naccept-ranges: bytes\r\nage: 88952\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nset-cookie: __cf_bm=hGwbqHJQfNgtvUyvzjdQrKZeY.LuDPJ06FH1Pksk9mM-1772117638.1554294-1.0.1.1-7hnJKU514RQtrArN_RwdzctJKxDXUF7jlbt6SNqcE1Hcmq8lLJZyPPuDkT3s99ED.zdXd6x.bLxP03jcvA3oll3J7WiQzhEGWGacsDEDxzqc9OBsPCb2qlFgirr1cunD; HttpOnly; Secure; Path=/; Domain=btcoservice27.com; Expires=Thu, 26 Feb 2026 15:23:58 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DG%2FhFpKRPYz4VQP%2BlfG0cwsYeVymfSVXuo89%2FRg5Qf6G%2FQlOzIrkEo%2BJyN14QNOgR9N281RPiSPvrMpClf%2FfRLnTdJtz%2FhrVijKtdWrXNoORKRW16QMY%2FeBPl%2BY%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d4046667ef54c11-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]}],"data":{"size":980,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced","md5":"f9e140eafd898f6be86344374a5856c1","sha1":"0ac8944b7c107dd60b898aa8bdd4c87a9681f57f","sha256":"3705c63d8ff3dde095a8c81da9455dbcf2dafb03a827895a08bdeac7e4612c57","sha512":"11a210d89de10b66943ba7379a076de3857021e7a82e1183c261b990524b8d278915ed98477b4798aade64d8761a3660fb8c029176c6e2d0eb5caffc7830c0fa","ssdeep":"","tlshash":"c91194ab1b45ac64c08dec0716974ad2eac313a849cf52456a55f816565a1a0f48372d","first_seen":"2023-10-14T20:01:15Z","last_seen":"2026-05-16T01:11:24.774364Z","times_seen":220,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/LiveChatInc-OVRSkU-M.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.857Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/LiveChatInc-OVRSkU-M.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m-galabet1123.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=4,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"b68-u9zW9EjILAcuyKhar5S8lTW2WtU\"\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=w08eT2lIQc7LeFPC%2FovLJK%2BZwXwEd8RfyyaZPVKHaid6Bpu%2BfqAXcYnSTv20MiQmMpsImmtETzLwRq0eEZVe48Xcwp5PwZKgioO04bDjgziO\"}]}\r\ncf-ray: 9d404657db16e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":2920,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (2919)","md5":"386e892ab3803bf0ef0d5646d2308a0e","sha1":"bbdcd6f448c82c072ec8a85aaf94bc9535b65ad5","sha256":"e552579fd260888f85f2e29cd20c8c273cc94ffca451e80d79fce5f624465b54","sha512":"ffe631aa185f8a9db4a51fccbccee3cf40be2ffa228698cefb5d720f76cd3046f3858f6495c556212e84cc1454ec249017eb94c7a452a72f67f7e6bacbe635fe","ssdeep":"","tlshash":"975134dec43cb8b092aa67d1323f7b5f711a571ad4008d31656c4b0af61e4cbc467aca","first_seen":"2026-02-24T14:23:50.94711Z","last_seen":"2026-02-26T17:03:57.958513Z","times_seen":4,"resource_available":true,"data":null}},"time_used":109,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":109,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1052.com/svg/Promotion2.json","fqdn":"icons.galabet1052.com","domain":"galabet1052.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.705Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1052.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:14:03 GMT","end":"Sun, 24 May 2026 11:13:59 GMT"},"fingerprint":{"sha1":"3B:14:63:FD:4D:69:AD:3E:AE:90:AC:62:75:5F:1C:3B:40:70:81:66","sha256":"67:D1:79:82:FD:52:DC:63:91:45:A6:57:3E:F7:D3:BE:95:EE:80:07:4E:A0:E0:43:F1:1C:9D:1B:E1:2E:48:79"}}},"request":{"raw":"GET /svg/Promotion2.json HTTP/1.1\r\nHost: icons.galabet1052.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m-galabet1123.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nlast-modified: Mon, 30 Jun 2025 11:14:12 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=KXvGWDkewWYAWqXd4HCITjGPnI6cc767Zy.AE81TjGQ-1772117635.8098183-1.0.1.1-Kwf.UPXpSdlgfDvZJoePoGeqoWgmwt.IDVw1M74DMmhBc21LR2v1D17B9NGgIBetBogffBWE4Bbwab_1x23NC1AL8labz.6VjeNUBmsNWzEsp4IByFL8J2u.uFHxY1pg; HttpOnly; Secure; Path=/; Domain=galabet1052.com; Expires=Thu, 26 Feb 2026 15:23:55 GMT\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3GusoZbroC1%2FOCQ2KbCy03ZW2WCuo0xl89ki0n9Z6nl1%2Fuh10N8RfeaCcCY3LEZdUCL%2B0rutNFMi8wBFs2oGAWIFz79iEdlOMQUXwv6Tsp04r%2FIKLA%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\netag: W/\"68627184-382\"\r\ncontent-encoding: br\r\ncf-ray: 9d404657cb174c11-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":898,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"31cbecb2c7e793078b4a8e43100c2e33","sha1":"e073b0e09fcd4244f6c86b8f22206a46c4af9f3c","sha256":"a7ec0feda0f0f44aecb09628876438cf31a3d33de7393d25fc1b39d6251bf104","sha512":"6762313ddd6985ca71ea5e90b3a05664d0d1a3cebfafa6da07ebff76f62a3c9634d17ac226a4fabdc606ddc5c7c7adbb4628f3e0c8a30d5e5f96e574266d2242","ssdeep":"","tlshash":"7a11cce88739e7b438cd1f4f9a3d4dcf3614261a683de034e73eb9c4a61391c652119a","first_seen":"2025-07-08T23:44:04.701479Z","last_seen":"2026-06-04T03:51:32.489182Z","times_seen":177,"resource_available":false,"data":null}},"time_used":307,"timings":{"blocked":101,"dns":31,"connect":1,"send":0,"wait":92,"receive":0,"ssl":58},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/CasinoPromotedGamesWidget.C4EXhwOE.css","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:56.395Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/CasinoPromotedGamesWidget.C4EXhwOE.css HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/tr/\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=0; twk_idm_key=1j_Pbe3wZINlDTDhzscRH; twk_uuid_69345a05c4e6ba197aefa96c=%7B%22uuid%22%3A%221.92R1qCgyJWowz2iTiEpRwBM0xZehlrdmh8bxgIdk3R7rbioXvAdL6Ij0M1frbRAs6Dh30m1oA1FRvNd3M7KvvDyVS879Xvfp17FFvDm7hE25401h5GP6zS56Sncq%22%2C%22version%22%3A3%2C%22domain%22%3A%22m-galabet1123.com%22%2C%22ts%22%3A1772117636060%7D\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:56 GMT\r\ncontent-type: text/css\r\npriority: u=2,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"afd-CkeK2gVfA+RXSJTY/WuG7TDVMk0\"\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kEDe0LN9LvZh0A1Uo9Xuti4EJ5bi6L0szundfNlBLoiFP8J%2FxUs8hjmPjwkxZxeu3LpG3W25pSerFDBsYZYwAw%2FM1IccLUhvOJ1ZmOtH8od0\"}]}\r\ncf-ray: 9d40465b3c58e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":2813,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2812)","md5":"09fc6c8eb905c21c7a4d044090184cd9","sha1":"0a478ada055f03e4574894d8fd6b86ed30d5324d","sha256":"d1f596a53ce4b0c43d20611ff931c0858b5d6c4c987b2b546269e639543dc878","sha512":"6811084eefb8629224c5ae7d6806c7f2b220d131a02f0c1a0c44067d684da4c1676d4aaccf513bcca338af6608ba085696056a3b70ebd6274ca6992035c3772d","ssdeep":"","tlshash":"6451250f445b273af1134e60a2bd5ed66acb491bca3b4b7cacd86157c3096c2607397a","first_seen":"2025-12-25T01:12:57.08487Z","last_seen":"2026-05-26T00:51:05.438146Z","times_seen":291,"resource_available":false,"data":null}},"time_used":121,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":121,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"wss","addr":"m-galabet1123.com/__swarm/rgs-wss/jackpot","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:57.568Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /__swarm/rgs-wss/jackpot HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://m-galabet1123.com\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: lWtqQ42W+Y4NwhwUS9t/0g==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=0; twk_idm_key=1j_Pbe3wZINlDTDhzscRH; twk_uuid_69345a05c4e6ba197aefa96c=%7B%22uuid%22%3A%221.92R1qCgyJWowz2iTiEpRwBM0xZehlrdmh8bxgIdk3R7rbioXvAdL6Ij0M1frbRAs6Dh30m1oA1FRvNd3M7KvvDyVS879Xvfp17FFvDm7hE25401h5GP6zS56Sncq%22%2C%22version%22%3A3%2C%22domain%22%3A%22m-galabet1123.com%22%2C%22ts%22%3A1772117636060%7D\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 101 Switching Protocols\r\nDate: Thu, 26 Feb 2026 14:53:58 GMT\r\nConnection: upgrade\r\nUpgrade: websocket\r\nSec-WebSocket-Accept: FOEt1z3lBQDyu3rXvN/jIaToIVA=\r\ncf-cache-status: DYNAMIC\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=BpICnlO46NUgbd%2FS6tXPLoXPHo3Vhib%2BgVJuJm0MI5gcQwZTQDEI5vAgDlWUD%2F987oG6TNDhBriuwd3WzlX4vR%2FPBS%2F2cTM1N5Qopu2DC%2BU5V2h%2BO1N5m4kjct0W7sGIbJYMUQ%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: 9d4046630b65e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=7763\u0026min_rtt=7745\u0026rtt_var=2210\u0026sent=4\u0026recv=7\u0026lost=0\u0026retrans=0\u0026sent_bytes=2436\u0026recv_bytes=1710\u0026delivery_rate=369576\u0026cwnd=52\u0026unsent_bytes=0\u0026cid=165b4448f1ac9715\u0026ts=722\u0026x=0\"\r\n\r\n","headers":null,"cookies":null,"status_code":"101","status_text":"Switching Protocols","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T13:34:10.574604Z","times_seen":16240797,"resource_available":true,"data":null}},"time_used":741,"timings":{"blocked":0,"dns":1,"connect":8,"send":0,"wait":710,"receive":0,"ssl":22},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"statistics.btcoservice27.com/images/e/s/0/401.png","fqdn":"statistics.btcoservice27.com","domain":"btcoservice27.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:58.177Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"btcoservice27.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 09:41:42 GMT","end":"Sun, 26 Apr 2026 10:41:35 GMT"},"fingerprint":{"sha1":"81:21:C1:62:6C:B3:8C:D6:3B:78:1C:03:98:EB:E4:B5:0B:08:13:4C","sha256":"86:BF:9F:A3:FE:30:F5:BD:7B:AD:63:3C:D7:11:72:E8:91:A7:06:23:A8:B5:1E:96:CD:28:18:3E:4C:48:4C:86"}}},"request":{"raw":"GET /images/e/s/0/401.png HTTP/1.1\r\nHost: statistics.btcoservice27.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:58 GMT\r\ncontent-type: image/png\r\ncontent-length: 1425\r\nserver: cloudflare\r\nlast-modified: Wed, 18 Apr 2018 11:33:24 GMT\r\netag: \"5532ebf9d7d31:0\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\nx-powered-by: ASP.NET\r\nexpires: Fri, 27 Mar 2026 20:17:18 GMT\r\ncache-control: max-age=2592000\r\npragma: public\r\nx-cache: MISS\r\naccept-ranges: bytes\r\nage: 66999\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nset-cookie: __cf_bm=Pry0cbxS8j2Lyv5ssp2BSYFyTOfkO2sW5glpfEkstYo-1772117638.1434028-1.0.1.1-eP02rDszcfoxmBswOlAzD2B2gHekM9gOwTG0Hp3Hnoy.S0Nnhq9dbmj33nzqdqtCbqy9uIJ.PjCKyqj4DLjqIKajH8JqEl7TR2rh4DGC0ezWk6uKqtviERAQ3CadUuka; HttpOnly; Secure; Path=/; Domain=btcoservice27.com; Expires=Thu, 26 Feb 2026 15:23:58 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BBVfEpGMvJj%2Bouo2g0XX8OJPk6gM4wcqAp%2FLQd%2F9jFOVDSbWAbwj7UPiG7vwBwEvSn0T3kvCqgx5OyrSN3DIL3w7I00pinuwhPJA3MwUt9mpAwQkJl%2Fjjwd2tEc%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d4046666e854c11-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":1425,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced","md5":"8cc4e1601b8a75ae9d499e4a0e352b0f","sha1":"87031934720034de74987df9aea1bd94813efdf7","sha256":"c9533f86b377a63e9568d35b40836f86966d477596704315d90e2a07af2e5c7e","sha512":"6a28c9be4e0a3ef7e699b61356d58d39dabf3112c5eb210a38b892d784f4a5fafd77b19c194b394bdc3db5f25f65ecc778d667eeb4bace4576ad82ca1410b17e","ssdeep":"","tlshash":"72213ef1d456572fd79e90deb47f67e1f6cd751d000542da00496c45c4f6548044c512","first_seen":"2024-09-19T20:43:47.556193Z","last_seen":"2026-05-22T06:52:51.847735Z","times_seen":256,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.livechatinc.com/v3.6/customer/action/get_configuration?organization_id=ff83b5d6-c81b-46ff-a19f-41e5f7ea1cdf\u0026version=229.0.2.32.102.88.2.3.2.203.2.9.8\u0026x-region=us-south1\u0026group_id=0\u0026jsonp=__lc_static_config","fqdn":"api.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"2.22.225.11","port":443,"asn":20940,"as":"Akamai International B.V.","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:58.487Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"livechat.com","organization":"LIVECHAT, INC."},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 11 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"66:A3:6F:A0:92:9E:A2:01:91:16:68:AA:27:A9:41:28:FC:25:27:68","sha256":"03:FC:5A:F6:F7:06:15:5B:0F:31:DB:6C:4E:D7:E4:1B:69:80:1F:C3:5A:E3:85:5A:FF:8D:22:81:92:ED:25:2F"}}},"request":{"raw":"GET /v3.6/customer/action/get_configuration?organization_id=ff83b5d6-c81b-46ff-a19f-41e5f7ea1cdf\u0026version=229.0.2.32.102.88.2.3.2.203.2.9.8\u0026x-region=us-south1\u0026group_id=0\u0026jsonp=__lc_static_config HTTP/1.1\r\nHost: api.livechatinc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=UTF-8\r\ncross-origin-resource-policy: cross-origin\r\nvary: Accept-Encoding\r\ncontent-length: 1815\r\ncache-control: public, max-age=600\r\nexpires: Thu, 26 Feb 2026 15:03:58 GMT\r\ndate: Thu, 26 Feb 2026 14:53:58 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6005,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Unicode text, UTF-8 text, with very long lines (5983), with no line terminators","md5":"0ac92ab9fff56f2073f6e72a454203dd","sha1":"8575c778663d234bbc32f12789f467ab0db4565d","sha256":"dbe3fb785ce08fc1eeef82c79f22d3919fa6bf2f5afdcf559943f59a6da3c0b0","sha512":"67374c99e4e85cba72cb7a8578eaa34ad6b7b2626540ce491c69074fe293a4fa45917ff745ee87ad6c404b09e685dd7df79cae8deb2a1c15e878e136c8e82081","ssdeep":"96:80hUsXhUA4hUwhUNy1o3acJlt017gWrZSN+/9YXtJ/xN7QcGIIKTe3+/vCaq:FGsXGA4GwGWgSZTqQ1Ih6iKn","tlshash":"56c16526835fc8bbb377915a62cbb70e31185079b4f8593fe474ca70b2861c7d206d9a","first_seen":"2026-02-26T14:54:53.881999Z","last_seen":"2026-02-26T17:03:57.981923Z","times_seen":2,"resource_available":true,"data":null}},"time_used":179,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"events.eu1.segmentapis.com/v1/p","fqdn":"events.eu1.segmentapis.com","domain":"segmentapis.com","tld":"com"},"ip":{"addr":"52.49.32.105","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:54:03.020Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"events.eu1.segmentapis.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Fri, 09 May 2025 00:00:00 GMT","end":"Sun, 07 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"6E:BE:8C:EC:AA:F0:8A:50:90:0A:E6:C9:91:BD:26:DE:D2:1F:39:C7","sha256":"F9:2D:36:7B:E1:0F:B9:06:71:4E:07:2E:BF:99:BD:75:4E:49:9F:E6:06:C2:E7:98:EB:1F:A5:83:10:CB:27:41"}}},"request":{"raw":"POST /v1/p HTTP/1.1\r\nHost: events.eu1.segmentapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m-galabet1123.com/\r\nContent-Type: text/plain\r\nContent-Length: 790\r\nOrigin: https://m-galabet1123.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":790,"data":"{\"timestamp\":\"2026-02-26T14:54:02.918Z\",\"integrations\":{},\"type\":\"page\",\"properties\":{\"path\":\"/tr/\",\"referrer\":\"\",\"search\":\"\",\"title\":\"1 yeni mesaj\",\"url\":\"https://m-galabet1123.com/tr/\"},\"context\":{\"page\":{\"path\":\"/tr/\",\"referrer\":\"\",\"search\":\"\",\"title\":\"1 yeni mesaj\",\"url\":\"https://m-galabet1123.com/tr/\"},\"userAgent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"locale\":\"en-US\",\"library\":{\"name\":\"analytics.js\",\"version\":\"next-1.81.0\"},\"timezone\":\"UTC\"},\"messageId\":\"ajs-next-1772117642918-49d3e41a-179c-42f1-8ccb-c160c2181e2c\",\"anonymousId\":\"d3e41a17-9c52-414c-8bc1-60c2181e2cad\",\"writeKey\":\"lilPWXhBdHIJK2XkMZqV7SFa8UZQZd0D\",\"userId\":null,\"sentAt\":\"2026-02-26T14:54:03.015Z\",\"_metadata\":{\"bundled\":[\"Segment.io\"],\"unbundled\":[],\"bundledIds\":[]}}"}},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 26 Feb 2026 14:54:03 GMT\r\ncontent-type: application/json\r\ncontent-length: 21\r\naccess-control-allow-origin: https://m-galabet1123.com\r\nstrict-transport-security: max-age=31536000\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":21,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"90749a50019a27e1f32cebdbaa7a1bc1","sha1":"8329e3339f928f8591024bb0f938dab99c0ad4b8","sha256":"12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254","sha512":"b3959e671f729eda8aba59886df18c60ed5a768a3357dc09b29069b0da9c9fad7073d0072dc47f3ecfdc945351fe82ad3b653dd5d79d01096e5ae8bb42af2bcc","ssdeep":"","tlshash":"b8700022000000b200a0b0020028a802a8a08c0880820028c00a000a8a022802082008","first_seen":"2023-04-06T01:58:03Z","last_seen":"2026-06-08T10:54:21.43269Z","times_seen":6924,"resource_available":false,"data":null}},"time_used":342,"timings":{"blocked":153,"dns":6,"connect":35,"send":0,"wait":36,"receive":0,"ssl":108},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"explorer-api.walletconnect.com/w3m/v1/getWalletImage/e30d09fe-c0dd-4b61-81e2-d6dc09eb9700?projectId=45f4062f4f6427f9e6eab952d2452b3c\u0026sdkType=w3m\u0026sdkVersion=js-2.7.1","fqdn":"explorer-api.walletconnect.com","domain":"walletconnect.com","tld":"com"},"ip":{"addr":"172.66.147.126","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:57.105Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"walletconnect.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 05 Feb 2026 12:00:46 GMT","end":"Wed, 06 May 2026 13:00:31 GMT"},"fingerprint":{"sha1":"0B:75:F6:C4:1F:5C:D6:FA:A0:CD:3E:89:69:B2:43:70:98:34:EB:71","sha256":"A7:6F:DB:DB:DF:40:40:BC:E0:FA:21:6A:0A:3B:17:05:37:B7:17:6E:6E:BC:B2:89:3D:F4:E2:7C:EB:48:E6:5E"}}},"request":{"raw":"GET /w3m/v1/getWalletImage/e30d09fe-c0dd-4b61-81e2-d6dc09eb9700?projectId=45f4062f4f6427f9e6eab952d2452b3c\u0026sdkType=w3m\u0026sdkVersion=js-2.7.1 HTTP/1.1\r\nHost: explorer-api.walletconnect.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m-galabet1123.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:57 GMT\r\ncontent-type: image/webp\r\ncontent-length: 2472\r\ncf-ray: 9d40465fec658a18-ARN\r\ncf-cache-status: HIT\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=86400\r\netag: \"cfSFghIByqO-qpSeiAGASfCVErfmDcyauXnchu_YTSDQ\"\r\nserver: cloudflare\r\nvary: Accept\r\nx-wc-r2-status: HIT\r\ncf-bgj: imgq:86,h2pri\r\ncf-images: internal=ok/- q=0 n=17+5 c=0+4 v=2025.5.1 l=2472 f=false c2=0\r\ncontent-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'\r\nx-content-type-options: nosniff\r\nx-robots-tag: noindex\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2472,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 120x120, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"c9bbc32ce28fd80253987f2e1f0be287","sha1":"ac50a6c9aaaa9a3fd32f610e9858fecee25be6dc","sha256":"9b9632ed8ef4f6d25483053b956d22184ee488efd3f8c22e0ef2626b974475cd","sha512":"5863d7231d17d3edf58896ef5332bb631d9a5c27d06fb934be7653a6847b8918e92ccb66090e97c8b96f5bd51b3c9ae112d2c4eb9407cfe8f617da98ea3d3dd0","ssdeep":"","tlshash":"f8513b2e28bac5e8bedcb4ce2f90883a3283b7511ad4c45552d80854e35fb41a1db0d8","first_seen":"2025-03-01T08:57:15.902828Z","last_seen":"2026-06-08T09:35:28.594586Z","times_seen":2665,"resource_available":false,"data":null}},"time_used":456,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":456,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/userJWE-BFPhdtVH.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.837Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/userJWE-BFPhdtVH.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m-galabet1123.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=4,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"c1-uLiTEQmQR8VZPQfe1CMxM6ZxiAE\"\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ApKPZpu2M1M2YTK%2F5yetd3l5gsU2BXBimBh7AKB8kbMwUWoXCUmvf%2BGf7ufBd9ZG6Rb7tARvFGYXPyY2%2BuOYTgifC1%2Fl9IEyNWXIez9%2B43%2Ft\"}]}\r\ncf-ray: 9d404657cb0fe0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":193,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text","md5":"61aca6b0f0e9aa3213323f0d42cf93c3","sha1":"b8b89311099047c5593d07ded4233133a6718801","sha256":"e5a44888979239c112e0fe094fec9a2b04b32f3c381b0b0b9c96ee9a843f7ad3","sha512":"a2f5abf9458a3a50960a852fcd13144ca1e36fe5ae42445706b382ee9d39dd8b291c120f60e6a8b4c5e0fce83b3c25361dfaaf27cb5552ed9555fc94996f9bdc","ssdeep":"","tlshash":"d6c0c0db4cc411f7c5582c441005ed13c7307914a3d8d3519b0cc3fe7a5500bf90ca10","first_seen":"2026-02-24T14:23:50.941413Z","last_seen":"2026-02-26T17:03:57.968001Z","times_seen":4,"resource_available":true,"data":null}},"time_used":115,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":115,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1052.com/svg/Casino.json","fqdn":"icons.galabet1052.com","domain":"galabet1052.