{"report_id":"43ae49fb-3a18-4e5f-ae16-e98ed5b8d2c5","version":6,"status":"done","tags":[],"date":"2026-03-30T00:18:45Z","url":{"schema":"http","addr":"gallabet1066.com","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":0,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"final":{"url":{"schema":"https","addr":"gallabet1066.com/tr/","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"title":"Galabet Güvenilir Casino\u0026Bahis Sitesi","dom":{"size":39,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with no line terminators","md5":"086707e4369f60afedcafb16050a7618","sha1":"8216b0cc6876cbd44f01c158e7dff3833ceccd41","sha256":"a7fe83ec64bb23eb28090598db3d166ed98e52e39d1afbbfd74c579553f93e4e","sha512":"aade21843813e2cab329b99185c6f61db7907a556ea974e0315dcf3ad967cab20fee66d4f10db0d0ec43a71e086ce6d700d5524103deaefa3ce5f6be74ba5737","ssdeep":"","tlshash":"6a9000fee0a2000efc303bc00cc2238a0c28c3a830028e002ac038b8c80822bcc032c8","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"gallabet1066.com","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":0,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-04T00:18:45Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":9}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"dataspot-bucket.gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"dataspot-bucket.gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"dataspot-bucket.gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"dataspot-int-bucket.gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"dataspot-int-bucket.gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"dataspot-int-bucket.gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null},"summary":[{"fqdn":"cdn.livechatinc.com","ip":{"addr":"23.36.77.179","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2005-10-31","domain_rank":36142,"first_seen":"2012-06-22T08:37:34Z","last_seen":"2026-03-23T10:39:58.103915Z","alert_count":0,"request_count":1,"received_data":103467,"sent_data":