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.714Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1052.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:14:03 GMT","end":"Sun, 24 May 2026 11:13:59 GMT"},"fingerprint":{"sha1":"3B:14:63:FD:4D:69:AD:3E:AE:90:AC:62:75:5F:1C:3B:40:70:81:66","sha256":"67:D1:79:82:FD:52:DC:63:91:45:A6:57:3E:F7:D3:BE:95:EE:80:07:4E:A0:E0:43:F1:1C:9D:1B:E1:2E:48:79"}}},"request":{"raw":"GET /svg/Casino.json HTTP/1.1\r\nHost: icons.galabet1052.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m-galabet1123.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nlast-modified: Thu, 03 Jul 2025 10:12:07 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=E0hVuP1Jq_ZWvaM_1sy_H2KE.jIjsj6m9f9s8dtjxEE-1772117635.8142166-1.0.1.1-HpvZnXBlJ1JuxkG3Yu8iOw.DW.korjJAaR57a0oW3XznqVNnSk.CPg8cruUDHA7h996oVuqUPrqjBuA4jOqMAodXhZKrePd5ygthyTeE5hiF17uf5PTyc_wmo0_yZKt8; HttpOnly; Secure; Path=/; Domain=galabet1052.com; Expires=Thu, 26 Feb 2026 15:23:55 GMT\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wfkYJFQT3orRUOWXv2qQNIHPV0uFwL9ZHY9z07q8orj5r9EtR4B9pzGr82ONCszYMNfV9kP9nikJ6KKixt9D%2BEmyTDzbNRzbxH5vDL3gB1rQEfVZLg%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\netag: W/\"68665777-50e\"\r\ncontent-encoding: br\r\ncf-ray: 9d404657db3e4c11-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":1294,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"3df444684921a4a44f2dbdf6aee0972a","sha1":"f0110696848649c2c94de0765f5b22b4617ffe66","sha256":"d4f76e693c5a014a2184795ea113ff8f42a1f7196243728ee128fe81ed5b30c0","sha512":"bc7fb348d4746e017aa074bae5f3b106d6a3db9c1581876ba7db93537b1a4643a8c2695b424ae4d584d03664bfdafe1b3477134f7bc6f5bc142f8a5aa54fd4cd","ssdeep":"","tlshash":"1921dc3d470289f86e455db5e43a0934c69d817ab1c2479cf23eca2277220d8c7ce468","first_seen":"2025-08-22T01:08:50.698252Z","last_seen":"2026-05-24T21:43:33.820208Z","times_seen":93,"resource_available":false,"data":null}},"time_used":298,"timings":{"blocked":98,"dns":24,"connect":3,"send":0,"wait":88,"receive":0,"ssl":53},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1052.com/svg/LiveCasino1.json","fqdn":"icons.galabet1052.com","domain":"galabet1052.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.715Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1052.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:14:03 GMT","end":"Sun, 24 May 2026 11:13:59 GMT"},"fingerprint":{"sha1":"3B:14:63:FD:4D:69:AD:3E:AE:90:AC:62:75:5F:1C:3B:40:70:81:66","sha256":"67:D1:79:82:FD:52:DC:63:91:45:A6:57:3E:F7:D3:BE:95:EE:80:07:4E:A0:E0:43:F1:1C:9D:1B:E1:2E:48:79"}}},"request":{"raw":"GET /svg/LiveCasino1.json HTTP/1.1\r\nHost: icons.galabet1052.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m-galabet1123.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nlast-modified: Mon, 30 Jun 2025 11:11:39 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=_1frP4vAbyUVN7HF.lNQwdkti44zdVbgn_jLkByC1WA-1772117635.8161316-1.0.1.1-xjsWS4JSqNROE3WAsfgzoTlr_dSOGHhEo4XkZ8JtvwPf7ljZTjkJ6PcrKW5ql_a39_3iAjA2plgnca34bz0.FpDCMWHquVkKZ6mxYII4SMxicYyNMwNUB_ErnpsqN.6n; HttpOnly; Secure; Path=/; Domain=galabet1052.com; Expires=Thu, 26 Feb 2026 15:23:55 GMT\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jS%2Bvl6QhQSdEvymY9auCp0Ix9RJh2MUkfr7Zai5WS86316E9rVEg3kIPDnXf7z0X9W7tZIuWdU8xjWFVQwCHGM12tjpd4723%2F2VfUYRIZKcgmghLIQ%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\netag: W/\"686270eb-5d7\"\r\ncontent-encoding: br\r\ncf-ray: 9d404657db484c11-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1495,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"ab76ddacc7177297110531bdc4b7b09c","sha1":"9e3a3721140685f8b095694cf6690ebaeac63278","sha256":"67de7a9984a8f57a460e025368985daf653eab425caaa5482cc1f3af17c43104","sha512":"16ce040d64e0b45e159c5a0bc2ee0ddbcffdf3405d0ae5dd70b5d1297f657f9067b8cb03a1e30811720c804e7997d3c57815e9b3db2ace852941fb2a7900ea13","ssdeep":"","tlshash":"ce316de876b0ed7c5c9d3a9ea7195d542c9ede6921007ba5db0c8c90c3cb4089759c8b","first_seen":"2025-08-01T03:40:47.847838Z","last_seen":"2026-06-08T11:36:24.402276Z","times_seen":1018,"resource_available":false,"data":null}},"time_used":302,"timings":{"blocked":99,"dns":27,"connect":3,"send":0,"wait":86,"receive":0,"ssl":73},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/NotificationsButton-pLBpik3l.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.863Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/NotificationsButton-pLBpik3l.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/assets/index-Dm17uEDJ.js\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=1772117635494; twk_idm_key=1j_Pbe3wZINlDTDhzscRH\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=3,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"22e-mRgS0ldhghlzTaY/dXLfEDwpCSI\"\r\nage: 0\r\ncontent-encoding: br\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LWjcL8n8tyKt0reEGjjaCDUOtAsOiTuYmhZXDJt32BkiYmrrV2%2FPtDzF4u97PC1tx8gpmsTDAg2g9QGd0LtZlyOzwoNFhV6BGCXWCBfGoR%2BM\"}]}\r\ncf-ray: 9d404657db1ce0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":558,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (557)","md5":"a9b056a32d1ed76e431c79743fff40d0","sha1":"991812d257618219734da63f7572df103c290922","sha256":"1d39a6add7ab9c187045bdbe1fe951cd7aa476aa5df81ad0e50ac2a876c40934","sha512":"058802b490279b15a1dc08c0bfccff599583ce22b9121453e2282443bb321ec4e51145d312ccdf1d58cc0d7ed07506b8f89c3abcdeb726bc57778cfcdeeba673","ssdeep":"","tlshash":"aef0264be994d5f417c25a11623bd0163c3ba96cef4a588000eb1c591734116c81f55f","first_seen":"2026-02-24T14:23:51.194058Z","last_seen":"2026-02-26T17:03:57.749218Z","times_seen":4,"resource_available":true,"data":null}},"time_used":101,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":101,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/CasinoJackpot.g_xeWz8w.css","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:56.391Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/CasinoJackpot.g_xeWz8w.css HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/tr/\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=0; twk_idm_key=1j_Pbe3wZINlDTDhzscRH; twk_uuid_69345a05c4e6ba197aefa96c=%7B%22uuid%22%3A%221.92R1qCgyJWowz2iTiEpRwBM0xZehlrdmh8bxgIdk3R7rbioXvAdL6Ij0M1frbRAs6Dh30m1oA1FRvNd3M7KvvDyVS879Xvfp17FFvDm7hE25401h5GP6zS56Sncq%22%2C%22version%22%3A3%2C%22domain%22%3A%22m-galabet1123.com%22%2C%22ts%22%3A1772117636060%7D\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:56 GMT\r\ncontent-type: text/css\r\npriority: u=2,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"3587-amjiCbZVXAr8Uu2DM5Vw/mgdGyM\"\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KmTFGdXxJdA%2FEBGoe2jx9eH31ejbOntNqDWkVEzoXJigk1rCpHT5uz9XE8XsHTBQZVuibik%2FFIxMpEesElAs%2FbBPuijiUXJvXLG4Xp2eZWg8\"}]}\r\ncf-ray: 9d40465b3c53e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":13703,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (13702)","md5":"75632d4973e29ce182d8caa61ff921e0","sha1":"6a68e209b6555c0afc52ed83339570fe681d1b23","sha256":"a00dbef5dff141c39219d43bed81880c18357edb10320a1bf7311941a3d958a5","sha512":"74577b4bd8699f5fe0e108d2f3428f17ca399c3c1e3fcf45e5f828060fa346155abb85dd6c40fe1a0e620ecaaaedd896bc6d9881e213c9963697f79552a3c97c","ssdeep":"192:5aKQrrxX/YyrspdNl3qLq/1R9z7g6mbftDxzNfDFDfhf3fOfNf5flt/1ttTptVFd:9UVwVELPh+EcaLDRdng","tlshash":"1652fe17656f33b829ef653726f0e3cc9a3c4879c7126664a8d1a2194b8f9b006717ec","first_seen":"2026-02-24T14:23:51.399866Z","last_seen":"2026-05-17T23:41:09.463668Z","times_seen":6,"resource_available":false,"data":null}},"time_used":141,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":117,"receive":24,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/HorizontalSportsList-BjU3O27Q.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:56.408Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/HorizontalSportsList-BjU3O27Q.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m-galabet1123.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:56 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=4,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"1a6-YTA3AQ2rCHd3qJdFAsedkqFdPEk\"\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QzH5np5JRrYQy82kYngYwDhRjgm%2FB%2FaOpKADpzqPXTvV4vPNsNt4tUlFE7P5TMiMfEZinX6g2bdemR9fjAXj1MEEJ8r6kZ8%2FxhsEO0QiXbr6\"}]}\r\ncf-ray: 9d40465b4c68e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":422,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (421)","md5":"c73fa28cecd62ba3c31d6201e137d6a0","sha1":"613037010dab087777a8974502c79d92a15d3c49","sha256":"83b5ad3b3f3e009497b2dbde83af71ee19ab265c0027f0fb23504d2a209d2526","sha512":"5d6444f570ad2e892840f2e46a64d2d908a6989a8f5560eb63cb2058bef99bc9789030b9222e2f664de865261633e807a77b8df2f43637ec68bc118d8a3cbbbd","ssdeep":"","tlshash":"44e02bc6dc618af45a2b88efb95c24846112047cef47a671d29492281b7408bf62d04d","first_seen":"2026-02-24T14:23:51.203754Z","last_seen":"2026-02-26T17:03:57.739299Z","times_seen":4,"resource_available":true,"data":null}},"time_used":102,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":102,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"explorer-api.walletconnect.com/w3m/v1/getInjectedListings?projectId=45f4062f4f6427f9e6eab952d2452b3c\u0026sdkType=w3m\u0026sdkVersion=js-2.7.1","fqdn":"explorer-api.walletconnect.com","domain":"walletconnect.com","tld":"com"},"ip":{"addr":"172.66.147.126","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:56.576Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"walletconnect.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 05 Feb 2026 12:00:46 GMT","end":"Wed, 06 May 2026 13:00:31 GMT"},"fingerprint":{"sha1":"0B:75:F6:C4:1F:5C:D6:FA:A0:CD:3E:89:69:B2:43:70:98:34:EB:71","sha256":"A7:6F:DB:DB:DF:40:40:BC:E0:FA:21:6A:0A:3B:17:05:37:B7:17:6E:6E:BC:B2:89:3D:F4:E2:7C:EB:48:E6:5E"}}},"request":{"raw":"GET /w3m/v1/getInjectedListings?projectId=45f4062f4f6427f9e6eab952d2452b3c\u0026sdkType=w3m\u0026sdkVersion=js-2.7.1 HTTP/1.1\r\nHost: explorer-api.walletconnect.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m-galabet1123.com/\r\nOrigin: https://m-galabet1123.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:56 GMT\r\ncontent-type: application/json; charset=utf-8\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, s-maxage=86400\r\nx-robots-tag: noindex\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 9d40465cdb6c8a18-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":431999,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"284f391254dc758a822ebcec415f36a0","sha1":"ebe9c3b7d4d9dc5dee7ccaeae2c6cdd11944ac9b","sha256":"f96b926f6d2055c4917d5254b6ac2499d577ea217ebed1e5d8b269538fd1c832","sha512":"6cab5ff4186bc18180400c47df0093dd72dd6f326b720fc6d6552149a6e02b779674e1e1ddb56fa275db4dd3233a72c05958a9a42c5f65bddfff3117d45f3c1e","ssdeep":"3072:bnRupaIB5ZbVITZZYA5dVAdZ7GlAMIDl3g3Wcmvu7IHkGOQyDFgk5:LsrBPVILl3WHu7WOQw5","tlshash":"a69444bb8f848f5b1b280bc9212d3d6c999e298bcbc55df6f1c0cf1844f4ab92315566","first_seen":"2026-02-26T14:54:53.889556Z","last_seen":"2026-02-26T17:03:57.727552Z","times_seen":2,"resource_available":false,"data":null}},"time_used":125,"timings":{"blocked":36,"dns":9,"connect":8,"send":0,"wait":37,"receive":0,"ssl":30},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1052.com/storage/medias/galabet10/content_751_e17e2bd68c4902720215ccdc250ea7cf.webp","fqdn":"icons.galabet1052.com","domain":"galabet1052.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:57.680Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1052.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:14:03 GMT","end":"Sun, 24 May 2026 11:13:59 GMT"},"fingerprint":{"sha1":"3B:14:63:FD:4D:69:AD:3E:AE:90:AC:62:75:5F:1C:3B:40:70:81:66","sha256":"67:D1:79:82:FD:52:DC:63:91:45:A6:57:3E:F7:D3:BE:95:EE:80:07:4E:A0:E0:43:F1:1C:9D:1B:E1:2E:48:79"}}},"request":{"raw":"GET /storage/medias/galabet10/content_751_e17e2bd68c4902720215ccdc250ea7cf.webp HTTP/1.1\r\nHost: icons.galabet1052.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:57 GMT\r\ncontent-type: image/webp\r\ncontent-length: 30858\r\nserver: cloudflare\r\nlast-modified: Mon, 15 Dec 2025 14:02:13 GMT\r\npriority: u=4,i=?0\r\netag: \"694014e5-788a\"\r\nexpires: Thu, 05 Mar 2026 14:53:57 GMT\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nset-cookie: __cf_bm=BGtw58fPb8bBVvFxrVuGzmzDM3Iy9Mb3TZljvbXyHtM-1772117637.6515-1.0.1.1-wdZglHcpIn7kqJnZDRrNbKUQMFukOi7iA6Z9KlbHSRTww.8GvbwVvrkc7KLbn.zo1OAYc632Bn8FMvsK1tHscVUGYTfhLU0dwhxjgNudDPIsyY4xbXnXr94xiH92xWch; HttpOnly; Secure; Path=/; Domain=galabet1052.com; Expires=Thu, 26 Feb 2026 15:23:57 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yATvvSeNNbr3WUTZk7a5u45lwSeLfrBx5I7p2%2FvC97437FrwHyhb7x%2BLVnqhcV8ofx8QoDoM3QhlewAS%2BuSCzL9hRh6LmbseFvG8N0p4ifEkbLc7hg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d404663580435a6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":30858,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"f3a657bf250f0501b6684593c6d3449f","sha1":"3ae10ca24e1ed4fd7f3ee97a04029f84edb29c60","sha256":"4df91740f4d1d34398bcde4b0e71127587fe51241c3283f3e7a3bcffefdfc21e","sha512":"c70376beec80f90f2b6f42daa10038112bca9eb928f50f6dfbbb4b8e9054ecfde0afd7aba72fa826bd64ab0615dae03db9d608d7f63e06af394bcd5b669a2ec5","ssdeep":"768:X2NTeq/6/zzgNTdJxlOo7U+QcbTMcipzeGy3sB1I0:4Kq/6/0O0UOOzeKBS0","tlshash":"22d2e1a0782165c72e6e25483195487b904f5bec73687de5b9ac03b3ed0e2f24f69339","first_seen":"2025-12-24T22:39:16.142316Z","last_seen":"2026-06-03T04:20:31.9141Z","times_seen":62,"resource_available":false,"data":null}},"time_used":94,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":54,"receive":40,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.segment.com/analytics.js/v1/lilPWXhBdHIJK2XkMZqV7SFa8UZQZd0D/analytics.min.js","fqdn":"cdn.segment.com","domain":"segment.com","tld":"com"},"ip":{"addr":"3.164.239.145","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:54:02.652Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segment.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 16 Sep 2025 00:00:00 GMT","end":"Thu, 15 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"90:3F:7C:B8:04:2E:CD:A4:E1:F1:8C:5D:DB:17:18:85:E6:C0:E9:98","sha256":"18:9C:5C:43:17:4C:C1:EA:72:5A:8E:DD:37:64:4C:DF:83:99:F4:51:8E:85:20:61:7F:A0:40:01:DC:6F:65:43"}}},"request":{"raw":"GET /analytics.js/v1/lilPWXhBdHIJK2XkMZqV7SFa8UZQZd0D/analytics.min.js HTTP/1.1\r\nHost: cdn.segment.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/javascript; charset=utf-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, HEAD\r\naccess-control-max-age: 3000\r\nx-amz-replication-status: COMPLETED\r\nlast-modified: Wed, 21 Jan 2026 08:14:20 GMT\r\nserver: AmazonS3\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: J8ajF9t6IlT2U7tuuuuEWLpJqziHNggp\r\ncontent-encoding: br\r\ndate: Thu, 26 Feb 2026 14:54:02 GMT\r\ncache-control: public, max-age=120\r\netag: W/\"26d5c6e9eb5b8acc5d7f0a4acb0bb17d\"\r\nvary: accept-encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ec47ad650ce8b90cf8852923bd4f4320.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P2\r\nx-amz-cf-id: kwdSqwX5gOciVRe3vZrmbIB-n9GJrZbEZ2eovTq7AyatHzq7h8Hf5g==\r\nage: 119\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":108916,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"26d5c6e9eb5b8acc5d7f0a4acb0bb17d","sha1":"f28c859ece3ceabce922bbdf6272f9f7e826b783","sha256":"8ee1aaf2ad1cbca21e0581993206ba9ffd736c611beffb7287581a87cab67ff3","sha512":"388bd8e7a24945d1a3db30cd4cc03f006d5222f5b399b6578eaf9f87707fefae25b423aa0657dffd191f980827742165f1cfe7577a899ac63ed728bdd9886ee0","ssdeep":"768:IAObYQP9MBTSbyDRP0aubWc+ZdLyiQL96+hYs17eFCgt/oJBpntD/PN/xd0MpIJ4:TQP9MqMZ+vCBF/g0vmBuNfftrcuk","tlshash":"8fb371c8f6d6f064439764b4803f510bf23eb96e680e8464f266dad26c7899d9133f78","first_seen":"2026-02-24T14:23:50.976435Z","last_seen":"2026-05-22T17:22:58.310306Z","times_seen":50,"resource_available":true,"data":null}},"time_used":125,"timings":{"blocked":44,"dns":20,"connect":8,"send":0,"wait":34,"receive":0,"ssl":16},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/fonts/default/Roboto.woff2?v=63","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:53.984Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /fonts/default/Roboto.woff2?v=63 HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/assets/index.BJU6hB4z.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:54 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 64248\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"faf8-1a8G5XndX0APgDtOJLwQIHQLC4o\"\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YKRQa6lnXlIUTTWf%2FhMNylT3oyp%2Be62wuNtllAcBBlk3LRKUfyNX73IsmgfiKvF%2BuRdHXYtV31Xu3zdmN6y4bVhYtXHHZpGuDeDsou1JNLl%2F\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9d40464c6fd2e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":64248,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 64248, version 2.0","md5":"b65b078c2f62cb030e8faa332896afec","sha1":"d5af06e579dd5f400f803b4e24bc1020740b0b8a","sha256":"594544184c059f885e1499c36a4147c3d3b41ce4f50252ac245a3a5faea6c72f","sha512":"34c06275b329ac62dddd6eb3981ef47d022d4e841c6a2659b9c648e77caf58277c91d1aa1b1bc432cbaccf9e3a7c89e67a3f41c940637942e692c90db9d910e1","ssdeep":"1536:T4FysiYyiqM4dWrgU2Tx5hpx1/VjrHS+92eTa:T4FyPY+rEATHH/xye2","tlshash":"df5301e2be45d926afc2dbeca3bd561c210eddbd2480d11717d5eaa002c1dbaf07c252","first_seen":"2023-04-17T11:05:44Z","last_seen":"2026-06-06T23:43:56.100029Z","times_seen":2788,"resource_available":false,"data":null}},"time_used":167,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":111,"receive":56,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"geoapi.btcoservice27.com/?type=json","fqdn":"geoapi.btcoservice27.com","domain":"btcoservice27.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:54.704Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"btcoservice27.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 09:41:42 GMT","end":"Sun, 26 Apr 2026 10:41:35 GMT"},"fingerprint":{"sha1":"81:21:C1:62:6C:B3:8C:D6:3B:78:1C:03:98:EB:E4:B5:0B:08:13:4C","sha256":"86:BF:9F:A3:FE:30:F5:BD:7B:AD:63:3C:D7:11:72:E8:91:A7:06:23:A8:B5:1E:96:CD:28:18:3E:4C:48:4C:86"}}},"request":{"raw":"GET /?type=json HTTP/1.1\r\nHost: geoapi.btcoservice27.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m-galabet1123.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:54 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\nx-powered-by: PHP/7.3.33\r\naccess-control-allow-origin: *\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=oRC6%2Bx8WVQFbkjpq6tIye%2FT%2BsstnkphYlobEp8zKdsza0kuRMR0YgCP9zoFAd73xSW2cpb69e7y11bBYodf2jJOdcqErKGnIEpbGiWbmlEFux1da4%2Fajpg%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\nset-cookie: __cf_bm=7O6SKFjPLUmpjxSPOnnlJwBcFlbc33xbN8HwdoEV4Uk-1772117634.760332-1.0.1.1-NB2x8k6wo6xstfKorsaAATbRxGi6p.MHNkCRYC8uVJ9uUR4QYI8r5zykhLoeV4L8Rl8HvZgOKZub2cHDf5NohMumA0D.CCHtGs.HkqxtzyVZzJqaiF77X9l.NjmS4gkP; HttpOnly; Secure; Path=/; Domain=btcoservice27.com; Expires=Thu, 26 Feb 2026 15:23:54 GMT\r\ncontent-encoding: br\r\ncf-ray: 9d4046513ed0a0f0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP:7.3.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":201,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"JSON text data","md5":"ae0c7b15f7b07d5287f4f56fc107254a","sha1":"dec4cfb67f23a362cf007e3414411a871f42f8b4","sha256":"e64d2e0a65cac499cbd1024efbfdd31a982c7a1d825de1b2bdcd6e4001e7854b","sha512":"74b1f188e6f60f077ee12e4556f5d70f415e2e0f89f8c513a50df271545efc9d30f25d65a4ff4acd1cf25c60d0a70fd5664bfd72608ac1b75237a02981991b8b","ssdeep":"","tlshash":"c0d02218184d8d8aae34c2882a4fa9331ab220ccc28f40c4828aae31c3d86ec3288840","first_seen":"2023-05-08T13:32:10Z","last_seen":"2026-06-06T07:02:31.879116Z","times_seen":186,"resource_available":false,"data":null}},"time_used":194,"timings":{"blocked":54,"dns":35,"connect":1,"send":0,"wait":85,"receive":0,"ssl":16},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/Firebase-DDwvASrY.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.810Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/Firebase-DDwvASrY.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m-galabet1123.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=4,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"1487f-/z5cCqa8JLUxtPY4ZG1J440v5IY\"\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=srud7Vgxsh3Isa7bTkDXj9iMthAf9uqA5MdX%2FTx1v9n4Pd7ugJzR%2B3iBrXP82VHf0p5Yu2NYxcRN60j210ieorH1nDW5%2FjaF%2FlXW0cYClC6s\"}]}\r\ncf-ray: 9d404657baf1e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":84095,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (4779)","md5":"7481cf9dd3ef4629e43999506ee69229","sha1":"ff3e5c0aa6bc24b531b4f638646d49e38d2fe486","sha256":"5dddd0ca4c525657b36e3b4310620f8e3a581c1465be6f5c21c7d32ff6f6200c","sha512":"4f04b6e31a72b4a72c9fba82a07bcb57365c400ced0fc7a49f453812edcf2a3d36da72936d9f2d5f38c08e2ef99d82c5313d827e582591f7f8ecd7f18d29cf59","ssdeep":"1536:V4B1ZtLG0w0MlRdcuwMU51uxIZOLphF4yslNmuICMmWJRvebilqVotWL8Avw+u7h:Vs1ZtLG0w0MlRdcuwMU51uxIZOLzF4yv","tlshash":"3883957d7a922a3317d189ab792f50cbb319c64d390f8394741ec0e91e3e45a45faeb0","first_seen":"2026-02-24T14:23:51.31641Z","last_seen":"2026-02-26T17:03:57.82728Z","times_seen":4,"resource_available":true,"data":null}},"time_used":163,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":118,"receive":45,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/PromotedProductsWidget-DSoPzSu9.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:56.414Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/PromotedProductsWidget-DSoPzSu9.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/assets/index-Dm17uEDJ.js\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=0; twk_idm_key=1j_Pbe3wZINlDTDhzscRH; twk_uuid_69345a05c4e6ba197aefa96c=%7B%22uuid%22%3A%221.92R1qCgyJWowz2iTiEpRwBM0xZehlrdmh8bxgIdk3R7rbioXvAdL6Ij0M1frbRAs6Dh30m1oA1FRvNd3M7KvvDyVS879Xvfp17FFvDm7hE25401h5GP6zS56Sncq%22%2C%22version%22%3A3%2C%22domain%22%3A%22m-galabet1123.com%22%2C%22ts%22%3A1772117636060%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:56 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=3,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"7a0-RzNYavmAQgZgwaYozgIKNiEGsW4\"\r\nage: 0\r\ncontent-encoding: br\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=01XLlb5nX77cUlecdvyKQ7RICeQkeJaNNkSBcrcV0HycnrBdyksL%2FA8bfhjBcF1kiH6%2BVEiF9KyebZ25qgZ%2BE9ppxIlFDEsZi7yvte6%2B64P2\"}]}\r\ncf-ray: 9d40465b4c73e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":1952,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (1951)","md5":"d25f49c76bf72dfb92284c6c8f2dc43a","sha1":"4733586af980420660c1a628ce020a362106b16e","sha256":"2ac7c3f2e2427cdc73697125a1738aa01a5fe580bbef638ef5212dd8a5294adc","sha512":"d86d81adbadb6bf8b8413a53dd5a04b75efebeca14413a687d0bcff91e54809a670e26d12566633c3048257c0e7577073444220d4b0890e9ffbdf6464d43f84f","ssdeep":"","tlshash":"d2415443d535a2b9f23a5dec264210c43c167d34d5b148a5a0b7bd1e9039826fb92ffc","first_seen":"2026-02-24T14:23:50.993184Z","last_seen":"2026-02-26T17:03:57.830859Z","times_seen":4,"resource_available":true,"data":null}},"time_used":93,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":93,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69967ba6a3b/js/twk-chunk-2d0aef27.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:56.418Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 06 Jan 2026 07:50:57 GMT","end":"Mon, 06 Apr 2026 08:50:49 GMT"},"fingerprint":{"sha1":"76:A2:1D:87:6A:02:2B:AE:59:CF:63:88:47:0B:0E:A0:A4:71:2D:D7","sha256":"9E:00:F3:80:45:CF:47:97:9A:BA:39:F6:38:6F:52:DD:E7:5F:D6:9B:7E:89:F7:9D:B0:BD:98:6F:1F:45:64:2A"}}},"request":{"raw":"GET /_s/v4/app/69967ba6a3b/js/twk-chunk-2d0aef27.js HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:56 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 19 Feb 2026 02:56:35 GMT\r\netag: W/\"89134e892271c99e4be394e757691c0c\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\nage: 16653\r\nvary: accept-encoding\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nx-content-type-options: nosniff\r\ncf-ray: 9d40465b5c76e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":11888,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (11888), with no line terminators","md5":"89134e892271c99e4be394e757691c0c","sha1":"7e8e00a94406382ad3006aaffb6ba522a7172077","sha256":"d09d7f32db5774ee049fdd2fce086b87d897c6893753091886a8706e9747c9cc","sha512":"df656841a2fd8daa388e0345bb36bda46f568cb5b7f05cf9b10673227ba36da20c35d3fac4f96edc411475e93805cddbd8f85c545cc1d7c41aebbfcb9712f089","ssdeep":"192:0H9MawRIU9HkKRU0Ve20lqXvtsTBkpfCNmeAhbKqxK4ILZvUZaUZSsgM:Kwb9HkS316xAFKpLZEh","tlshash":"6632a3c6e8c7b9564227160451efe128f73f2a94771adc18f0a895f34a948c3507bfba","first_seen":"2026-02-19T03:13:10.639989Z","last_seen":"2026-04-15T01:21:42.639775Z","times_seen":6484,"resource_available":true,"data":null}},"time_used":29,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/index-E_Qw-LwW.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:56.480Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/index-E_Qw-LwW.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/assets/DataspotTracking-BGnsxVvd.js\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=0; twk_idm_key=1j_Pbe3wZINlDTDhzscRH; twk_uuid_69345a05c4e6ba197aefa96c=%7B%22uuid%22%3A%221.92R1qCgyJWowz2iTiEpRwBM0xZehlrdmh8bxgIdk3R7rbioXvAdL6Ij0M1frbRAs6Dh30m1oA1FRvNd3M7KvvDyVS879Xvfp17FFvDm7hE25401h5GP6zS56Sncq%22%2C%22version%22%3A3%2C%22domain%22%3A%22m-galabet1123.com%22%2C%22ts%22%3A1772117636060%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:56 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=3,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"173c-gZvawifXu22PBlRooPZe1ml9MTI\"\r\nage: 0\r\ncontent-encoding: br\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=C4HaRc68YesfkV%2FF0WoX7pBit%2FDKcdklkH1uelTla04%2FMch%2FbFZ7Y8JGPjz25AUaHrMteait9I%2FBHpoQI7o4oQPMJIDDE2NSQP9vbwnO5uiq\"}]}\r\ncf-ray: 9d40465bccb9e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5948,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (3085)","md5":"9a5934fdbf3896c23908942c6ec28e8c","sha1":"819bdac227d7bb6d8f065468a0f65ed6697d3132","sha256":"83fa3f48a7e001a7d28471b096a8806e83653854e7aeeb15c4dd979cf31ef3a4","sha512":"5cc79da26050a6c76f22fedbe2e38373849eb51337ed406c5d035935c348268dbd172717a209a97b8388223f9c8dce07018b7ccdfa043716b518ebe1fc61663e","ssdeep":"96:q1SCtCFV0h7FhpokS73sjlsv2InwLRiTvHUgAaQKFJ0FdWpA6u6PEDdxrOq+IHWE:J0ljijHvN0FdIuSEDdxP+Vj8Eu","tlshash":"ebc1a65631907534c6d204a6914f82aeef3e7638f00f50a0b23f9c6d3ba1115daa3ebd","first_seen":"2026-02-24T14:23:51.109809Z","last_seen":"2026-02-26T17:03:57.724952Z","times_seen":4,"resource_available":true,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/fonts/default/Roboto.woff2?v=63","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:57.142Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /fonts/default/Roboto.woff2?v=63 HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/assets/index.BJU6hB4z.css\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=0; twk_idm_key=1j_Pbe3wZINlDTDhzscRH; twk_uuid_69345a05c4e6ba197aefa96c=%7B%22uuid%22%3A%221.92R1qCgyJWowz2iTiEpRwBM0xZehlrdmh8bxgIdk3R7rbioXvAdL6Ij0M1frbRAs6Dh30m1oA1FRvNd3M7KvvDyVS879Xvfp17FFvDm7hE25401h5GP6zS56Sncq%22%2C%22version%22%3A3%2C%22domain%22%3A%22m-galabet1123.com%22%2C%22ts%22%3A1772117636060%7D\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:57 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 64248\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"faf8-1a8G5XndX0APgDtOJLwQIHQLC4o\"\r\nage: 3\r\naccept-ranges: bytes\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=SiralcqBb5lcKIckJwceJBuH%2B9yYXogDqmYkfEjzPlaCe59UIadE3UaqPLoXs57TAdT94VFUv0qA8cAaqF2a9zeGIJmtKW77ws00jXTZiH0I\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9d4046602e00e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":64248,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 64248, version 2.0","md5":"b65b078c2f62cb030e8faa332896afec","sha1":"d5af06e579dd5f400f803b4e24bc1020740b0b8a","sha256":"594544184c059f885e1499c36a4147c3d3b41ce4f50252ac245a3a5faea6c72f","sha512":"34c06275b329ac62dddd6eb3981ef47d022d4e841c6a2659b9c648e77caf58277c91d1aa1b1bc432cbaccf9e3a7c89e67a3f41c940637942e692c90db9d910e1","ssdeep":"1536:T4FysiYyiqM4dWrgU2Tx5hpx1/VjrHS+92eTa:T4FyPY+rEATHH/xye2","tlshash":"df5301e2be45d926afc2dbeca3bd561c210eddbd2480d11717d5eaa002c1dbaf07c252","first_seen":"2023-04-17T11:05:44Z","last_seen":"2026-06-06T23:43:56.100029Z","times_seen":2788,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":15,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1052.com/storage/medias/galabet10/content_751_1e0032d5ab6bc47ae0ff53da48c1e21a.webp","fqdn":"icons.galabet1052.com","domain":"galabet1052.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:57.689Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1052.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:14:03 GMT","end":"Sun, 24 May 2026 11:13:59 GMT"},"fingerprint":{"sha1":"3B:14:63:FD:4D:69:AD:3E:AE:90:AC:62:75:5F:1C:3B:40:70:81:66","sha256":"67:D1:79:82:FD:52:DC:63:91:45:A6:57:3E:F7:D3:BE:95:EE:80:07:4E:A0:E0:43:F1:1C:9D:1B:E1:2E:48:79"}}},"request":{"raw":"GET /storage/medias/galabet10/content_751_1e0032d5ab6bc47ae0ff53da48c1e21a.webp HTTP/1.1\r\nHost: icons.galabet1052.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:57 GMT\r\ncontent-type: image/webp\r\ncontent-length: 18886\r\nserver: cloudflare\r\nlast-modified: Tue, 01 Oct 2024 12:45:34 GMT\r\npriority: u=4,i=?0\r\netag: \"66fbeeee-49c6\"\r\nexpires: Thu, 05 Mar 2026 14:53:57 GMT\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nset-cookie: __cf_bm=Me1XXmu_HnP_y1hOuhKSuTrfERtHvxSjcb1C8m7n2Cw-1772117637.6799653-1.0.1.1-0tLQF0FHUbgLpFlfNxNbsKbvtIhHKzOF2P1YnSGWsGghqEKcm8yOfGi0V0Qg4dLhC4b6X6hFGP0rmvmvH09HtWHfK.HkKQ1SQIQf1491wb_0.SD.hsv2iADDwKE8s9lU; HttpOnly; Secure; Path=/; Domain=galabet1052.com; Expires=Thu, 26 Feb 2026 15:23:57 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7REeVSmUXHXg0Dnzyv0m6f5tQyI3OAbZNKWD7j9%2FTvmIl370tn0J1TX%2Bf3Uk%2FioJaMsH7pTm0q9ROvFH2fSaH0xKRDnCVmCcWZOUR4WTfwn6oJ8Klw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d404663791435a6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":18886,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"aa5bb675b18fb9ff6ebcefc6c52b2b80","sha1":"aef0af185eab795ed1e66b6fd386bb2bbdf99a51","sha256":"9e57aa30fe310aacb3a5660d08ad36e93609014c63ab91e2674217cc81ebc5b5","sha512":"bda4926c3f51a68f3466aad782bb0e212b59ebc698591699ce3927038ba8a8dfbd52ae66535da875700c6ef2cbbdabb67fdab3a92629c17cf2bdd2d909459623","ssdeep":"384:uTMJDMzfI4dhbysbrfdO/1rYKo5nvpEg8SA21BvLQzOSMGz:XJozfI4/ysbr1O/1AvlD1LQKMz","tlshash":"4082e1099a7934e9329308fe1b21614d31f03ab66c405758db7ccbe410c1d956b6faf5","first_seen":"2025-12-24T22:39:16.22703Z","last_seen":"2026-06-06T23:43:56.14056Z","times_seen":55,"resource_available":false,"data":null}},"time_used":96,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":66,"receive":30,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/JackpotPoolsWidgetContainer-CG5gkeJb.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:56.397Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/JackpotPoolsWidgetContainer-CG5gkeJb.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m-galabet1123.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:56 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=4,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"fdd-6imTdJiR9KzW7IF8K35UOGO9Omo\"\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CavMOhZzTVScu9%2Fq2Xyoa6IPofJQDJi3FIhKfAWWb0qA4tAemD%2FbKpHYAbWkctyrOh%2FM36drv7RP2RqqpSk9IfFXMYzimnpmdHQoMdcxO6zU\"}]}\r\ncf-ray: 9d40465b3c59e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":4061,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (4060)","md5":"c9c74fdfb9e5a74ebd6a40874d59f09e","sha1":"ea2993749891f4acd6ec817c2b7e543863bd3a6a","sha256":"bdfca645f493e6d1b5fc8fc135b986e6412413d80d764007c65aeb258abcbcdb","sha512":"75ec153ca1d34ab5fc39ed822e85ae9ad198813cf6947803d010b12a4802ace30fe5078ca669a875115285e13c4561d7d5da396c6531089ff099373746d929e3","ssdeep":"","tlshash":"c8818617e01ab3fcd8dc04a3502f910a2b7e0abdd75605e4d06e08240abc85af25db8a","first_seen":"2026-02-24T14:23:51.150408Z","last_seen":"2026-02-26T17:03:57.723683Z","times_seen":4,"resource_available":true,"data":null}},"time_used":45,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":45,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/JackpotPoolDetailsItem-DOBnH8RK.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:56.400Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/JackpotPoolDetailsItem-DOBnH8RK.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m-galabet1123.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:56 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=4,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"3803-0t3mrE+I6Wl1MbazqG0GOCgKFrU\"\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9847SWLFu1HR3FQe6avvsKNHI12ZuHaoRmRZEIlDXm4GyJBFwokFlGhU4T0BFn2xbzMWaxAHN7C%2BHPRm55zkEkbYrcEO%2FZpKSS5AMdtkjLo%2B\"}]}\r\ncf-ray: 9d40465b4c5de0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":14339,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (14338)","md5":"3889e481ab1adf9f96a132846c0801d3","sha1":"d2dde6ac4f88e9697531b6b3a86d0638280a16b5","sha256":"64d0d773fcd389193d64f215cd0bc6f25d7bccef8282d0fcd309aa7298595108","sha512":"b4e0162884cabb644a2fdd77844e44fecf63b090206b2739478fe152ec719ea2cbe19be56520249c097335a5951319d25dfcb62c62c23c3f400b083fd9578f0c","ssdeep":"384:xm6srKqqF3EjFOFEGOpOpeHMtGRxeG/PcyKxV6baPFFWB:xmB7CEGOpyts/UofB","tlshash":"5a524c05f012f7edbca954f7487ee0687a5e1aa9c71808acd1bd6c313d2c455760bbac","first_seen":"2026-02-24T14:23:51.244561Z","last_seen":"2026-02-26T17:03:57.821746Z","times_seen":4,"resource_available":true,"data":null}},"time_used":144,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":121,"receive":23,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/fonts/default/RobotoBold.woff2?v=63","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:57.150Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /fonts/default/RobotoBold.woff2?v=63 HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/assets/index.BJU6hB4z.css\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=0; twk_idm_key=1j_Pbe3wZINlDTDhzscRH; twk_uuid_69345a05c4e6ba197aefa96c=%7B%22uuid%22%3A%221.92R1qCgyJWowz2iTiEpRwBM0xZehlrdmh8bxgIdk3R7rbioXvAdL6Ij0M1frbRAs6Dh30m1oA1FRvNd3M7KvvDyVS879Xvfp17FFvDm7hE25401h5GP6zS56Sncq%22%2C%22version%22%3A3%2C%22domain%22%3A%22m-galabet1123.com%22%2C%22ts%22%3A1772117636060%7D\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:57 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 62032\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"f250-sdZeMF6FDN01JzT3hCzd/TDwjQs\"\r\nage: 1\r\naccept-ranges: bytes\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=e1LnDaet7FiDbbi1fD439CL09Okl3lNFUC%2FtOUsm%2FDG%2BUXrsuORzFp4emh2IdSF11dR4YJ9f6Q99TKX51%2FIr95Et8dQb3c%2Fp3ecXiwU8NR6o\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9d4046603e06e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":62032,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 62032, version 1.0","md5":"5c3f2196f147bbbc3583de1008be7538","sha1":"b1d65e305e850cdd352734f7842cddfd30f08d0b","sha256":"c6213e789895a427306e62a03b1a96ac884f58957b4f14e27f8e4361e32bf382","sha512":"a0a556d7d670c7197f1daf9cc7d84b3872cbaa92f916bd092c3831d3936362ddde3e837e4330895a5d53f0783b761ded7d00d126a0a04feaea84d01d12e62f1d","ssdeep":"1536:+07i808sgDXsqfywKCgqTwnXO09CU+O2G48I5lkEGN2iBYF5cftfplD+2U:+epsGXZfeCgZXd9hAGtI56ZiF523+2U","tlshash":"2f53023e9427274226b1dcca96ece2ee16c278fb700119ddb41075ee9f32f814c83a56","first_seen":"2023-05-07T18:24:32Z","last_seen":"2026-06-06T23:43:56.086284Z","times_seen":2662,"resource_available":false,"data":null}},"time_used":30,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":27,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/__proxy-cms-api/api/public/v1/tur/partners/751/notifications/whats_new?platform=0\u0026country=NO","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:57.735Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /__proxy-cms-api/api/public/v1/tur/partners/751/notifications/whats_new?platform=0\u0026country=NO HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/tr/\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=0; twk_idm_key=1j_Pbe3wZINlDTDhzscRH; twk_uuid_69345a05c4e6ba197aefa96c=%7B%22uuid%22%3A%221.92R1qCgyJWowz2iTiEpRwBM0xZehlrdmh8bxgIdk3R7rbioXvAdL6Ij0M1frbRAs6Dh30m1oA1FRvNd3M7KvvDyVS879Xvfp17FFvDm7hE25401h5GP6zS56Sncq%22%2C%22version%22%3A3%2C%22domain%22%3A%22m-galabet1123.com%22%2C%22ts%22%3A1772117636060%7D\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:57 GMT\r\ncontent-type: application/json; charset=utf-8\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS\r\naccess-control-allow-headers: X-Requested-With,Content-Type,Origin,Accept,Accept-Encoding,Accept-Response\r\nset-cookie: __cf_bm=6JZIyH4LOBXioHdUolbZcZnTy2pJjoECZHmNCqhonzA-1772117637-1.0.1.1-mnl5rZ1vPgIWtjxtI4vIkqgE2mcIWdAEwTbE_j6EjyYv5QXgWazRfGXAaUyWBjF3QP95Yz_gnhLSy_WBzCo6rwOuE2gTT6D9YmE9HyIXkoc; path=/; expires=Thu, 26-Feb-26 15:23:57 GMT; domain=.betcoapps.com; HttpOnly; Secure; SameSite=None\r\ncache-control: max-age=600\r\nvary: Accept-Encoding\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=99XEer5tg4l2h9EMUv37w1D%2FwI0B5TcYYMXSnRvNDQ3pDz%2Bcm3jkRIW%2Bql%2B%2Fc1qBCr0OnJBiyTJCwXNTryTT2OgHV4YrN29%2F73XZeoSWUDDk\"}]}\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncf-ray: 9d404663dedbe0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1780,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"d3c54fbb58bdbc049cdb0511ebe72bfe","sha1":"952c530fa5e60d5e6f4092dca93e957ff475f0e4","sha256":"e937a0e69c3616d29c6b6d653f7b58c1dedced93f6c31b8c4c7edc0aa70af0e9","sha512":"dc0267bfc82cc2bb6c9c397203c45bf5c4515432a8fcd8f0c50bedaf985707d1c2ad0fa8bfc057e3e25bd40b82e41fc3d6b57ffa4ebfa26699345edfcb66571d","ssdeep":"","tlshash":"b8315335657d4f4c8f81178a9487f12ea40f035aec54fa34d658cb6690686b8d5331e9","first_seen":"2025-12-24T22:39:16.028828Z","last_seen":"2026-05-04T14:33:03.573483Z","times_seen":59,"resource_available":false,"data":null}},"time_used":123,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":122,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"statistics.btcoservice27.com/images/e/s/0/936.png","fqdn":"statistics.btcoservice27.com","domain":"btcoservice27.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:58.213Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"btcoservice27.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 09:41:42 GMT","end":"Sun, 26 Apr 2026 10:41:35 GMT"},"fingerprint":{"sha1":"81:21:C1:62:6C:B3:8C:D6:3B:78:1C:03:98:EB:E4:B5:0B:08:13:4C","sha256":"86:BF:9F:A3:FE:30:F5:BD:7B:AD:63:3C:D7:11:72:E8:91:A7:06:23:A8:B5:1E:96:CD:28:18:3E:4C:48:4C:86"}}},"request":{"raw":"GET /images/e/s/0/936.png HTTP/1.1\r\nHost: statistics.btcoservice27.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:58 GMT\r\ncontent-type: image/png\r\ncontent-length: 1574\r\nserver: cloudflare\r\nlast-modified: Thu, 03 May 2018 07:16:27 GMT\r\netag: \"4aa97a6aee2d31:0\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\nx-powered-by: ASP.NET\r\nexpires: Tue, 24 Mar 2026 15:41:09 GMT\r\ncache-control: max-age=2592000\r\npragma: public\r\nx-cache: MISS\r\naccept-ranges: bytes\r\nage: 342768\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nset-cookie: __cf_bm=tUCtBjOCgl8roroG0GNSvOtvWw5MY1Z2PfNUpM00wEc-1772117638.1613545-1.0.1.1-FBZ5Dyc0j.N5jo6CVdnBPbzhEJkVpz9i17UpOMdKvhYIH5o1OLmZMfCH9EpADXBWp5WjjXFYlbkFGpcmN1.fCxi5.C05DQowRsXYQigRaVI9lSVXBwGoODHs4OFsgam6; HttpOnly; Secure; Path=/; Domain=btcoservice27.com; Expires=Thu, 26 Feb 2026 15:23:58 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=uW51HGfJRBl8LkJ0jNMfbcXaSvvgJhh6ShEwjVeKcu6MS480F3E%2FGm%2BFbWWiAZzUdZdMDmfgoBmQKIVfJ4NH1ARWsHsu5LlYRjJXM72kZV5o0unjTdJv7PoLXvQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d4046668f3b4c11-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":1574,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced","md5":"25794bfd577bb25b9e2ac630193a72b9","sha1":"01c929b4e5bbec3e8d6b91477429fb061154e54f","sha256":"30c11a2571db28011aeb0baf2af3e4136937906fc083ca4a6e35351de7bf3582","sha512":"6ae396f181e145e9af049c0c2189027f0577da3258afc3ea7a253bc4712f130bf9c5cbc882af3af969c781aa6f4a492478f55ed73082cd99e47af8948042208d","ssdeep":"","tlshash":"86310aa3102e502e3c57522611e684965e503afe14b1b8447a694098b783edfc2a0ddf","first_seen":"2024-01-24T01:47:45Z","last_seen":"2026-05-22T06:52:52.055741Z","times_seen":217,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/assets/fonts/tawk-font-icon-3.woff?55755728=","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:58.631Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 06 Jan 2026 07:50:57 GMT","end":"Mon, 06 Apr 2026 08:50:49 GMT"},"fingerprint":{"sha1":"76:A2:1D:87:6A:02:2B:AE:59:CF:63:88:47:0B:0E:A0:A4:71:2D:D7","sha256":"9E:00:F3:80:45:CF:47:97:9A:BA:39:F6:38:6F:52:DD:E7:5F:D6:9B:7E:89:F7:9D:B0:BD:98:6F:1F:45:64:2A"}}},"request":{"raw":"GET /_s/v4/assets/fonts/tawk-font-icon-3.woff?55755728= HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://m-galabet1123.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://embed.tawk.to/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:58 GMT\r\ncontent-type: font/woff\r\ncontent-length: 93868\r\nlast-modified: Wed, 23 Apr 2025 10:39:13 GMT\r\netag: \"07d578c95ece55d04d46b095fa8ab50a\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nx-content-type-options: nosniff\r\ncf-ray: 9d4046697cb34435-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":93868,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 93868, version 1.0","md5":"07d578c95ece55d04d46b095fa8ab50a","sha1":"2d7b26de9cdc4b40d467186de2073e3dd7804ae6","sha256":"4326543bece14c56ef8ba2534fdb356452cb0650bcded3521cb8b09a9b03bd12","sha512":"89124c4f86613c63f43940a6f1914c1eee5ed90129e6aaa2c16ce446fa10581d389f7c77a579da2270125bce585efa07bf4b3e0880d283795dba42ddd9c7b0cc","ssdeep":"1536:daI2Ltj6D4Han3AHZy92Nzi2tcw52LHqH:2N6E6nOM2Nzi2t55gK","tlshash":"b393e7171706ef8fd42589bb684280734de2e901672ee243398b4d15961eaf44ef87bf","first_seen":"2025-04-29T12:23:34.02726Z","last_seen":"2026-06-08T12:51:50.33372Z","times_seen":31949,"resource_available":false,"data":null}},"time_used":163,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":141,"receive":22,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/conf.json?v=1772117700000","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:54.508Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /conf.json?v=1772117700000 HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:54 GMT\r\ncontent-type: application/json\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=txA7B%2BwOrxI%2BYf66HqlSTZWptmp0PygPOVuZDak1j%2BYg4SGZCJS%2FIledEsKFkSNX24UsQBJR6MSrQIxiUWTPPPs4mlfOpyrlW%2FUrv21laqdq\"}]}\r\nx-powered-by: Express\r\nx-cache: HIT\r\netag: W/\"5664-q3u4HQt+iVDi6SBfUIHCKeCtjkE\"\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncf-ray: 9d40464fb891e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":22116,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"e8bbe9fbf35af4cea5051d8b5a12cee4","sha1":"ab7bb81d0b7e8950e2e9205f5081c229e0ad8e41","sha256":"21772e3d40dc77d968b5673e225c3661ba76ec3db937aff9d80ffbff777ff316","sha512":"a0794c58f91c9978f3881ca453a87b5a5d82a3d3c4e8be9cd02484b18c12eb581890cd0dab9094b1b08e75d30ee5541f30abe90b8a4227ee44fa07b157631b7e","ssdeep":"384:tsodO1wE2GQULoU4rWmnzl8mArtrfSK32WkbNjGm6:tkwE2GQULoU4rWmnzl8mYtrfSKcp6","tlshash":"8ba21029d5744db302ca71b568be6147f530948b4e997c283b4c826c0f1da2f29bb7dd","first_seen":"2026-02-24T14:23:51.141389Z","last_seen":"2026-02-26T17:03:57.844136Z","times_seen":4,"resource_available":false,"data":null}},"time_used":76,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":48,"receive":28,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69967ba6a3b/js/twk-runtime.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:54.548Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 06 Jan 2026 07:50:57 GMT","end":"Mon, 06 Apr 2026 08:50:49 GMT"},"fingerprint":{"sha1":"76:A2:1D:87:6A:02:2B:AE:59:CF:63:88:47:0B:0E:A0:A4:71:2D:D7","sha256":"9E:00:F3:80:45:CF:47:97:9A:BA:39:F6:38:6F:52:DD:E7:5F:D6:9B:7E:89:F7:9D:B0:BD:98:6F:1F:45:64:2A"}}},"request":{"raw":"GET /_s/v4/app/69967ba6a3b/js/twk-runtime.js HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m-galabet1123.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:54 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Thu, 19 Feb 2026 02:56:35 GMT\r\netag: W/\"0beffdc96a1a1b35b5ce2759d6d1d51a\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nx-content-type-options: nosniff\r\ncf-ray: 9d40464fed470b9c-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2306,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (2306), with no line terminators","md5":"0beffdc96a1a1b35b5ce2759d6d1d51a","sha1":"8d9d42c92a1d18382b66ee353d3b81b8641ced00","sha256":"e27dcd41e84265874a28c43fa5780e5ddabc8cae4fa0d010d0ca18360e704389","sha512":"6c5f688f184fa65416108e0f6af9947e741b70ccce5053b318e8ed64858d9ccd6e6b2f905103bb3871e540ecfb7a85efb0503c539bb4545d6975c34aa58dc090","ssdeep":"","tlshash":"7f4183d936e8f9b6434318a1043f9016f6352976097be4c0531dd4f5bc78849815afb6","first_seen":"2026-02-19T03:13:10.681687Z","last_seen":"2026-04-15T01:21:42.763559Z","times_seen":11136,"resource_available":true,"data":null}},"time_used":134,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":134,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69967ba6a3b/languages/en_dev.json","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.223Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 06 Jan 2026 07:50:57 GMT","end":"Mon, 06 Apr 2026 08:50:49 GMT"},"fingerprint":{"sha1":"76:A2:1D:87:6A:02:2B:AE:59:CF:63:88:47:0B:0E:A0:A4:71:2D:D7","sha256":"9E:00:F3:80:45:CF:47:97:9A:BA:39:F6:38:6F:52:DD:E7:5F:D6:9B:7E:89:F7:9D:B0:BD:98:6F:1F:45:64:2A"}}},"request":{"raw":"GET /_s/v4/app/69967ba6a3b/languages/en_dev.json HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m-galabet1123.com/\r\nOrigin: https://m-galabet1123.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: application/json\r\nlast-modified: Thu, 19 Feb 2026 02:56:35 GMT\r\netag: W/\"73eea1de9215521cb137b51419ba55a9\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\nvary: accept-encoding\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nx-content-type-options: nosniff\r\ncf-ray: 9d40465418944435-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10839,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"73eea1de9215521cb137b51419ba55a9","sha1":"a8876b573146cd5450adc92a5450febea8d33f22","sha256":"df1d970dbd95be40780e8c006102fa7892bfe26bc989ee0c9222b089038542ee","sha512":"277849fa8a9d59430663b5c1aac29a198436731ab59bc5968ed9fcfb839f00a31e6e278c3c78547f6e1c20d94847963375de011be6493af268a7bac25cd15257","ssdeep":"192:ImwHq/LrnzPLEgIE1iN+xiDgGOy+HpVHnKWyay8V1K5Av+cE:s6LrnzCE1iN+xkDOy+Hp8/5Avy","tlshash":"c7224269ce504ea702c29647399f35437624429b1f54382eb78891ac0f8ec6f71f779e","first_seen":"2026-02-18T09:54:55.751197Z","last_seen":"2026-06-08T12:51:50.339035Z","times_seen":21442,"resource_available":false,"data":null}},"time_used":147,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":147,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/CasinoGame-9WoCdzkb.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:56.414Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/CasinoGame-9WoCdzkb.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m-galabet1123.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:56 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=4,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"1711-3g/7tiv5gKanaT0XABGV8MoCUA0\"\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EU5Q3%2ByZ6X%2BSX%2BBFAlsdtefSIPi0Hp2IYiZW2urgqSt%2BD7fXEFrrbMeM7wlM2Fm39EIueMS%2BZTO9%2BTCqonfEC2%2Fy7xg2PIyG2%2Bijcz%2FfGZtP\"}]}\r\ncf-ray: 9d40465b4c72e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5905,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (5630)","md5":"9394597a4dd6f86f5e43d734a073d194","sha1":"de0ffbb62bf980a6a7693d17001195f0ca02500d","sha256":"3d3c7b4dbc38c7c892cd346771c606bfbcc9ccf8d621bc8f4396ac7eb76a7227","sha512":"9c17ba1fbc81d094106907fd547a69faf5febd87bc4c795dad206094a9d355c27d89cdba231a68f340c25d1bd1821343fedce2a70308c9ceb3aa63883383a323","ssdeep":"96:jx1BM8Xcl/jL5p8u+m+9Z87/ORx2CZZ9Lm7nxT+xmZ97vaycesDa+e:V1BMJl/jPIm+k7jKq7nxKx005e","tlshash":"f7c18504e014efbdb8360cca986f202978191fa2de198565f47da839367c11db627bdf","first_seen":"2026-02-24T14:23:51.033613Z","last_seen":"2026-02-26T17:03:57.889854Z","times_seen":4,"resource_available":true,"data":null}},"time_used":48,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":48,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"galabet.winwingames.io/public/proxy2.js","fqdn":"galabet.winwingames.io","domain":"winwingames.io","tld":"io"},"ip":{"addr":"172.67.157.158","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://galabet.winwingames.io/","date":"2026-02-26T14:53:56.702Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"winwingames.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 08 Feb 2026 19:47:04 GMT","end":"Sat, 09 May 2026 20:45:41 GMT"},"fingerprint":{"sha1":"5F:A1:45:1D:4B:B7:61:A8:B4:5F:25:27:8B:2E:35:9F:B2:AE:4E:72","sha256":"80:69:5A:6E:C6:E7:5E:F3:BF:B1:27:9B:EC:BD:81:46:6D:C9:B0:59:00:CC:90:C4:6D:BC:45:CE:D4:38:E5:01"}}},"request":{"raw":"GET /public/proxy2.js HTTP/1.1\r\nHost: galabet.winwingames.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://galabet.winwingames.io/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Thu, 26 Feb 2026 14:53:56 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncache-control: max-age=14400\r\ncf-cache-status: EXPIRED\r\nlast-modified: Thu, 26 Feb 2026 14:53:56 GMT\r\nserver: cloudflare\r\ncontent-encoding: br\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=JfukFkKvutVVHMQC4iyJCwFylL0Xhya%2FJCKVTnhXNqbO9jEhkTG0wwf6y1haUnxBhjBQuN6O4dy%2FqrrtpjE7exhGqUQ1JaEqPAqlhzfacWwHCFKYFVw%3D\"}]}\r\ncf-ray: 9d40465d7d46e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":19498,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"1296781ea2c9cd24e19fe155b42373f2","sha1":"d7ce9dffbb2482bc2f3795cdeaa727d99e49644d","sha256":"de74ac92be5c23abac0e045e3380edf98b53abeb1abc7351e98ec06a71a01359","sha512":"3922435bb5f624625705a335938c57a7addd890b26905e7097bbed9882d0508fd10eacfd3fa32cf5b570deece89987d97773fc9377c68416dc03707c32e4af72","ssdeep":"192:0e/p461ScOtSD3FfjmfO6goK78IANjSLsZPiSLrBEpKYehsKs841+yUV22hhCsrq:l//Sk8fhPVEQGrUFAvRZIgUlM","tlshash":"ce92860e927b6123447334bc978ba146be1150971d0acd847f4ce394bf85b6eb6b27ac","first_seen":"2025-12-24T22:39:16.372563Z","last_seen":"2026-06-03T04:20:31.901901Z","times_seen":57,"resource_available":true,"data":null}},"time_used":255,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":201,"receive":54,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"explorer-api.walletconnect.com/w3m/v1/getWalletImage/77c1d3dd-0213-400a-f9cc-bfd524c47f00?projectId=45f4062f4f6427f9e6eab952d2452b3c\u0026sdkType=w3m\u0026sdkVersion=js-2.7.1","fqdn":"explorer-api.walletconnect.com","domain":"walletconnect.com","tld":"com"},"ip":{"addr":"172.66.147.126","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:57.108Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"walletconnect.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 05 Feb 2026 12:00:46 GMT","end":"Wed, 06 May 2026 13:00:31 GMT"},"fingerprint":{"sha1":"0B:75:F6:C4:1F:5C:D6:FA:A0:CD:3E:89:69:B2:43:70:98:34:EB:71","sha256":"A7:6F:DB:DB:DF:40:40:BC:E0:FA:21:6A:0A:3B:17:05:37:B7:17:6E:6E:BC:B2:89:3D:F4:E2:7C:EB:48:E6:5E"}}},"request":{"raw":"GET /w3m/v1/getWalletImage/77c1d3dd-0213-400a-f9cc-bfd524c47f00?projectId=45f4062f4f6427f9e6eab952d2452b3c\u0026sdkType=w3m\u0026sdkVersion=js-2.7.1 HTTP/1.1\r\nHost: explorer-api.walletconnect.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m-galabet1123.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:57 GMT\r\ncontent-type: image/webp\r\ncontent-length: 1404\r\ncf-ray: 9d40465ffc678a18-ARN\r\ncf-cache-status: HIT\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=86400\r\netag: \"cfvWH7-l2WGZEJvxD_-cbyo5fufmDcyauXnchu_YTSDQ\"\r\nserver: cloudflare\r\nvary: Accept\r\nx-wc-r2-status: HIT\r\ncf-bgj: imgq:86,h2pri\r\ncf-images: internal=ok/- q=0 n=722+3 c=0+3 v=2024.10.6 l=1404 f=false\r\ncontent-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'\r\nx-content-type-options: nosniff\r\nx-robots-tag: noindex\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1404,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 120x120, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"434c7550a1a937d1e7e8bb8416691d9b","sha1":"d837654b42d1474560a5698cfac3514209cde2c2","sha256":"5f0f065528ec2543e34a03df1cd588b4c4ce7764d1ff62e67cec0677f638c549","sha512":"eefe6cf29ea82af55070456f2bf2cf1ab3c3328938ea092695f0a25370e6cef7ed1da43633a4548b22b46d7d7a87253ef01b2c01847ea84725cd4acc7be813fb","ssdeep":"","tlshash":"9f21e6a32c3914ddefa65f1485a00d8dff03c1a5983ee3d896e83548e5788da6ca00c2","first_seen":"2024-12-05T15:42:26.602777Z","last_seen":"2026-06-08T13:06:58.369135Z","times_seen":2569,"resource_available":false,"data":null}},"time_used":379,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":379,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/TabItem-zqZt7Nh0.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:57.604Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/TabItem-zqZt7Nh0.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/assets/FavoriteGamesContent-BWhyATt4.js\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=0; twk_idm_key=1j_Pbe3wZINlDTDhzscRH; twk_uuid_69345a05c4e6ba197aefa96c=%7B%22uuid%22%3A%221.92R1qCgyJWowz2iTiEpRwBM0xZehlrdmh8bxgIdk3R7rbioXvAdL6Ij0M1frbRAs6Dh30m1oA1FRvNd3M7KvvDyVS879Xvfp17FFvDm7hE25401h5GP6zS56Sncq%22%2C%22version%22%3A3%2C%22domain%22%3A%22m-galabet1123.com%22%2C%22ts%22%3A1772117636060%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:57 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=3,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"19d-L0tIOzDq25CRCzGLQ8i2iurkajU\"\r\nage: 0\r\ncontent-encoding: br\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hkuxCCc73rKKtRZG6r9WG%2B2UmnGUCrOSc4wJHSNgsjL3LUeR39NrSM%2BnaxPhCedBrhlMvOAxPeCq3TjYh2n7DdEwaJE83XErqJohI0rgZ7J4\"}]}\r\ncf-ray: 9d4046630eafe0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":413,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (412)","md5":"7399832e6d7898196fe5a4b445f58dea","sha1":"2f4b483b30eadb90910b318b43c8b68aeae46a35","sha256":"4d9195a229d1433eb80aa41cb3d5a1d41e315d57081e871c6ba0d6069b42159f","sha512":"103e8255fb328e1f8ad8edd4ec6dd2a1c36b1533e03b5286272b5f2f6c53ced739ea46c254fbd7e5008e6475b3e81ac6ce268df769c0c60c8593546176533ee0","ssdeep":"","tlshash":"25e02b42e020f3f5982b84d6d26ed4c7761249dcda9588e6e0a22054072e521fb4ff8e","first_seen":"2026-02-24T14:23:51.086077Z","last_seen":"2026-02-26T17:03:57.833559Z","times_seen":4,"resource_available":true,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/GoogleTagManagerTracking-D0YNYPoP.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.874Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/GoogleTagManagerTracking-D0YNYPoP.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/assets/index-Dm17uEDJ.js\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=1772117635494; twk_idm_key=1j_Pbe3wZINlDTDhzscRH\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=3,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"3dae-TqkZmkmHKEAfsC/Hqfm1cF1+lvs\"\r\nage: 0\r\ncontent-encoding: br\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=r856ZzR7T7TdrBKIy99qecCe6U63tyjXlNnP9YIBGNUQB605rF7JyBnpYlXhbao9eLStaPOT0sloMO9wl9Gh%2FZBBLtVR9zzE709WOw6agaXL\"}]}\r\ncf-ray: 9d404657eb27e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":15790,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (14494)","md5":"7ba959810d4a9f7754c1811a32e116a2","sha1":"4ea9199a498728401fb02fc7a9f9b5705d7e96fb","sha256":"e3cd4a119c74e94648e229b1ccf657d25f63b948059b222f30a4adf5187c091d","sha512":"2ab8952eb3f12b16f8c4ea3d244d4da7d41281c83bf2a36a1a7b2a741c6ef5ad977478d3ca25cc1fbdbd8b60c91df2ab09096f4788a82d5af08b5ee30f5cf545","ssdeep":"384:oT5rzmJK7O+CQsGPsR9W+/kyMVVrkfknk/k9ktg7riGw7DUe:WrQiO+FQR97/kyMniKCuJ3SYe","tlshash":"f36295d7faa558a0b0bd4de81f9281c23ab1b56af58144707c7e3c0c6378e0af19596d","first_seen":"2026-02-24T14:23:51.041512Z","last_seen":"2026-02-26T17:03:57.813524Z","times_seen":4,"resource_available":true,"data":null}},"time_used":114,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":96,"receive":18,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/CasinoJackpot-DoBzeOXX.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:56.403Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/CasinoJackpot-DoBzeOXX.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m-galabet1123.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:56 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=4,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"37a-3cN/qSBv9/JMk6FQccXMrzxKN98\"\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wTJXcAVRm0AW5V%2Fs91yOAzebYG%2BmIisX2fq6q90T7%2BP8YdBTCq4k4NARFtIjxzej7GV%2FBeLIMjhS6BqMBsMzNbipsuMrhg6sktzu1tDjJvDV\"}]}\r\ncf-ray: 9d40465b4c5fe0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":890,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (889)","md5":"fce9b3cfd468eed48d05649525ff5ed8","sha1":"ddc37fa9206ff7f24c93a15071c5ccaf3c4a37df","sha256":"954d2d5703bea36e3674bc3c5ff566b97db4ada799205a18ea5f83d0baa9d458","sha512":"6570def11e173fb4563ee7a075ce4a1399ffa3b9477e08c1a3102b8e78091fc7e926575fda1e152fd436cae5999b5a77d6b6484d6ed5c93084dcc6e02c63a171","ssdeep":"","tlshash":"b1110087e01bf3f4c8dc58e540a5955f0b2e2f7af72081d0545c4b385a25857f56c7c2","first_seen":"2026-02-24T14:23:51.364102Z","last_seen":"2026-02-26T17:03:57.805473Z","times_seen":4,"resource_available":true,"data":null}},"time_used":103,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":103,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/HorizontalNavigationListItem-D8usqGBs.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:56.410Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/HorizontalNavigationListItem-D8usqGBs.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m-galabet1123.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:56 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=4,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"2d9-WwdKMm2CY+BSr3kyBQxN1pb5XdY\"\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=p3U2C9mr3sFvvdI5FHeiNd9BBvcnB2gZnEntvV4SXktRSPH37aPTTu8dG3hOK3kADcI3BqveVCwMnhkF7x4xC%2FF5yQ1iGIjnfJhEcSTPziUZ\"}]}\r\ncf-ray: 9d40465b4c69e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":729,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (728)","md5":"2ee91c2a746e670fa0395e2402ebb652","sha1":"5b074a326d8263e052af7932050c4dd696f95dd6","sha256":"6bed6f8c738e862641eb57d60efd2be604d705024d3576fb68a1f6cc491e62f0","sha512":"15a2d3022a25b216582a549dda022b4de3fc8eecd4d2e519a047d4ff7abf1e3ea3767850c513f5cc800e846c071b7263da71e4dca1a299a8754660a8227a0291","ssdeep":"","tlshash":"f001c001e014dbbc9a2745ccab8d1089b5479afedf782ce190f4e12109794593a86f8e","first_seen":"2026-02-24T14:23:51.015813Z","last_seen":"2026-02-26T17:03:57.886757Z","times_seen":4,"resource_available":true,"data":null}},"time_used":109,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":109,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/getLiveGameAdditionalInfo-wT1MfhKJ.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:56.411Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/getLiveGameAdditionalInfo-wT1MfhKJ.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m-galabet1123.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:56 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=4,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"47e-rGhFPxKkcT4wt/6F5CTbuyZv+3A\"\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3UJrT%2FZ3dfURDu6l41RVa9WhfITfNoq9eDk3Ct45j4l%2BEJKe8oB9hvkQTaFdtf5PjuewclPNzHQpJ%2F9wSpvPumwxQUdMvNXD57jx63AhXwtp\"}]}\r\ncf-ray: 9d40465b4c6ce0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":1150,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, Unicode text, UTF-8 text, with very long lines (1148)","md5":"8bb6d48e0059b4a0993ea7f2f68ad297","sha1":"ac68453f12a4713e30b7fe85e424dbbb266ffb70","sha256":"7f7d09c366f8afbb43e1439ce81afcdaf76f9f8d9aab83a3338c7b13e18e944f","sha512":"ff5ff2ccf22ad1c8f7d89b02340c0352025c54b019538a2633b759e620a36526188ed63dfc4dbecccdff53d6f723d2814e679da801fa29843fabb2e223625c19","ssdeep":"","tlshash":"aa2144b2606e92bbe5c94d945ab01b31e2b5ba05380445ccbb3cc9191877480a7e203a","first_seen":"2026-02-24T14:23:51.176176Z","last_seen":"2026-02-26T17:03:57.783484Z","times_seen":4,"resource_available":true,"data":null}},"time_used":106,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":106,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69967ba6a3b/js/twk-chunk-7941cc06.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:56.420Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 06 Jan 2026 07:50:57 GMT","end":"Mon, 06 Apr 2026 08:50:49 GMT"},"fingerprint":{"sha1":"76:A2:1D:87:6A:02:2B:AE:59:CF:63:88:47:0B:0E:A0:A4:71:2D:D7","sha256":"9E:00:F3:80:45:CF:47:97:9A:BA:39:F6:38:6F:52:DD:E7:5F:D6:9B:7E:89:F7:9D:B0:BD:98:6F:1F:45:64:2A"}}},"request":{"raw":"GET /_s/v4/app/69967ba6a3b/js/twk-chunk-7941cc06.js HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:56 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 19 Feb 2026 02:56:35 GMT\r\netag: W/\"09a6b2a4fc1400ec37c1115e6aa1670f\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\nage: 16681\r\nvary: accept-encoding\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nx-content-type-options: nosniff\r\ncf-ray: 9d40465b5c7ae0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":53530,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (53411)","md5":"09a6b2a4fc1400ec37c1115e6aa1670f","sha1":"d703fbc76276de75b56fad5c189fb663146d116b","sha256":"59147272a66366aa00b1f3771a23f360ee90c3bcac88ad31f59d29562b2d3c28","sha512":"2af2fecb20cad761430bd295a3e8846ad7404f20c9610dc8e20010e4d941b9067a192e700a964b92fccd2289ae4a10eb0e2ae81db8323b49bc3c0543dfe0e457","ssdeep":"768:Vlxfu8+HYUmI+rTRWf2z+y+Um/+VRJWf/W+Hc1lt7Gj67IW8/JGvgLCBxf6stK43:xfurowf20UJWfO+Et7GZrC90k","tlshash":"a533c8c9b2d6f4258763632130af3006f27a4964a81dd155f334d9f6b9ece48a227f2d","first_seen":"2025-11-13T12:40:48.539817Z","last_seen":"2026-05-27T07:42:34.882187Z","times_seen":34008,"resource_available":true,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1052.com/storage/medias/galabet10/content_751_c2798e3c84b9cdb7f38468addd0d2cf3.webp","fqdn":"icons.galabet1052.com","domain":"galabet1052.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:57.259Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1052.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:14:03 GMT","end":"Sun, 24 May 2026 11:13:59 GMT"},"fingerprint":{"sha1":"3B:14:63:FD:4D:69:AD:3E:AE:90:AC:62:75:5F:1C:3B:40:70:81:66","sha256":"67:D1:79:82:FD:52:DC:63:91:45:A6:57:3E:F7:D3:BE:95:EE:80:07:4E:A0:E0:43:F1:1C:9D:1B:E1:2E:48:79"}}},"request":{"raw":"GET /storage/medias/galabet10/content_751_c2798e3c84b9cdb7f38468addd0d2cf3.webp HTTP/1.1\r\nHost: icons.galabet1052.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:57 GMT\r\ncontent-type: image/webp\r\ncontent-length: 41468\r\nserver: cloudflare\r\nlast-modified: Tue, 30 Sep 2025 10:15:35 GMT\r\npriority: u=4,i=?0\r\netag: \"68dbadc7-a1fc\"\r\nexpires: Thu, 05 Mar 2026 14:53:57 GMT\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nset-cookie: __cf_bm=cWLp3YApj3C6az56_VVnQ_LBe1cGoq_9B7k9RfZKYn4-1772117637.261608-1.0.1.1-xInNPeCqMceBLIevEd496v__QFxQlNIfXAoQlJtWgCEc3Mniiv.9u4EdT10SpYrhFZrSp_yEh9jjXSsryIEp3y56KcSB_MwgndrTmcDrhEDOxMpE4eCwtEdblxIgnlnP; HttpOnly; Secure; Path=/; Domain=galabet1052.com; Expires=Thu, 26 Feb 2026 15:23:57 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ATKbzLbcrjfx4E4keMCNzccfEM4B%2BR54LVIRuogIfQB1nSq%2BV9hJBflZtmt2Ez25JhCdD7rVDHJolzcaTLKBrnYEBkkCGRxRqKun5MSee7HQTUyxGQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d404660dc5935a6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":41468,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1600x160, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"73cc0bbb436e26b9b598c9e48ec14826","sha1":"9fa3cc5ab9ac1a70c8c28e384ce695bd2904fada","sha256":"fa1c9533908deb22f89990a240a1c0ac2aa61a5a33e8faffc1dc0475e33c639e","sha512":"195f91ab33d65511b31e95308c95b79a5c097f78a0bbe4a99e081a5704085fe8fcc601ae0d0adcb0a439b0a9bc326f597d62e31c26eb359a610f474a41aaf2f8","ssdeep":"768:EeFn2FhdX/7CJjYdDHjp/VvUlF9791MUC2Fon7y+sHuwQn2iCP2TqbyTu:i/ajqTv8lF95+fTou7CEWF","tlshash":"5013011dde495ba80772339c878fee86d0924aaede24852b18ff112997047ec43af594","first_seen":"2026-02-24T14:23:51.089025Z","last_seen":"2026-06-06T23:43:56.054142Z","times_seen":53,"resource_available":false,"data":null}},"time_used":136,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":97,"receive":39,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statistics.btcoservice27.com/images/e/s/0/456.png","fqdn":"statistics.btcoservice27.com","domain":"btcoservice27.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:58.016Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"btcoservice27.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 09:41:42 GMT","end":"Sun, 26 Apr 2026 10:41:35 GMT"},"fingerprint":{"sha1":"81:21:C1:62:6C:B3:8C:D6:3B:78:1C:03:98:EB:E4:B5:0B:08:13:4C","sha256":"86:BF:9F:A3:FE:30:F5:BD:7B:AD:63:3C:D7:11:72:E8:91:A7:06:23:A8:B5:1E:96:CD:28:18:3E:4C:48:4C:86"}}},"request":{"raw":"GET /images/e/s/0/456.png HTTP/1.1\r\nHost: statistics.btcoservice27.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:58 GMT\r\ncontent-type: image/png\r\ncontent-length: 1061\r\nserver: cloudflare\r\nlast-modified: Sat, 09 Apr 2016 09:04:21 GMT\r\netag: \"2e222cce3e92d11:0\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\nx-powered-by: ASP.NET\r\nexpires: Fri, 27 Mar 2026 20:17:18 GMT\r\ncache-control: max-age=2592000\r\npragma: public\r\nx-cache: MISS\r\naccept-ranges: bytes\r\nage: 66999\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nset-cookie: __cf_bm=4bj5cGDmisrOjjqELlTi_cS7WH9QtNE1xvmm90BVnYQ-1772117637.9918077-1.0.1.1-QKBsutwXR8J00Or7B9pYdsrQk_kG11DpwYlV7xw.Y6yRcK_r67myQLwhtiNW0lubgP4ssIGQOAxKPvXTS4rzRQeiP2xlSaQdLQRki4WFDrk7VOIk8Q0LboO7p.sF7XEo; HttpOnly; Secure; Path=/; Domain=btcoservice27.com; Expires=Thu, 26 Feb 2026 15:23:58 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=UHrn%2FMLEV%2Bo3Dv%2Bfix8OFXUwo78J%2BJFRHtjMmM3w60tZTFu9Egr12EQi%2Fwqo0hvW2O4AsKKObtk9PWqamB030XuNyVUueRNT1eHNDhfUuo%2BIqGsN%2FfcNRKKaieU%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d40466579274c11-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1061,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced","md5":"dc142b4286c2f4c542da122edb7851e9","sha1":"d20c2d8239843bf6425c414ddc5482e59a591a54","sha256":"0af21af658044292876f71a35dfe316b9dbef457850d6c671c617e06ec680da6","sha512":"d2c1775972d49129037507f0a17113ca9f42997707fbd705b018a87dd57bc4758b6942602fee3c9dfb2faee3baf26b174d16f4d6dbde638770625ea2a66467a1","ssdeep":"","tlshash":"6c1186d2bdf8302da5a8212bea435d95a591736526931844af59ea1c0307d48c487594","first_seen":"2023-11-25T15:41:35Z","last_seen":"2026-05-08T19:17:56.083287Z","times_seen":204,"resource_available":false,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.16.174.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:58.483Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jsdelivr.net","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 25 Apr 2025 00:00:00 GMT","end":"Mon, 04 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"A6:DD:A1:61:65:41:D0:8F:18:9A:2F:B3:5C:A4:20:AA:B2:8C:AD:1F","sha256":"20:CE:80:8C:8A:B7:48:3B:0B:A0:F2:AC:61:42:83:EC:54:84:A8:FA:4C:2D:98:10:FF:8B:FA:A5:1D:F5:21:28"}}},"request":{"raw":"GET /emojione/2.2.7/lib/js/emojione.min.js HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:58 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 39460\r\ncf-ray: 9d4046689b040731-OSL\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\netag: W/\"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\nx-served-by: cache-fra-etou8220077-FRA\r\nx-cache: HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\nage: 1804142\r\ncf-cache-status: HIT\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=fKKIpkucSG1YS6gIpdQ3yNyWvY208KURXK8aiT6UqSiwJPjcKTqxzVidGC7J55ebxvjWzu1TTReUyCuuzi%2BJ6ZSI82rR6d%2FNeErQ5ZA3dFnATAJ0iOe%2BO4gL7oGJElnAf2k%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":302554,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with very long lines (32014)","md5":"3ebdfd5d06617d7d3cf6bf6e5c458085","sha1":"ac433f0c7c8c06dbb26a85d08a47eadcf30d783e","sha256":"a642ac8ca5dc75fc2fa88c4c1d54b6f57f2a27bac6a74e15a5667e78f2af8e0b","sha512":"7ea52d1e4cfb1b61b84f58790fe6e1649d22b1b4b854e45df4b7ecb1b30a6b4e2f6366c794c51f5ce605f8ed0e85f0577dcb7d0a250d3b4a7182c3639edae402","ssdeep":"1536:Q/drlyiQh7fh7RqgwkMTyDUV6HeAIDgI9IKQ/d2ffWifirh3dfEm+E5ove:Q/drlyogMVc6FIKV+ZhdfEm+ET","tlshash":"ab646f7d86506deee994902d86db3b4af9883c0493ed1276f66441cb37ba43a33487dc","first_seen":"2025-09-10T06:37:47.236235Z","last_seen":"2026-06-07T08:03:01.010717Z","times_seen":6744,"resource_available":false,"data":null}},"time_used":50,"timings":{"blocked":12,"dns":4,"connect":1,"send":0,"wait":18,"receive":2,"ssl":11},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/menus/app_menu_751_tur.json","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.508Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /menus/app_menu_751_tur.json HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=1772117635494; twk_idm_key=1j_Pbe3wZINlDTDhzscRH\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: application/json\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Om8eJb2DUXP4nVZHAF18jJfne3iMXTzbmnT%2BtuhazeqWHV%2BM1UpWkKOdWbYgbZV05Pf2JojoAGWJ9s8g4bYY5gyJwrkVDUr1kX5yAIHgoVj2\"}]}\r\nx-powered-by: Express\r\nx-cache: HIT\r\netag: W/\"1adb-YjWYVQBaNZGhb0TdCpAaYdAleUs\"\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncf-ray: 9d404655fa7ce0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":6875,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"10f99f9f3ca21ff632f0a7e6c695f814","sha1":"62359855005a3591a16f44dd0a901a61d025794b","sha256":"05b71da83b4e86eeb074d6632e54d0c53ab4743388acb6a3b0f1af2108b4e9b0","sha512":"37828736594746232c42d7939d0c3def4c34dc3fd7c503ae3e7d96684fe93a9dac4b2243b8d5c2a739d52ddc10d567c7f1cdc7654802a84539fa57077670cee5","ssdeep":"192:SSkcUlkiU+kuSkAUdkuUQkZUckTk2UUkoekIU1kvkq/UKkJUdkpaUAkvSkGUlkM9:Svuxuvi7iwbCCMjHxvv8MvRqzaKTi","tlshash":"3fe10702f01d5976d30c3e00bcc76d5b888e50996c9d19419d4d8acecbd649fdacb6db","first_seen":"2025-12-24T22:39:16.190871Z","last_seen":"2026-03-08T10:47:57.851769Z","times_seen":9,"resource_available":false,"data":null}},"time_used":48,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":48,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/NotificationsButton-pLBpik3l.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.818Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/NotificationsButton-pLBpik3l.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m-galabet1123.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=4,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"22e-mRgS0ldhghlzTaY/dXLfEDwpCSI\"\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gbZNh92z2UgADah597CsOcVpWFx%2FnV5FCwxwaiDPplAvuup9q70eyxqWm1Ja6f6gO%2BCJC12VGlYCMBoAe%2FA8hLFVKPA1FtyNy3guhjnkNsMx\"}]}\r\ncf-ray: 9d404657baf3e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":558,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (557)","md5":"a9b056a32d1ed76e431c79743fff40d0","sha1":"991812d257618219734da63f7572df103c290922","sha256":"1d39a6add7ab9c187045bdbe1fe951cd7aa476aa5df81ad0e50ac2a876c40934","sha512":"058802b490279b15a1dc08c0bfccff599583ce22b9121453e2282443bb321ec4e51145d312ccdf1d58cc0d7ed07506b8f89c3abcdeb726bc57778cfcdeeba673","ssdeep":"","tlshash":"aef0264be994d5f417c25a11623bd0163c3ba96cef4a588000eb1c591734116c81f55f","first_seen":"2026-02-24T14:23:51.194058Z","last_seen":"2026-02-26T17:03:57.749218Z","times_seen":4,"resource_available":true,"data":null}},"time_used":119,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":119,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/GoogleAnalyticsTracking-DmBvxHyZ.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.841Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/GoogleAnalyticsTracking-DmBvxHyZ.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m-galabet1123.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=4,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"3588-+3Qi3GVO+LuMi8G1QnpVfRZLfw8\"\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yDHnqAUJq5JV8X0Hljwog3q9eVM%2FLaFoHeUPep2g5aNGPhN4FbqcN8mq%2FXhah02Z2e4mEE1vFCyBpf0uOo20X6hvcImhMwVFjUdpBSFoEDr9\"}]}\r\ncf-ray: 9d404657db15e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":13704,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (10208)","md5":"8cd4ae15064f7954689f3a7849a73b53","sha1":"fb7422dc654ef8bb8c8bc1b5427a557d164b7f0f","sha256":"243564d221706adbe127ee98e3bceb0859347bb88ebafd4c342e67e1d1609b6b","sha512":"546ce01ea7b40447f0a0ae6bc1b4eebcb7d349bde18015cbc22a079eaa3d219a0f4585413a77ddd79127711a864164951fa124040f10b930ca774a14f9b368d5","ssdeep":"192:bfWWYceR0SE+m/CTb3bHXCT76hoxGE0VK7D6L7kBNrnPWh52Lz2PM7mBE:jLYcoE/CzCIEP3Byy2PdBE","tlshash":"1152b55c32adb0b682df6054487f720bf1755910a458f480a265edf46ef8caf026bf36","first_seen":"2026-02-24T14:23:51.075102Z","last_seen":"2026-02-26T17:03:57.730432Z","times_seen":4,"resource_available":true,"data":null}},"time_used":131,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":111,"receive":20,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69967ba6a3b/js/twk-chunk-2d224aff.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:56.417Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 06 Jan 2026 07:50:57 GMT","end":"Mon, 06 Apr 2026 08:50:49 GMT"},"fingerprint":{"sha1":"76:A2:1D:87:6A:02:2B:AE:59:CF:63:88:47:0B:0E:A0:A4:71:2D:D7","sha256":"9E:00:F3:80:45:CF:47:97:9A:BA:39:F6:38:6F:52:DD:E7:5F:D6:9B:7E:89:F7:9D:B0:BD:98:6F:1F:45:64:2A"}}},"request":{"raw":"GET /_s/v4/app/69967ba6a3b/js/twk-chunk-2d224aff.js HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:56 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 19 Feb 2026 02:56:35 GMT\r\netag: W/\"87f83aeea14051d9edd97ec3dd41fa0e\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\nage: 16608\r\nvary: accept-encoding\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nx-content-type-options: nosniff\r\ncf-ray: 9d40465b5c75e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":18392,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (18392), with no line terminators","md5":"87f83aeea14051d9edd97ec3dd41fa0e","sha1":"8649c359a630d1c55eb268ff051d5a284ef7587e","sha256":"38a072ee28e39fadd2153244a3f0a48df473ce7d8dfe16e2f2fcbe5d9cd0bc6f","sha512":"c56e03220951ba738fa2f29bec6d02b1de5ca769f1f41c39ff3f12334b16d0a82db78487c4e4cfcd8fdfaddf4af6b923c725af335346028224efa849bc140eca","ssdeep":"384:jqiSR0nIa0kIrCQl2kL3kCrGN//h6LiJq:SzP2DZSLi8","tlshash":"37822ba6f149311bc925c750605f2228b33b19a9fa1ece7df2745cf245a8cc2906af3d","first_seen":"2026-02-19T03:13:10.613764Z","last_seen":"2026-04-15T01:21:42.807167Z","times_seen":8478,"resource_available":true,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.livechatinc.com/v3.6/customer/action/get_dynamic_configuration?x-region=us-south1\u0026license_id=19330347\u0026client_id=c5e4f61e1a6c3b1521b541bc5c5a2ac5\u0026url=https%3A%2F%2Fm-galabet1123.com%2Ftr%2F\u0026group_id=0\u0026channel_type=code\u0026jsonp=__4phonwpto8b","fqdn":"api.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"2.22.225.11","port":443,"asn":20940,"as":"Akamai International B.V.","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:57.813Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"livechat.com","organization":"LIVECHAT, INC."},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 11 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"66:A3:6F:A0:92:9E:A2:01:91:16:68:AA:27:A9:41:28:FC:25:27:68","sha256":"03:FC:5A:F6:F7:06:15:5B:0F:31:DB:6C:4E:D7:E4:1B:69:80:1F:C3:5A:E3:85:5A:FF:8D:22:81:92:ED:25:2F"}}},"request":{"raw":"GET /v3.6/customer/action/get_dynamic_configuration?x-region=us-south1\u0026license_id=19330347\u0026client_id=c5e4f61e1a6c3b1521b541bc5c5a2ac5\u0026url=https%3A%2F%2Fm-galabet1123.com%2Ftr%2F\u0026group_id=0\u0026channel_type=code\u0026jsonp=__4phonwpto8b HTTP/1.1\r\nHost: api.livechatinc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-security-policy: frame-ancestors https://m-galabet1123.com/;\r\ncontent-type: application/javascript; charset=UTF-8\r\ncross-origin-resource-policy: cross-origin\r\nvary: Accept-Encoding\r\nx-frame-options: allow-from https://m-galabet1123.com/\r\ncontent-length: 390\r\ndate: Thu, 26 Feb 2026 14:53:58 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":390,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (390), with no line terminators","md5":"4c86c288e52de23adadae47a6995bc9d","sha1":"284cb8609662ce2fe9cddfa180940b267f653e00","sha256":"90a88be37a65339c66d7502dbb38001f847f39c1671c78b07cfa82f5c56bc44c","sha512":"354eed9f820b72ed2d68e1bab9eb8e5c016ed8eb26779fda8d529438f61f575aac9cc9d12d600b595442aba3f58fda9e50dcd410a3f234638cf1d8ac59d2009f","ssdeep":"","tlshash":"38e061a36151553196c8e3be94015b537d305b97510496bcb46b0201521fbeeb314947","first_seen":"2026-02-26T14:54:53.904346Z","last_seen":"2026-02-26T14:54:53.904346Z","times_seen":1,"resource_available":true,"data":null}},"time_used":403,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":403,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gstatic.com/recaptcha/releases/AWtrSI7lAmTAfV1rzWqEqz54/recaptcha__en.js","fqdn":"www.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.20.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.recaptcha.net/recaptcha/api2/webworker.js?hl=en\u0026v=AWtrSI7lAmTAfV1rzWqEqz54","date":"2026-02-26T14:54:00.731Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 08:40:56 GMT","end":"Mon, 20 Apr 2026 08:40:55 GMT"},"fingerprint":{"sha1":"C0:70:82:EC:9D:28:B5:4B:51:02:7A:C7:BE:63:94:B1:DC:64:29:FF","sha256":"5E:E3:2A:C0:F5:10:AE:D1:9D:11:A4:88:D0:66:44:3B:31:B7:05:05:0D:A7:35:66:17:B5:35:88:23:3C:E3:F1"}}},"request":{"raw":"GET /recaptcha/releases/AWtrSI7lAmTAfV1rzWqEqz54/recaptcha__en.js HTTP/1.1\r\nHost: www.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.recaptcha.net/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha-scs\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"recaptcha-scs\"\r\nreport-to: {\"group\":\"recaptcha-scs\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/recaptcha-scs\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 367429\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 24 Feb 2026 22:50:52 GMT\r\nexpires: Wed, 24 Feb 2027 22:50:52 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Tue, 24 Feb 2026 17:02:26 GMT\r\ncontent-type: text/javascript\r\nvary: Accept-Encoding\r\nage: 144188\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":861792,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (586)","md5":"5d76c1cd54bfa6d632bdce4917dabe51","sha1":"8e6de70150687c9f54210ea7887f8d72a36a398c","sha256":"abcf7e70c37225416bc5c4dab4beb331be3e0a7fa478e267224af9b0d4c6855c","sha512":"558cc2e5c5baa8f91f3882ed43e1ad9241f88997d78cf53e5f70d3382eb3c661a5152fc05546baf9214c3db7e635ef3d38ddb5d1a8da00015dde503b32833e36","ssdeep":"12288:3XOybJb8FoAZFOlhDN4/6M4peznNwcLXtsnKrfPSekrMj1EL95LnAF+Om1L:sR46necLXz6kw5bM+n","tlshash":"12054adc75427661c322fcf6a067204ca37d95aac49c191db19ad8f02fb190da07afb7","first_seen":"2026-02-25T19:48:53.036897Z","last_seen":"2026-05-11T00:14:47.527289Z","times_seen":8685,"resource_available":true,"data":null}},"time_used":51,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":23,"receive":28,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1052.com/svg/Promotions3.json","fqdn":"icons.galabet1052.com","domain":"galabet1052.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.728Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1052.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:14:03 GMT","end":"Sun, 24 May 2026 11:13:59 GMT"},"fingerprint":{"sha1":"3B:14:63:FD:4D:69:AD:3E:AE:90:AC:62:75:5F:1C:3B:40:70:81:66","sha256":"67:D1:79:82:FD:52:DC:63:91:45:A6:57:3E:F7:D3:BE:95:EE:80:07:4E:A0:E0:43:F1:1C:9D:1B:E1:2E:48:79"}}},"request":{"raw":"GET /svg/Promotions3.json HTTP/1.1\r\nHost: icons.galabet1052.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m-galabet1123.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nlast-modified: Mon, 30 Jun 2025 11:09:57 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=HOOru2FTEOOFjOeCeCkBOeCXMXWj3Ow5oVT8t48yW7g-1772117635.79533-1.0.1.1-yfOAmOSF8BmDUnoZmoEJw5rS5EhVXpkKjVfz3QufB.0ZYYjsNFnKMFP45VYy0SLMPoCIWxTYc_Jry8Ss33X3MLW0oCYlfWtWLs6Eny0L1.tdzqjaz8CSxNdO2HOnlXSR; HttpOnly; Secure; Path=/; Domain=galabet1052.com; Expires=Thu, 26 Feb 2026 15:23:55 GMT\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6Ee6m2Yx2VwSBjtYRGn4KlIM2F4YuDKaRekR9LVaxKhKSyCpdqrnin%2BsQIoPvb%2Fo%2BMHCwn7o3qkLdVWsbXhdgUYyi7NDOb9JOUXIDv0viILelJyYHw%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\netag: W/\"68627085-710\"\r\ncontent-encoding: br\r\ncf-ray: 9d404657baaf4c11-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":1808,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"60e5a10a5bbcc415db7edd6ea60aec4f","sha1":"65af716c48e21ed7c837e77c4b7c3e2f33205dd3","sha256":"a8c1d1768e9efff44b10ffebd02cb4959af6be79610cdc02e44e840f0ec39a28","sha512":"418d3b818cc59a64f5261e2cc27fa2234ef1bf94a886866217d032d211c2ee47b758410154acbb7721314b855778c3e6bbd73fd57fdb092c5703c9270796ed22","ssdeep":"","tlshash":"ee312cd8ee305570eec443ffab118988795614bb69328edcf22c83886b8390800288d9","first_seen":"2025-07-08T10:50:27.664088Z","last_seen":"2026-06-06T11:08:41.264724Z","times_seen":614,"resource_available":false,"data":null}},"time_used":153,"timings":{"blocked":60,"dns":0,"connect":0,"send":0,"wait":93,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"explorer-api.walletconnect.com/w3m/v1/getAllListings?projectId=45f4062f4f6427f9e6eab952d2452b3c\u0026sdkType=w3m\u0026sdkVersion=js-2.7.1\u0026recommendedIds=6db5c2cd78ea5a09e820b7543dacc90bf3b1727e5bbaddff544b301de1f74f39%2Cc57ca95b47569778a828d19178114f4db188b89b763c899ba0be274e97267d96%2Cecc4036f814562b41a5268adc86270fba1365471402006302e70169465b7ac18%2C4622a2b2d6af1c9844944291e5e7351a6aa24cd7b23099efac1b2fd875da31a0%2C8a0ee50d1f22f6651afcae7eb4253e52a3310b90af5daef78a8c4929a9bb99d4","fqdn":"explorer-api.walletconnect.com","domain":"walletconnect.com","tld":"com"},"ip":{"addr":"172.66.147.126","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:56.574Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"walletconnect.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 05 Feb 2026 12:00:46 GMT","end":"Wed, 06 May 2026 13:00:31 GMT"},"fingerprint":{"sha1":"0B:75:F6:C4:1F:5C:D6:FA:A0:CD:3E:89:69:B2:43:70:98:34:EB:71","sha256":"A7:6F:DB:DB:DF:40:40:BC:E0:FA:21:6A:0A:3B:17:05:37:B7:17:6E:6E:BC:B2:89:3D:F4:E2:7C:EB:48:E6:5E"}}},"request":{"raw":"GET /w3m/v1/getAllListings?projectId=45f4062f4f6427f9e6eab952d2452b3c\u0026sdkType=w3m\u0026sdkVersion=js-2.7.1\u0026recommendedIds=6db5c2cd78ea5a09e820b7543dacc90bf3b1727e5bbaddff544b301de1f74f39%2Cc57ca95b47569778a828d19178114f4db188b89b763c899ba0be274e97267d96%2Cecc4036f814562b41a5268adc86270fba1365471402006302e70169465b7ac18%2C4622a2b2d6af1c9844944291e5e7351a6aa24cd7b23099efac1b2fd875da31a0%2C8a0ee50d1f22f6651afcae7eb4253e52a3310b90af5daef78a8c4929a9bb99d4 HTTP/1.1\r\nHost: explorer-api.walletconnect.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m-galabet1123.com/\r\nOrigin: https://m-galabet1123.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:56 GMT\r\ncontent-type: application/json; charset=utf-8\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, s-maxage=86400\r\nx-robots-tag: noindex\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 9d40465cdb638a18-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4368,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"1594744c430c14575dd987b06663f8af","sha1":"6ae3a00b9045083fc80dba950b908f9e7513e211","sha256":"db922d127c83813e54ac9a7e4fb61318bdc34765fde199edd3859da07f9b1a04","sha512":"6dbc4888f6eb430e5c148b063707a5488e01f7a4ffef184ac67db37cb847c0d69eff429b0c1bd3122ca4b1594229d6f4f600497011a876d5ddaada4d1fb9569f","ssdeep":"96:nNSNbh/YiOQxX+1A2teUB7SOMVMrhIa1WUqrZurozkhLQtwN:8OQVqfhSPbUK6J0i","tlshash":"ec9110b79f444a5e2b2407c9702d3e9c855e250bcbc09ceaf0c0cf2984f9eb967559a6","first_seen":"2026-02-01T05:09:11.282943Z","last_seen":"2026-06-06T21:30:11.817911Z","times_seen":246,"resource_available":false,"data":null}},"time_used":116,"timings":{"blocked":36,"dns":9,"connect":8,"send":0,"wait":30,"receive":0,"ssl":30},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/FeaturedGames-CmnWY5V8.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:56.617Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/FeaturedGames-CmnWY5V8.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/assets/index-Dm17uEDJ.js\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=0; twk_idm_key=1j_Pbe3wZINlDTDhzscRH; twk_uuid_69345a05c4e6ba197aefa96c=%7B%22uuid%22%3A%221.92R1qCgyJWowz2iTiEpRwBM0xZehlrdmh8bxgIdk3R7rbioXvAdL6Ij0M1frbRAs6Dh30m1oA1FRvNd3M7KvvDyVS879Xvfp17FFvDm7hE25401h5GP6zS56Sncq%22%2C%22version%22%3A3%2C%22domain%22%3A%22m-galabet1123.com%22%2C%22ts%22%3A1772117636060%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:56 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=3,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"1ee2-MZScdHqs3XQ2DULFve9Ti5sbHvc\"\r\nage: 0\r\ncontent-encoding: br\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4Xi0GN3PZI9OgIuqPbTldY7WmCgzvWmgL1UWOZJLiWuiOx7ebc7Q4DjYEqFJaBSNa%2BF84nCls2toacCXlbYtBGQtFHnKNjBHfIVE66hF%2BYdJ\"}]}\r\ncf-ray: 9d40465ced16e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7906,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (7905)","md5":"e24344281a7fbd4a9713273199c71772","sha1":"31949c747aacdd74360d42c5bdef538b9b1b1ef7","sha256":"cd4bbd4ac6d8c15d2e0161bbf733762f872971bef3f330f61722203fb0709294","sha512":"55516c7b75aac53acd092be82e3812ca3ed64b29355dce7d9867795b332110debbee7d5f7a536b5d6e1df37f4ac737357bf55bc82e733d0934768b6de87b77ec","ssdeep":"192:DjWt/Fh/fNHPEwDG3Qo62p7c0mhcMO/b2wL4Ula2yjRC:vKtHP4Qozp7cjhAI2CY","tlshash":"36f1ea0ae010fa7de63b49e7753f6104f47a06d4e7150890d0be6e2919e5246733ef8b","first_seen":"2026-02-24T14:23:50.903051Z","last_seen":"2026-02-26T17:03:57.839197Z","times_seen":4,"resource_available":true,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/useNotificationsProvider-BxGEeL4T.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:56.857Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/useNotificationsProvider-BxGEeL4T.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/assets/FeaturedGames-CmnWY5V8.js\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=0; twk_idm_key=1j_Pbe3wZINlDTDhzscRH; twk_uuid_69345a05c4e6ba197aefa96c=%7B%22uuid%22%3A%221.92R1qCgyJWowz2iTiEpRwBM0xZehlrdmh8bxgIdk3R7rbioXvAdL6Ij0M1frbRAs6Dh30m1oA1FRvNd3M7KvvDyVS879Xvfp17FFvDm7hE25401h5GP6zS56Sncq%22%2C%22version%22%3A3%2C%22domain%22%3A%22m-galabet1123.com%22%2C%22ts%22%3A1772117636060%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:56 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=3,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"5c-rUe/qyjmXYNkrRlPutI65eeaFt4\"\r\nage: 0\r\ncontent-encoding: br\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=B%2FJsnTGtCwZlRFeVHmTugHHX6eqeuG1mqzlpiLHuDcekLRitH%2FlGBRA%2FW1Gs9HSAhp3vgq3fgaV9HoE1K3XNeWcUZLukOQVr%2B4zfcod6ct%2FP\"}]}\r\ncf-ray: 9d40465e4d6fe0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":92,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text","md5":"2d9d5bd0509144a8bc2d18c111af42af","sha1":"ad47bfab28e65d8364ad194fbad23ae5e79a16de","sha256":"2546dc615d6b471b0a8c83a0f9b156a345134b4484caf6574eb58c5954ba9100","sha512":"b5cde42dac7ae4b2a865530dfc69039ee3efe535764378d517e156747a03a735449ca23f15fe699894692ffcdeba8bd13ef0f84fb297d1605496ddb7f0a13144","ssdeep":"","tlshash":"c3b01213884013f061010cdc11149c294f31483c3381cbb05034811c11e80858b0e901","first_seen":"2026-02-24T14:23:51.043147Z","last_seen":"2026-02-26T17:03:57.849061Z","times_seen":4,"resource_available":true,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/tracking.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"2.19.183.147","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:57.204Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"livechat.com","organization":"LIVECHAT, INC."},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 11 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"66:A3:6F:A0:92:9E:A2:01:91:16:68:AA:27:A9:41:28:FC:25:27:68","sha256":"03:FC:5A:F6:F7:06:15:5B:0F:31:DB:6C:4E:D7:E4:1B:69:80:1F:C3:5A:E3:85:5A:FF:8D:22:81:92:ED:25:2F"}}},"request":{"raw":"GET /tracking.js HTTP/1.1\r\nHost: cdn.livechatinc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-guploader-uploadid: AGQBYWwv5flR4L879W2hhSr5G3W4ADk_BXdMm8oDrbQYv-96KtQ0xhTde6RdEwK1plnLLVEdVhBKuSA\r\nlast-modified: Thu, 26 Feb 2026 14:44:07 GMT\r\nx-goog-generation: 1772117047762377\r\nx-goog-metageneration: 1\r\nx-goog-stored-content-encoding: identity\r\nx-goog-stored-content-length: 100997\r\nx-goog-hash: crc32c=Fc4FBQ==, md5=YFeW0lhvkPVRj5fxlQ9Qfg==\r\nx-goog-storage-class: STANDARD\r\naccept-ranges: bytes\r\naccess-control-expose-headers: *\r\nserver: UploadServer\r\ncontent-encoding: br\r\ncontent-length: 32758\r\ncache-control: public, max-age=28800\r\nexpires: Thu, 26 Feb 2026 22:53:57 GMT\r\ndate: Thu, 26 Feb 2026 14:53:57 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]}],"data":{"size":100997,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"data","md5":"605796d2586f90f5518f97f1950f507e","sha1":"2f68e81739c8292c08e8cdf5b409a7c2b4e9b7fc","sha256":"c6229d999bd7bd135063a4d50f4d4155b1e459e092393c4a09281593d0ba7c67","sha512":"3a07e4dbee1ca3a1c7cf6b5785dd67c3b08eed498c3fdc234f9bf938d0698731de4d346e301f1e255f1cb0d86aa738301064ee7414a5b6c97ba790ea90bdcaad","ssdeep":"1536:E5hboeri/BevgjTcAhWeypynDx4Wwwpw84Io6eFlIUYo88:Evboeu/kYHyp0DPheF4o9","tlshash":"52a34ada7282b03453f786e7a17fa212b3392818340d8420f17cdd6a395a9c79177f6e","first_seen":"2026-02-26T14:54:53.907349Z","last_seen":"2026-02-27T08:53:00.751906Z","times_seen":28,"resource_available":true,"data":null}},"time_used":213,"timings":{"blocked":80,"dns":23,"connect":22,"send":0,"wait":22,"receive":27,"ssl":36},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gstatic.com/recaptcha/releases/AWtrSI7lAmTAfV1rzWqEqz54/recaptcha__en.js","fqdn":"www.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.20.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.recaptcha.net/recaptcha/api2/anchor?ar=1\u0026k=6LcKXcgUAAAAABnErUWDwYMpRiWUfgDhsWTkyPIJ\u0026co=aHR0cHM6Ly9tLWdhbGFiZXQxMTIzLmNvbTo0NDM.\u0026hl=en\u0026v=AWtrSI7lAmTAfV1rzWqEqz54\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=30000\u0026cb=6cuqg1jf8bo2","date":"2026-02-26T14:54:00.203Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 08:40:56 GMT","end":"Mon, 20 Apr 2026 08:40:55 GMT"},"fingerprint":{"sha1":"C0:70:82:EC:9D:28:B5:4B:51:02:7A:C7:BE:63:94:B1:DC:64:29:FF","sha256":"5E:E3:2A:C0:F5:10:AE:D1:9D:11:A4:88:D0:66:44:3B:31:B7:05:05:0D:A7:35:66:17:B5:35:88:23:3C:E3:F1"}}},"request":{"raw":"GET /recaptcha/releases/AWtrSI7lAmTAfV1rzWqEqz54/recaptcha__en.js HTTP/1.1\r\nHost: www.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.recaptcha.net/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha-scs\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"recaptcha-scs\"\r\nreport-to: {\"group\":\"recaptcha-scs\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/recaptcha-scs\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 367429\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 24 Feb 2026 22:50:52 GMT\r\nexpires: Wed, 24 Feb 2027 22:50:52 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Tue, 24 Feb 2026 17:02:26 GMT\r\ncontent-type: text/javascript\r\nvary: Accept-Encoding\r\nage: 144188\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":861792,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (586)","md5":"5d76c1cd54bfa6d632bdce4917dabe51","sha1":"8e6de70150687c9f54210ea7887f8d72a36a398c","sha256":"abcf7e70c37225416bc5c4dab4beb331be3e0a7fa478e267224af9b0d4c6855c","sha512":"558cc2e5c5baa8f91f3882ed43e1ad9241f88997d78cf53e5f70d3382eb3c661a5152fc05546baf9214c3db7e635ef3d38ddb5d1a8da00015dde503b32833e36","ssdeep":"12288:3XOybJb8FoAZFOlhDN4/6M4peznNwcLXtsnKrfPSekrMj1EL95LnAF+Om1L:sR46necLXz6kw5bM+n","tlshash":"12054adc75427661c322fcf6a067204ca37d95aac49c191db19ad8f02fb190da07afb7","first_seen":"2026-02-25T19:48:53.036897Z","last_seen":"2026-05-11T00:14:47.527289Z","times_seen":8685,"resource_available":true,"data":null}},"time_used":115,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":26,"receive":89,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1052.com/storage/medias/galabet10/content_751_0195f59514ab4f392d09f47ebdbe8bfe.webp","fqdn":"icons.galabet1052.com","domain":"galabet1052.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:54:08.396Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1052.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:14:03 GMT","end":"Sun, 24 May 2026 11:13:59 GMT"},"fingerprint":{"sha1":"3B:14:63:FD:4D:69:AD:3E:AE:90:AC:62:75:5F:1C:3B:40:70:81:66","sha256":"67:D1:79:82:FD:52:DC:63:91:45:A6:57:3E:F7:D3:BE:95:EE:80:07:4E:A0:E0:43:F1:1C:9D:1B:E1:2E:48:79"}}},"request":{"raw":"GET /storage/medias/galabet10/content_751_0195f59514ab4f392d09f47ebdbe8bfe.webp HTTP/1.1\r\nHost: icons.galabet1052.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Feb 2026 14:54:08 GMT\r\ncontent-type: image/webp\r\ncontent-length: 135936\r\nserver: cloudflare\r\nlast-modified: Wed, 25 Feb 2026 14:34:36 GMT\r\npriority: u=4,i=?0\r\netag: \"699f087c-21300\"\r\nexpires: Thu, 05 Mar 2026 14:54:08 GMT\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nset-cookie: __cf_bm=ZjSL1Lbrjon6EaujGRnC3hf2xbeHvfjhQkg66DGFHs8-1772117648.4026144-1.0.1.1-VYX4HfWDHYfps2Qq1X2.a9PQUJgsrTpPeC142a2y330SDZaVxM_.fLKotS81j0m1uQVHRexypWigBT1qlA7mKUch21wfoGLVuwckRqrjvxy7lxxkY6CLgAj4U2_tR4gV; HttpOnly; Secure; Path=/; Domain=galabet1052.com; Expires=Thu, 26 Feb 2026 15:24:08 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=aCGvaKPh%2FA7P%2Fmyokra73amRUeuQ5Qvzud5%2B8E%2FMlfMIqIhIkoA%2Fluz0ZS7Gt3GIPElLEEO%2FEc5MKZ1cxq%2FsIH0W2Hcn2keM%2BN848tva2Wtz6YP8CA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d4046a678b135a6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":135936,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 2600x662, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"013c8fe76682a6ce5e0f830dca1c0c47","sha1":"ea0de3a5d490ede93f6a8aa00d4c4fab33213e45","sha256":"e036b6738a8ecb71138e6476c1767572f592311b3f91ba4a11587886f115804d","sha512":"821f85a06a21c3432c1580257bbb5d9a5abf8e9c8b99d1fc65bb558295b03b241a24731be196ef9cde2388982a9fc2920d54e81f0ed5e8cd11fa09cdca19ac5e","ssdeep":"3072:y0Vr3SHkvQIf+2SHrB54lEQFmNFaVbo8sTI3qSmx:yiSEvff+2SHrB58RFGaK8sTI6Si","tlshash":"b0d3129fb2a0b3e086286db6327d19d59cdf34ec9b9c6413381e2d6983cd19a0ff1525","first_seen":"2026-02-26T14:54:53.908552Z","last_seen":"2026-02-26T17:03:57.882569Z","times_seen":2,"resource_available":false,"data":null}},"time_used":213,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":101,"receive":112,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/favicon.ico?version=1771329529905","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.141Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /favicon.ico?version=1771329529905 HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: image/x-icon\r\npriority: u=6,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"1b67-K5P52fXMuAnkVOgS+d+nzpqwKwo\"\r\ncontent-encoding: br\r\ncf-cache-status: EXPIRED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZVkpBPfvVAw%2FoVrNT%2BlYWSH3b%2BylK%2FSee7wpeFv2syRklNyg1t3BHoogb%2BM%2FB4bVNA9rGqc879AR%2BQLg48nZ7BMD8E68mouRqKy3BOxl0Gx4\"}]}\r\ncf-ray: 9d404653a9c7e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":7015,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel","md5":"96a66de67adef28337580739eab71404","sha1":"2b93f9d9f5ccb809e454e812f9dfa7ce9ab02b0a","sha256":"1b029ff1969f7f867742ed30370ab8f76f58f3a00c102b51740cee61a5bae6ca","sha512":"efd763159644683e2aedb05be3a541cc4792938d3755e0b0a1e8850c6240e04c3ce03e465ac5160ebea03b7ba0e9a948bff584fb163ab1db1677453bcb13a7fc","ssdeep":"192:AA9risdBVS6QwidYsQ6ujzwAzxyKjuDqc:AA9pORYsKIAz0KjYqc","tlshash":"40e19fc31979540617e9f2df05c4386ab74ca88793a2a4f927b931343ff19cda613229","first_seen":"2025-12-24T22:39:15.963833Z","last_seen":"2026-06-07T00:34:32.054342Z","times_seen":114,"resource_available":false,"data":null}},"time_used":109,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":109,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/WagmiConf-DcRD12Of.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.225Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/WagmiConf-DcRD12Of.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m-galabet1123.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=4,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"18a72-vMQwheISi0s/E7Pjyype023mj6k\"\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=OsuFGFGnUvDiCV1w6iTd0nAlMFmotzwYdv7IS5CRXKiHeqlAY5JXfBc1RaxEWJpPBdXSfH19X6Vh7uk6zQPO0TryLAJZafCHvLOOVg5N3BAq\"}]}\r\ncf-ray: 9d40465429e4e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":100978,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (48214)","md5":"347fde358585510327d4cbde65cdf27c","sha1":"bcc43085e2128b4b3f13b3e3cb2a5ed36de68fa9","sha256":"4cb419c9f2956a83ad68b8f5ddc2add8a7e1aad05d56254bdf8e345ce1d9c066","sha512":"4106a31be84ecfe3f80e2350266a55d60aebf4ef67f4794bac22a7ff7465ecc92da7e01db1ef5014c1c2139d8eac287ab732b72e82b25457e7cafc9f2655f36a","ssdeep":"1536:/2Caz/SCdwD7ZajZlO7jMMDWOx6uxG7k8UhVxSuS7XUF3waGBfGYBgEytq2bPVAV:OCaSlx5xG7NU+WEy1bPuv1K/XGd","tlshash":"15a34ad07196b46103a74ae008bf440bf239ac34200e565cf269ecde79b96e99277f7d","first_seen":"2026-02-24T14:23:51.189846Z","last_seen":"2026-02-26T17:03:57.755082Z","times_seen":4,"resource_available":true,"data":null}},"time_used":172,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":100,"receive":72,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/InformativeWidget-BAwOKhPq.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:56.388Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/InformativeWidget-BAwOKhPq.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m-galabet1123.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:56 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=4,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"43f-vAppp6uZ211eglVg1BBFVnEyye8\"\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=B%2F2wBY%2Fx9kOpI8ia8mHt4KjHxmK%2F3wLVQv%2BW6%2BWKp6CDZ%2BGXRz%2FcyQcn0Fcswom2lp9CZhYpxcg%2BAKSCakQVdkrJWnCK4s9xq5tPEddMmKfe\"}]}\r\ncf-ray: 9d40465b3c4be0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":1087,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (1086)","md5":"bfe68e52383a846bcc852d13693ec99a","sha1":"bc0a69a7ab99db5d5e825560d41045567132c9ef","sha256":"ad6a0e54fb28450de78b863bf168d8664be8ae14ffd118032cc0dbb0aaf41642","sha512":"bbbe591918823d2e09b2fb24ebed7a12934e6d15f40e2f5ffedbf4eeeb766157ebf3346da3b0bc7421b552d4376106ca98b5184aa01a99e89893473d5889a48a","ssdeep":"","tlshash":"ca117947f550d5bdf0354dc44616d0946d212dd4df39d4e998f57008a83410bb6db7ad","first_seen":"2026-02-24T14:23:50.926006Z","last_seen":"2026-02-26T17:03:57.765598Z","times_seen":4,"resource_available":true,"data":null}},"time_used":110,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":110,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/Casino.Boszqs6o.css","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:56.394Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/Casino.Boszqs6o.css HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/tr/\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=0; twk_idm_key=1j_Pbe3wZINlDTDhzscRH; twk_uuid_69345a05c4e6ba197aefa96c=%7B%22uuid%22%3A%221.92R1qCgyJWowz2iTiEpRwBM0xZehlrdmh8bxgIdk3R7rbioXvAdL6Ij0M1frbRAs6Dh30m1oA1FRvNd3M7KvvDyVS879Xvfp17FFvDm7hE25401h5GP6zS56Sncq%22%2C%22version%22%3A3%2C%22domain%22%3A%22m-galabet1123.com%22%2C%22ts%22%3A1772117636060%7D\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:56 GMT\r\ncontent-type: text/css\r\npriority: u=2,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"8d73-3tXIZlqj3yu9yNNzfxwYPWc4aMo\"\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RPOKorL7ObHHx7g0pem4DydjG5j%2F7KDdom2yehT2ssA07U0O1SPQRtpXGp%2BpTvwV1x9KC%2F%2FSyKNPgib4Gh%2BlAqacOk9Ra8sR1E1vytZ6ho5N\"}]}\r\ncf-ray: 9d40465b3c57e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":36211,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (36204)","md5":"801cb95829bea62589284e508c2a4084","sha1":"ded5c8665aa3df2bbdc8d3737f1c183d673868ca","sha256":"89c5eef289090fa62a25abda84e0b2d4fad313cc0f395932da82d7d2c44262a7","sha512":"b6bbf1d46d8d7c19197439be95ac44171ffe6b7cc0ace62578c78880749e841ebf6ba5f5795699fc2857ab31a77929a9c51b8cf3348dcf12b77117f72662eb26","ssdeep":"384:Rpo8j6E4sa1Hk9eeGKtNyGG6PwPJwWzY8IwgrOl009HdeVz7qQXFDpNDF6:RZj6E7Ie3uIIgVz1XN96","tlshash":"d8f28573961923bd75b796523ac0de9ce81c48b9da232641ec967237c3c79992c307ec","first_seen":"2026-02-24T14:23:51.173757Z","last_seen":"2026-05-17T23:41:10.784594Z","times_seen":14,"resource_available":false,"data":null}},"time_used":77,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":47,"receive":30,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/AiPromotedGamesWidget-DayfNQl4.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:56.618Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/AiPromotedGamesWidget-DayfNQl4.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/assets/index-Dm17uEDJ.js\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=0; twk_idm_key=1j_Pbe3wZINlDTDhzscRH; twk_uuid_69345a05c4e6ba197aefa96c=%7B%22uuid%22%3A%221.92R1qCgyJWowz2iTiEpRwBM0xZehlrdmh8bxgIdk3R7rbioXvAdL6Ij0M1frbRAs6Dh30m1oA1FRvNd3M7KvvDyVS879Xvfp17FFvDm7hE25401h5GP6zS56Sncq%22%2C%22version%22%3A3%2C%22domain%22%3A%22m-galabet1123.com%22%2C%22ts%22%3A1772117636060%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:56 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=3,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"7b0-UpA+U4UCwg8bnUlj9ahgB+a3loA\"\r\nage: 0\r\ncontent-encoding: br\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PlkN5qP5fJUlqmRiKpI%2F25RYtBp%2BAjutgcghYx5eV%2BC50BKJhmSerDjwDZ546LAZj3PqtYY4c1EwMQNWyQEv3Eb6xZU3PoMDNptSG7DQlGxM\"}]}\r\ncf-ray: 9d40465ced18e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":1968,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (1967)","md5":"f60b4a6a3477a15b6c0c4006e622406d","sha1":"52903e538502c20f1b9d4963f5a86007e6b79680","sha256":"7c30e8e112ab68408fd5c004a111993bbda00f5a3821108446d5d76399194cf8","sha512":"353db56b85039292e147537b1f6459435e89d1dd703016ae61743e67f912dfb38f99ac4831eb046f76900da23ce941ea8af8d18c6ae53710ad86927f7af9fc85","ssdeep":"","tlshash":"f1415f2fb01dc97cf36c0aa48294b74a98127bb8d619e0e8b6ef4a11776409d637db41","first_seen":"2026-02-24T14:23:51.298658Z","last_seen":"2026-02-26T17:03:57.793021Z","times_seen":4,"resource_available":true,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"statistics.btcoservice27.com/images/e/s/1/2659.png","fqdn":"statistics.btcoservice27.com","domain":"btcoservice27.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:58.171Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"btcoservice27.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 09:41:42 GMT","end":"Sun, 26 Apr 2026 10:41:35 GMT"},"fingerprint":{"sha1":"81:21:C1:62:6C:B3:8C:D6:3B:78:1C:03:98:EB:E4:B5:0B:08:13:4C","sha256":"86:BF:9F:A3:FE:30:F5:BD:7B:AD:63:3C:D7:11:72:E8:91:A7:06:23:A8:B5:1E:96:CD:28:18:3E:4C:48:4C:86"}}},"request":{"raw":"GET /images/e/s/1/2659.png HTTP/1.1\r\nHost: statistics.btcoservice27.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:58 GMT\r\ncontent-type: image/png\r\ncontent-length: 1627\r\nserver: cloudflare\r\nlast-modified: Fri, 30 Jun 2023 13:14:11 GMT\r\netag: \"1986bc254abd91:0\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\nx-powered-by: ASP.NET\r\nexpires: Mon, 23 Mar 2026 18:20:16 GMT\r\ncache-control: max-age=2592000\r\npragma: public\r\nx-cache: MISS\r\naccept-ranges: bytes\r\nvia: 1.1 google\r\nage: 419621\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nset-cookie: __cf_bm=jq0vA8AnsWgAWJF2Pdk8gWIa.h1ValwD1a0d0Na3t4c-1772117638.1428864-1.0.1.1-s7BuOfjjGCxihEgOTf423sLzV4hIjzu9u27EamR9dGTk5MnP2O3TNvi8nOTmECePddo23khA1_xk8lbJgHPx.X.XPR0upYueI.APZc1s8ZGWXAZwPcdJ8KsDoiHh9Z2q; HttpOnly; Secure; Path=/; Domain=btcoservice27.com; Expires=Thu, 26 Feb 2026 15:23:58 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=b1rj5RwPjHHrVhReo%2B4SgL0aCUEh6kDDtX6fOu947BO2L6lT%2FLumIbAk%2FrQf1rnOrIJLNC8j2oa%2Ba8O0qStFyRhfhGM7vaiZmQsfPEn%2FCXNckwS5xHtKhWlRzZM%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d4046666e714c11-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":1627,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced","md5":"8da8407f3b3ff2d6862b7507f4756292","sha1":"1219a96d05b20705a695f6a6ed14cd183c8b2887","sha256":"0619228d38660ad844bc103f7365929c2407ccbec264b834bab935fec6b72806","sha512":"a27ed4eaf35e4ebf22cdc44081c79022934206fc70ea9e41149d3a139e2b964994ac4ecab07032e609a695ae46f06bd550b963a160ec2aeccb4c732e9bf4f867","ssdeep":"","tlshash":"3831e8d72ee4326aa4152556a4e3c0e2470297fe3e161a93ca38d6af95ee204009018c","first_seen":"2024-05-03T07:44:22Z","last_seen":"2026-05-23T17:36:46.370794Z","times_seen":107,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/emojione/assets/png/1f44b.png?v=2.2.7","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.16.174.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:58.850Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jsdelivr.net","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 25 Apr 2025 00:00:00 GMT","end":"Mon, 04 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"A6:DD:A1:61:65:41:D0:8F:18:9A:2F:B3:5C:A4:20:AA:B2:8C:AD:1F","sha256":"20:CE:80:8C:8A:B7:48:3B:0B:A0:F2:AC:61:42:83:EC:54:84:A8:FA:4C:2D:98:10:FF:8B:FA:A5:1D:F5:21:28"}}},"request":{"raw":"GET /emojione/assets/png/1f44b.png?v=2.2.7 HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:58 GMT\r\ncontent-type: image/png\r\ncontent-length: 1311\r\ncf-ray: 9d40466adea7f375-ARN\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\netag: W/\"51f-Lhpf/5pVjttXKKAzYbc9FjP7pB4\"\r\naccept-ranges: bytes\r\nx-served-by: cache-fra-eddf8230143-FRA\r\nx-cache: HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\nage: 1188463\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=HE1M%2FA5VDLWUR3IgOLTvODMn2XAJzYpxRxSscRn8pvZGT2WpYzv%2B7xReT3Hb7kIij7CW3QXmU%2BWgy7rzi8POOGSUR7t00flMDd80UbykUkDPZ14yj97y%2F4RA7afT7p9EeE4%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1311,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"c146761c3af8335c09eff9b1cdecbe08","sha1":"2e1a5fff9a558edb5728a03361b73d1633fba41e","sha256":"d84e890fa93c018d8b78e3bff3f6252036aa7ead6e48b292c0b92b1cb5127371","sha512":"b99a6fcfe0c4f4884fec84ec4e9951fc23b246302d4eac2996f4b6df3e063543b640a99e083494633f946fd85a3b217e18356e6b46d6584dcbccd88215638950","ssdeep":"","tlshash":"f221c59314628da28e23c525ac24c5e0b2fb40fcd78f8ae24903feb552b530c99d478b","first_seen":"2023-05-15T15:27:55Z","last_seen":"2026-06-08T12:06:52.061008Z","times_seen":19533,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/pageBuilder/pageBuilderHeaderInfo.json?v=02/17/2026-15:58","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.704Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /pageBuilder/pageBuilderHeaderInfo.json?v=02/17/2026-15:58 HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/tr/\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=1772117635494; twk_idm_key=1j_Pbe3wZINlDTDhzscRH\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: application/json\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PVMr44YOQlc7xQRszu1sANdMD9SWNfPlrG0%2Fgpyod1MLX7wE0GBZ75dGZpTYBJanZRJcA7tTFHCiFzLJLymMeapP9PuAAs6aiR0JfWQf%2BudI\"}]}\r\nx-powered-by: Express\r\nx-cache: HIT\r\netag: W/\"2-vyGp6PvFo4RvsFtPoIWeCReyIC8\"\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncf-ray: 9d4046571acae0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":2,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"99914b932bd37a50b983c5e7c90ae93b","sha1":"bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f","sha256":"44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a","sha512":"27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd","ssdeep":"","tlshash":"c7100000000000c00000000c00000000000000000c0000000000000000000000000000","first_seen":"2023-03-07T01:15:26Z","last_seen":"2026-06-08T12:34:22.780122Z","times_seen":705128,"resource_available":true,"data":null}},"time_used":48,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":48,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/__proxy-cms-media/storage/medias/galabet10/media_751_e36e767f918c2e0b1323c581778f3e42.png","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:56.381Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /__proxy-cms-media/storage/medias/galabet10/media_751_e36e767f918c2e0b1323c581778f3e42.png HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/tr/\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=0; twk_idm_key=1j_Pbe3wZINlDTDhzscRH; twk_uuid_69345a05c4e6ba197aefa96c=%7B%22uuid%22%3A%221.92R1qCgyJWowz2iTiEpRwBM0xZehlrdmh8bxgIdk3R7rbioXvAdL6Ij0M1frbRAs6Dh30m1oA1FRvNd3M7KvvDyVS879Xvfp17FFvDm7hE25401h5GP6zS56Sncq%22%2C%22version%22%3A3%2C%22domain%22%3A%22m-galabet1123.com%22%2C%22ts%22%3A1772117636060%7D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:56 GMT\r\ncontent-type: image/png\r\ncontent-length: 3162\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: Content-Type\r\ncache-control: public, max-age=315360000\r\nvary: Accept-Encoding\r\nlast-modified: Mon, 09 Oct 2023 06:12:46 GMT\r\netag: \"652399de-c5a\"\r\nexpires: Sun, 24 Feb 2036 14:53:56 GMT\r\naccept-ranges: bytes\r\nage: 596636\r\ncf-cache-status: BYPASS\r\nset-cookie: __cf_bm=4Kr3xhDvEBVefixW8N3pQSFS7nK2Fs4QNds3F.fWwo4-1772117636-1.0.1.1-w_GYXF05bhS.ErkiYGSssP2hx7Og5Ck3RVdA1al_vwv6mkfj19zm0glAozJKFWNPF0i9qOGgYVK_q1JYheX3D.H0qRJ5qhoMgqWPsAmgfg8; path=/; expires=Thu, 26-Feb-26 15:23:56 GMT; domain=.betcoapps.com; HttpOnly; Secure; SameSite=None\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=APdXajlVZKouX0NGb1HkM04lBbhbNls2Xoxr3f%2Ffgcl6FT4QU6GeRZryGg3L6dGFdAhGITwg1GPAegf8YXOMq%2FenKQEpBUsBvreN5wSX6x%2Fm\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9d40465b1c40e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":3162,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced","md5":"6b367a99bc86c352b5f45eb76ef837d4","sha1":"18d9b34beb5b22f7b086c4f803e6f21a95c3d22e","sha256":"e54c8f4ed20a3052a3d336f6084e083fb5c040aa67d85c170f0380ed0a74b75c","sha512":"c616fdbcf246d21c51373417c69af47c207bc8e6f36d4f3b3c53b83cbfe41bde4562cb147087264c68d1133c7378f477be104e8ab5c3927f7ca732981416c8ab","ssdeep":"","tlshash":"e8510af5f108241fc7a4c9721d59e0d3bd6af44e942d998f70a0d71e343b0a9d1c6966","first_seen":"2025-12-24T22:39:16.355284Z","last_seen":"2026-06-06T23:43:56.119039Z","times_seen":54,"resource_available":false,"data":null}},"time_used":126,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":126,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69967ba6a3b/js/twk-chunk-4fe9d5dd.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:56.418Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 06 Jan 2026 07:50:57 GMT","end":"Mon, 06 Apr 2026 08:50:49 GMT"},"fingerprint":{"sha1":"76:A2:1D:87:6A:02:2B:AE:59:CF:63:88:47:0B:0E:A0:A4:71:2D:D7","sha256":"9E:00:F3:80:45:CF:47:97:9A:BA:39:F6:38:6F:52:DD:E7:5F:D6:9B:7E:89:F7:9D:B0:BD:98:6F:1F:45:64:2A"}}},"request":{"raw":"GET /_s/v4/app/69967ba6a3b/js/twk-chunk-4fe9d5dd.js HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:56 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 19 Feb 2026 02:56:35 GMT\r\netag: W/\"8249fafc9a9fbe0f75d4bef0aae2305a\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\nage: 16689\r\nvary: accept-encoding\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nx-content-type-options: nosniff\r\ncf-ray: 9d40465b5c77e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1000,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (1000), with no line terminators","md5":"8249fafc9a9fbe0f75d4bef0aae2305a","sha1":"fab6dda0967dfbaf8ba0cfe5cfade8e150d1735d","sha256":"69b650b4d6479fd29987836a9b74147aade85cc9c50024bcacd5dfb2cb793e8d","sha512":"d0bc9a750061e5b4b761db081656b0e1e655126a413aaa22e87ce14cdfaeac34d532acd08eb0d61274707212871f6d84369b8b2a1a6d3e6c3bfd3d4167afa865","ssdeep":"","tlshash":"f9110248f056b8fcdc8af64288df143034627d4a898cf9e6f5f0aad405555ab312bb5f","first_seen":"2025-04-29T08:39:38.372752Z","last_seen":"2026-06-08T12:51:50.340542Z","times_seen":43731,"resource_available":true,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/bookingBet-BkIiazay.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:56.477Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/bookingBet-BkIiazay.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/assets/DataspotTracking-BGnsxVvd.js\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=0; twk_idm_key=1j_Pbe3wZINlDTDhzscRH; twk_uuid_69345a05c4e6ba197aefa96c=%7B%22uuid%22%3A%221.92R1qCgyJWowz2iTiEpRwBM0xZehlrdmh8bxgIdk3R7rbioXvAdL6Ij0M1frbRAs6Dh30m1oA1FRvNd3M7KvvDyVS879Xvfp17FFvDm7hE25401h5GP6zS56Sncq%22%2C%22version%22%3A3%2C%22domain%22%3A%22m-galabet1123.com%22%2C%22ts%22%3A1772117636060%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:56 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=3,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"ed4-JuAEV1waNGxRCuW+OiVFSJx+X5A\"\r\nage: 0\r\ncontent-encoding: br\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=axk0IQJraZheXB76nT2q4cua0zkqosShWYOrxf7yTlj15jBFzH6ON%2FY3q0HReIRjIhGErQX3wfLYZfIQLz%2BL%2FqCZPzBEEOhE2LBisGi%2BBz9q\"}]}\r\ncf-ray: 9d40465bccb4e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":3796,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (3795)","md5":"ff9453e086df71df36b0074794be5555","sha1":"26e004575c1a346c510ae5be3a2545489c7e5f90","sha256":"5d233e99dd55cbd6c4a6acd81c566dee1cb146166fc41726489d64c6b6a5ed0a","sha512":"309c579276d7680b59861354b688536af34279823f9396e3c5f122059ac7c50ea0b93cf70bf48989a7bf66a9915f7ddf366e722d109c72137e49752c1e6f92a9","ssdeep":"","tlshash":"2a71e664fd2090be67f2317df4de7b426b2c4ba871a19a40fb6b9d0841848cbb534638","first_seen":"2026-02-24T14:23:51.288648Z","last_seen":"2026-02-26T17:03:57.896099Z","times_seen":4,"resource_available":true,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"wss","addr":"vsa85.tawk.to/s/?k=69a05e833ad48120251cc2fb\u0026cver=0\u0026pop=false\u0026asver=0\u0026tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI2OTM0NWEwNWM0ZTZiYTE5N2FlZmE5NmMiLCJ2aWQiOiI2OTM0NWEwNWM0ZTZiYTE5N2FlZmE5NmMtanhMalB4aldNTU1uRGcwY3VxVU53Iiwic2lkIjoiNjlhMDVlODMzYWQ0ODEyMDI1MWNjMmZiIiwiaWF0IjoxNzcyMTE3NjM1LCJleHAiOjE3NzIxMTk0MzUsImp0aSI6IjNucF9IWENHYmVaM09yclVOYmRvcSJ9.0uxv7aTgkSxSKuaHdKsMsB9bKSpDUQ1uZPWT4EMjnljrFP7R5ZB5yNwUDrPN1LQUsjYrzqnyhRR9MUqcRWmCgQ\u0026EIO=3\u0026transport=websocket\u0026__t=PoQSJFg","fqdn":"vsa85.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"172.66.161.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:56.526Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 06 Jan 2026 07:50:57 GMT","end":"Mon, 06 Apr 2026 08:50:49 GMT"},"fingerprint":{"sha1":"76:A2:1D:87:6A:02:2B:AE:59:CF:63:88:47:0B:0E:A0:A4:71:2D:D7","sha256":"9E:00:F3:80:45:CF:47:97:9A:BA:39:F6:38:6F:52:DD:E7:5F:D6:9B:7E:89:F7:9D:B0:BD:98:6F:1F:45:64:2A"}}},"request":{"raw":"GET /s/?k=69a05e833ad48120251cc2fb\u0026cver=0\u0026pop=false\u0026asver=0\u0026tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI2OTM0NWEwNWM0ZTZiYTE5N2FlZmE5NmMiLCJ2aWQiOiI2OTM0NWEwNWM0ZTZiYTE5N2FlZmE5NmMtanhMalB4aldNTU1uRGcwY3VxVU53Iiwic2lkIjoiNjlhMDVlODMzYWQ0ODEyMDI1MWNjMmZiIiwiaWF0IjoxNzcyMTE3NjM1LCJleHAiOjE3NzIxMTk0MzUsImp0aSI6IjNucF9IWENHYmVaM09yclVOYmRvcSJ9.0uxv7aTgkSxSKuaHdKsMsB9bKSpDUQ1uZPWT4EMjnljrFP7R5ZB5yNwUDrPN1LQUsjYrzqnyhRR9MUqcRWmCgQ\u0026EIO=3\u0026transport=websocket\u0026__t=PoQSJFg HTTP/1.1\r\nHost: vsa85.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://m-galabet1123.com\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: 8iSRfoap3kqt3SbWfKPHvw==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 101 Switching Protocols\r\nDate: Thu, 26 Feb 2026 14:53:56 GMT\r\nConnection: upgrade\r\nupgrade: websocket\r\nsec-websocket-accept: ECNUs+b0BVgY8WNzPIbevhX1aZw=\r\nsec-websocket-extensions: permessage-deflate\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\ncf-cache-status: DYNAMIC\r\nX-Content-Type-Options: nosniff\r\nServer: cloudflare\r\nCF-RAY: 9d40465c8ba6f351-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"101","status_text":"Switching Protocols","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T13:34:10.574604Z","times_seen":16240797,"resource_available":true,"data":null}},"time_used":531,"timings":{"blocked":-1,"dns":48,"connect":52,"send":0,"wait":402,"receive":1,"ssl":73},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statistics.btcoservice27.com/images/e/s/0/928.png","fqdn":"statistics.btcoservice27.com","domain":"btcoservice27.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:58.206Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"btcoservice27.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 09:41:42 GMT","end":"Sun, 26 Apr 2026 10:41:35 GMT"},"fingerprint":{"sha1":"81:21:C1:62:6C:B3:8C:D6:3B:78:1C:03:98:EB:E4:B5:0B:08:13:4C","sha256":"86:BF:9F:A3:FE:30:F5:BD:7B:AD:63:3C:D7:11:72:E8:91:A7:06:23:A8:B5:1E:96:CD:28:18:3E:4C:48:4C:86"}}},"request":{"raw":"GET /images/e/s/0/928.png HTTP/1.1\r\nHost: statistics.btcoservice27.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:58 GMT\r\ncontent-type: image/png\r\ncontent-length: 1286\r\nserver: cloudflare\r\nlast-modified: Fri, 07 Jul 2023 09:24:49 GMT\r\netag: \"9c1ccde0b4b0d91:0\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\nx-powered-by: ASP.NET\r\nexpires: Fri, 27 Mar 2026 20:17:18 GMT\r\ncache-control: max-age=2592000\r\npragma: public\r\nx-cache: MISS\r\naccept-ranges: bytes\r\nage: 66999\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nset-cookie: __cf_bm=dsVFp0b5XTX5c.Ni4lagtNaxcBs6FPOAL4EKmAXpyxA-1772117638.1592638-1.0.1.1-DppMsS433qHu6svyHT0ZQXGEZIcDcVQWpgVc3oUsjNsVM4c8BVe7zB_6Epi20c9C__lKQT5o3oWhUuToacc261B.gqIphtHdjKsTmeX2A8NQzhqq6wJCevX.aETfH4Wa; HttpOnly; Secure; Path=/; Domain=btcoservice27.com; Expires=Thu, 26 Feb 2026 15:23:58 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=cKru0geFJsZ1puQOlRnaLui0Mrz2Q0mHRY%2BZRD5b5C03%2Fdtzwu6MmwdiIVv%2FfYFsnLSKmuNisNtK1Y0Oe4Mj2OEkifIJQOYKteEIkfZLD8%2Fd4mznb7pmgHibQYs%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d4046667f1e4c11-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1286,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced","md5":"99808269dbfe8428bd6327cd7defc877","sha1":"19f1af6af1beef1cd7e4d8456e8c9a10aea5b700","sha256":"3bc928865e2706510c784dc2157f52ec77c9fd97866859033be2f7598fba4c7b","sha512":"b99603b3c0b0ac80a74ae617619e68aef6b29d9078a449301112916d4d6f110b65dd5104dedd268434a5677196b015d8e060f75bf8a1892ba37920fa6a1f19b2","ssdeep":"","tlshash":"6521c8a69c0a1c369a852e71acb100aeee5e76a804656495d75de43869008c3c8927c6","first_seen":"2023-09-23T15:54:58Z","last_seen":"2026-05-22T06:52:51.987043Z","times_seen":266,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tawk.link/69345a05c4e6ba197aefa96c/widget/1jbq7v9mq/images/lWbtfzcjQK.png","fqdn":"tawk.link","domain":"tawk.link","tld":"link"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:58.484Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.link","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Feb 2026 13:31:38 GMT","end":"Wed, 20 May 2026 14:30:08 GMT"},"fingerprint":{"sha1":"2A:04:AA:C5:9D:75:C3:88:6E:59:52:B7:40:A3:1C:84:A9:19:D9:AA","sha256":"08:51:11:B7:52:7A:AB:FF:60:9C:42:A9:EA:D0:F8:45:06:A6:40:92:52:70:3A:14:2A:4A:A3:83:D3:4F:0F:42"}}},"request":{"raw":"GET /69345a05c4e6ba197aefa96c/widget/1jbq7v9mq/images/lWbtfzcjQK.png HTTP/1.1\r\nHost: tawk.link\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 26 Feb 2026 14:53:58 GMT\r\ncontent-type: image/png\r\nx-powered-by: Express\r\nstrict-transport-security: max-age=600\r\nage: 120458\r\ncache-control: max-age=86400\r\ncf-cache-status: HIT\r\nlast-modified: Wed, 25 Feb 2026 05:26:19 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fbvjxNqP3ODa%2BbnZb7Cj26EV6zXzRoIdFbVWv1Zo4C9tV2S8UDOZJIcEbmuL32fuG7RWoGeeVug9vve%2BdIH2LwZalpJeagf3Zw%3D%3D\"}]}\r\nserver: cloudflare\r\ncf-ray: 9d404668de2235cc-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6298,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 360 x 120, 8-bit/color RGBA, non-interlaced","md5":"740f71b656e07233cd24db82f62080ce","sha1":"f87b5ab22cc87ec5b5efb0689bbc03af56e21ca8","sha256":"c854fc2b538c99190a6a3099c09058d7cc97778984d2d5b462d0b8bad97c103f","sha512":"28a0190a0bb8e7ae3c65e76862548a9883a76a041595808b84ac6c37206dc0d5d340046a243c17b41352fee5d1aa27bc1d3c6f98ba5dad565981719c8adbfc8b","ssdeep":"192:yyXvgn+XKkiA1mF5HWneYkXMKgbekoqDT4f0CbhxkmUl:yyon+XKkqlWeYs2e/2alxO","tlshash":"dbd15c98482bd5a2ca2f6339de062fcd1734c4711209b1d4a35919e9b46b39ebf196e0","first_seen":"2026-02-24T14:23:51.331762Z","last_seen":"2026-03-08T10:47:57.970766Z","times_seen":8,"resource_available":false,"data":null}},"time_used":116,"timings":{"blocked":45,"dns":14,"connect":8,"send":0,"wait":22,"receive":0,"ssl":24},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/DisabledMarketEvent-h1nKsvD1.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:56.855Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/DisabledMarketEvent-h1nKsvD1.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/assets/FeaturedGames-CmnWY5V8.js\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=0; twk_idm_key=1j_Pbe3wZINlDTDhzscRH; twk_uuid_69345a05c4e6ba197aefa96c=%7B%22uuid%22%3A%221.92R1qCgyJWowz2iTiEpRwBM0xZehlrdmh8bxgIdk3R7rbioXvAdL6Ij0M1frbRAs6Dh30m1oA1FRvNd3M7KvvDyVS879Xvfp17FFvDm7hE25401h5GP6zS56Sncq%22%2C%22version%22%3A3%2C%22domain%22%3A%22m-galabet1123.com%22%2C%22ts%22%3A1772117636060%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:56 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=3,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"980-yamny25TsjAicdaEPHvlc8BbJJw\"\r\nage: 0\r\ncontent-encoding: br\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2Fdr4NQ0hxMKtu0HL0FVKaMrxBoa2qR%2BFEYZEHA6pAdWrL%2Ba84tjk%2B4tnQppSuLNak%2FOx7EqPsTjOwfTSVR9k%2BjEYxUeeO%2Fu%2FeiaqrTo6QF2n\"}]}\r\ncf-ray: 9d40465e4d6de0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":2432,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (2431)","md5":"cafa2204750e6c428d8d41b6352c085d","sha1":"c9a9a7cb6e53b2302271d6843c7be573c05b249c","sha256":"24de6c529bd7bdafa022cf861a72397ca443c76bfa60e98475c9bbaa32d2ecf3","sha512":"1cf092dccfc5de91708958ba521a58df056c8d34bb1b490e1e12418e6775872817a2e9be50f976b8a0de0f97b09043a52096b7df9b425a86c5d4d384a37efc14","ssdeep":"","tlshash":"df415469e3a0fb7d653608dcd33f1a2a740906b1eb650992d07e0c3d1a1814e751ef9d","first_seen":"2026-02-24T14:23:51.276124Z","last_seen":"2026-02-26T17:03:57.830269Z","times_seen":4,"resource_available":true,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"statistics.btcoservice27.com/images/e/s/0/880.png","fqdn":"statistics.btcoservice27.com","domain":"btcoservice27.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:58.094Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"btcoservice27.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 09:41:42 GMT","end":"Sun, 26 Apr 2026 10:41:35 GMT"},"fingerprint":{"sha1":"81:21:C1:62:6C:B3:8C:D6:3B:78:1C:03:98:EB:E4:B5:0B:08:13:4C","sha256":"86:BF:9F:A3:FE:30:F5:BD:7B:AD:63:3C:D7:11:72:E8:91:A7:06:23:A8:B5:1E:96:CD:28:18:3E:4C:48:4C:86"}}},"request":{"raw":"GET /images/e/s/0/880.png HTTP/1.1\r\nHost: statistics.btcoservice27.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T13:34:10.574604Z","times_seen":16240797,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.recaptcha.net/recaptcha/api2/anchor?ar=1\u0026k=6LcKXcgUAAAAABnErUWDwYMpRiWUfgDhsWTkyPIJ\u0026co=aHR0cHM6Ly9tLWdhbGFiZXQxMTIzLmNvbTo0NDM.\u0026hl=en\u0026v=AWtrSI7lAmTAfV1rzWqEqz54\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=30000\u0026cb=6cuqg1jf8bo2","date":"2026-02-26T14:54:00.534Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:38:07 GMT","end":"Mon, 27 Apr 2026 08:38:06 GMT"},"fingerprint":{"sha1":"FD:7B:7B:3F:B0:E9:E6:F2:B2:20:AF:6D:E3:76:AC:43:C9:2B:95:1F","sha256":"05:F7:EC:37:83:98:A5:87:8A:AE:AD:80:95:CC:A6:0A:C4:F9:42:EF:07:B0:C2:6B:6F:1B:27:7A:78:A8:CE:64"}}},"request":{"raw":"GET /s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://www.recaptcha.net\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.recaptcha.net/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 40128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 20 Feb 2026 08:14:23 GMT\r\nexpires: Sat, 20 Feb 2027 08:14:23 GMT\r\ncache-control: public, max-age=31536000\r\nage: 542377\r\nlast-modified: Thu, 29 May 2025 23:30:55 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 40128, version 1.0","md5":"9a01b69183a9604ab3a439e388b30501","sha1":"8ed1d59003d0dbe6360481017b44665153665fbe","sha256":"20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2","sha512":"0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca","ssdeep":"768:Vce3jkow68wmT4IBX0tXdlSirS61gSjcz0GPwHbP+w2jec56O:VcI/iEEEtXdFJj+0GPwHbP+w5rO","tlshash":"3703023a5e3ccf1a84157a703950f6d9a8481e548e9d143b4f1ac7bf085dde2209b6d4","first_seen":"2025-01-08T22:59:02.845106Z","last_seen":"2026-06-08T12:34:47.714374Z","times_seen":873346,"resource_available":false,"data":null}},"time_used":276,"timings":{"blocked":126,"dns":0,"connect":30,"send":0,"wait":17,"receive":8,"ssl":93},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"va.tawk.to/v1/widget-settings?propertyId=69345a05c4e6ba197aefa96c\u0026widgetId=1jbq7v9mq\u0026sv=null","fqdn":"va.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.219Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 06 Jan 2026 07:50:57 GMT","end":"Mon, 06 Apr 2026 08:50:49 GMT"},"fingerprint":{"sha1":"76:A2:1D:87:6A:02:2B:AE:59:CF:63:88:47:0B:0E:A0:A4:71:2D:D7","sha256":"9E:00:F3:80:45:CF:47:97:9A:BA:39:F6:38:6F:52:DD:E7:5F:D6:9B:7E:89:F7:9D:B0:BD:98:6F:1F:45:64:2A"}}},"request":{"raw":"GET /v1/widget-settings?propertyId=69345a05c4e6ba197aefa96c\u0026widgetId=1jbq7v9mq\u0026sv=null HTTP/1.1\r\nHost: va.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m-galabet1123.com/\r\nOrigin: https://m-galabet1123.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nx-served-by: visitor-application-preemptive-dl29\r\naccess-control-allow-origin: *\r\naccess-control-max-age: 3600\r\naccess-control-allow-methods: GET,OPTIONS\r\naccess-control-allow-headers: content-type,x-tawk-token\r\ncache-control: public, max-age=7200, s-maxage=1800\r\netag: W/\"2-27-0\"\r\ncontent-type: application/json\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\npriority: u=4,i=?0\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\ncf-ray: 9d40465428954435-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3212,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"8b6b2f3b839e211c1b90435e42e30ae3","sha1":"2d188517a2e60acf62ee08308642c01dd653f234","sha256":"958e1bef445b263b623d57f092598254bded4cff0a6ebbcb2b220442fe60fd99","sha512":"bcd87eee9eb3a0087721b9c3ebb9da721ce8f2fbf0dc3c9824d4e8ab3cab1b3f4beb4682fd5cfb703f3355558c1e30c34b38757341959dbced1f19626ee1691f","ssdeep":"","tlshash":"c36112354d16dd79a3c9428371de3a23e82dd123d3845a2de1989d3c83eb68d225274f","first_seen":"2026-02-24T14:23:51.146028Z","last_seen":"2026-02-26T17:03:57.836757Z","times_seen":4,"resource_available":false,"data":null}},"time_used":387,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":387,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/index-B7VgD98L.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.228Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/index-B7VgD98L.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m-galabet1123.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=4,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"466b-/Ts+QOKMoXhMODCvlRfElkFQ2ec\"\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wV5teKgMDXGEm%2Fs%2B5wP%2BdEW6mAyLMOyerzs92dPsW%2BxKyT9VFLh746YoAGLVU0%2FYlogXD5boMlpjOI%2BVEkE3Yb2XzMmZ5IVnXr2%2F0KgMU0AW\"}]}\r\ncf-ray: 9d40465429e7e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":18027,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (17806)","md5":"f3e977cdfcddfa67de40c9532207a4e9","sha1":"fd3b3e40e28ca1784c3830af9517c4964150d9e7","sha256":"ed155181d21e63fe4f536feee6db5319acce059ebcb51d535fda3eac10ee81a2","sha512":"eaf67df8e9b0cc8ea960822bf3065c8e42c3a75184e741550897ea4b7fb58390ee0b877e9e1e73aae3723aea8e9fa825e3a27a88531e74a5c15d18d931310bc5","ssdeep":"384:3Mci40qXFFnJImIjE3QEuAOY2E0/JqNPR3OUFxmZ1d33PdEkBcxJs:3Mci408FFnJrIjE3D/OY2E0xqpc1NKkR","tlshash":"82820ad0e2b4f7a642e86add80392074f2218c28347dd0f1b6b6edd974664cac56dd37","first_seen":"2026-02-24T14:23:51.416772Z","last_seen":"2026-02-26T17:03:57.901098Z","times_seen":4,"resource_available":true,"data":null}},"time_used":126,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":103,"receive":23,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/index-yvd_ZnLz.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.521Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/index-yvd_ZnLz.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m-galabet1123.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=4,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"26774-4VQ3rXaF5h+HKJ0UpMi2xQnnN+Y\"\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hIM0xDiE9LSxUKdHvgmz8urZK0oK7wg6x7v%2BSTUY%2Fsn87PC2CCQzpOKjf2588XGKX%2FjSBcLtU6wr8v%2BaMY%2BURiYu%2BwOeo6F%2B%2BXgMAT2RGKly\"}]}\r\ncf-ray: 9d404655fa80e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":157556,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"1fba2e1c245c140f4c56b555946eb95d","sha1":"e15437ad7685e61f87289d14a4c8b6c509e737e6","sha256":"e2fc3b5224d0d5e9cf9b6055ec32b340db14dac24312e4652c31eea4484784f8","sha512":"1c97606c460c23d83456ecc27d5ea0e862e10ca933a194daefa3f4c75c665b128639821faccceed7bcec42921a1ec987579acd0f0894019b9ec4dcba59eba281","ssdeep":"3072:m1waIFmmU4Hxsu9jbgkqJFHSWotoOwhWBx9/F1FV:MwhFHU4HNwFH7MoOWexZFHV","tlshash":"bff34ce063b4e17db603836e97e605e0e21cb444f729c0f4b6ed87f540c3599deaa629","first_seen":"2026-02-24T14:23:51.093868Z","last_seen":"2026-02-26T17:03:57.73553Z","times_seen":4,"resource_available":true,"data":null}},"time_used":195,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":110,"receive":85,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/FacebookTracking-3dL4n6uM.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:55.872Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/FacebookTracking-3dL4n6uM.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/assets/index-Dm17uEDJ.js\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=1772117635494; twk_idm_key=1j_Pbe3wZINlDTDhzscRH\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:55 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=3,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"2a8-IASiAHvSjivV5cscT/+MWf6wyak\"\r\nage: 0\r\ncontent-encoding: br\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5WN1NItKt%2FlwpPuvs8yvRSXrZGfzI9Yf8FxeW1Zd5Sio4Y225n7I8pHU81RFxbbBrhu8pn1sfFW5AsghRtDsWaYZTybrwZMx7F8%2FKzuRcIPd\"}]}\r\ncf-ray: 9d404657db23e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":680,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (679)","md5":"140e6f6f98e0fa8d3b0be5a3a4600dbc","sha1":"2004a2007bd28e2bd5e5cb1c4fff8c59feb0c9a9","sha256":"86621dcf5dc5a1b34c4539fb729e72c42ae3fe9bdf8eacfea3b3313b43b7e3cb","sha512":"75615ef7f6a0e1a3bf5d09e5d022ab408abda5aa2632928b514b1bea7824cb439a0025caf9ff607f42016b5a64e255803a8b012cb78879e66cfcd15099850c41","ssdeep":"","tlshash":"5a01fe0f2c45b479167c18b8d3bbd8142aba990a258b45a5c6c7c9b92a24546848db8d","first_seen":"2026-02-24T14:23:51.217193Z","last_seen":"2026-02-26T17:03:57.815026Z","times_seen":4,"resource_available":true,"data":null}},"time_used":106,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":106,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/FeaturedGames-CmnWY5V8.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:56.405Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/FeaturedGames-CmnWY5V8.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m-galabet1123.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:56 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=4,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"1ee2-MZScdHqs3XQ2DULFve9Ti5sbHvc\"\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kfojBGDH9FrgeCLeOrVnyJjFz3tZzbsPqMah08ihAt3j6dVNbUpqDsmHrR6Kq1julKpOriKyfBYJrHZOk5JholjZ55O720TzvYfiBND7kyrt\"}]}\r\ncf-ray: 9d40465b4c61e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":7906,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (7905)","md5":"e24344281a7fbd4a9713273199c71772","sha1":"31949c747aacdd74360d42c5bdef538b9b1b1ef7","sha256":"cd4bbd4ac6d8c15d2e0161bbf733762f872971bef3f330f61722203fb0709294","sha512":"55516c7b75aac53acd092be82e3812ca3ed64b29355dce7d9867795b332110debbee7d5f7a536b5d6e1df37f4ac737357bf55bc82e733d0934768b6de87b77ec","ssdeep":"192:DjWt/Fh/fNHPEwDG3Qo62p7c0mhcMO/b2wL4Ula2yjRC:vKtHP4Qozp7cjhAI2CY","tlshash":"36f1ea0ae010fa7de63b49e7753f6104f47a06d4e7150890d0be6e2919e5246733ef8b","first_seen":"2026-02-24T14:23:50.903051Z","last_seen":"2026-02-26T17:03:57.839197Z","times_seen":4,"resource_available":true,"data":null}},"time_used":116,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":116,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/SmartMarketEvent-CIsZCpQX.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:56.412Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/SmartMarketEvent-CIsZCpQX.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m-galabet1123.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:56 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=4,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"323-72zIQ/YxcmEEcwD4YQB/NBtjDF8\"\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nvGhKq9DxdhHgcZ2CN%2B2WkBQ%2Feu54ReadWd6LVFYKdzSVQdxpiDa1%2F3N%2BTGt7zUgS6XmDtL7sUKa5XlVjNyyYk5boOZUdh819vDssUA8y5zJ\"}]}\r\ncf-ray: 9d40465b4c6ee0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":803,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (802)","md5":"f3521a316d53fa50c2e0381363feea63","sha1":"ef6cc843f6317261047300f861007f341b630c5f","sha256":"9a19b1d16ffc3ae168cc81796555a5a30f33875120447d64b6e5bf0d1f1cc0ea","sha512":"cddae7eec47f003557983c216afce6b7c676027eaff33b7433724e29a41398528363ed9be78486b068174c44719c49ed394238ddd2e816b53e04addce34c096b","ssdeep":"","tlshash":"3401d0a6e85172720072ccbcd2109b43961812d3cb710255dddf8aba7bfc86e939df19","first_seen":"2026-02-24T14:23:51.208759Z","last_seen":"2026-02-26T17:03:57.767639Z","times_seen":4,"resource_available":true,"data":null}},"time_used":115,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":115,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m-galabet1123.com/assets/HorizontalSportsList-BjU3O27Q.js","fqdn":"m-galabet1123.com","domain":"m-galabet1123.com","tld":"com"},"ip":{"addr":"104.21.43.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m-galabet1123.com/","date":"2026-02-26T14:53:56.857Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m-galabet1123.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 14:57:56 GMT","end":"Mon, 25 May 2026 14:57:55 GMT"},"fingerprint":{"sha1":"0D:50:7B:EE:24:EA:55:02:72:9E:19:FF:B7:BF:6F:45:0E:B8:2E:80","sha256":"50:BB:65:0A:90:53:8D:1A:05:FF:67:4B:42:77:C6:A1:F5:01:19:34:58:94:16:A5:6A:3A:56:E9:71:26:27:8C"}}},"request":{"raw":"GET /assets/HorizontalSportsList-BjU3O27Q.js HTTP/1.1\r\nHost: m-galabet1123.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m-galabet1123.com/assets/FeaturedGames-CmnWY5V8.js\r\nCookie: _immortal|user-hash=yfSWZ1KqSKzvJj1wSnH4Yj0bHdp0_KRrw6Ho; TawkConnectionTime=0; twk_idm_key=1j_Pbe3wZINlDTDhzscRH; twk_uuid_69345a05c4e6ba197aefa96c=%7B%22uuid%22%3A%221.92R1qCgyJWowz2iTiEpRwBM0xZehlrdmh8bxgIdk3R7rbioXvAdL6Ij0M1frbRAs6Dh30m1oA1FRvNd3M7KvvDyVS879Xvfp17FFvDm7hE25401h5GP6zS56Sncq%22%2C%22version%22%3A3%2C%22domain%22%3A%22m-galabet1123.com%22%2C%22ts%22%3A1772117636060%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 26 Feb 2026 14:53:56 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\npriority: u=3,i=?0\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=14400\r\netag: W/\"1a6-YTA3AQ2rCHd3qJdFAsedkqFdPEk\"\r\nage: 0\r\ncontent-encoding: br\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mf8vMYQT7baVccQwbv1SOHvDrU0Pj3oTyLtPqOusDr%2FARMWrDEd3WegDppXf7CUIevgzFmuJpwfzEsk00HEIedi17hYCeB98Jg080w2mc4EP\"}]}\r\ncf-ray: 9d40465e4d70e0de-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":422,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (421)","md5":"c73fa28cecd62ba3c31d6201e137d6a0","sha1":"613037010dab087777a8974502c79d92a15d3c49","sha256":"83b5ad3b3f3e009497b2dbde83af71ee19ab265c0027f0fb23504d2a209d2526","sha512":"5d6444f570ad2e892840f2e46a64d2d908a6989a8f5560eb63cb2058bef99bc9789030b9222e2f664de865261633e807a77b8df2f43637ec68bc118d8a3cbbbd","ssdeep":"","tlshash":"44e02bc6dc618af45a2b88efb95c24846112047cef47a671d29492281b7408bf62d04d","first_seen":"2026-02-24T14:23:51.203754Z","last_seen":"2026-02-26T17:03:57.739299Z","times_seen":4,"resource_available":true,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"m-galabet1123.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}}]}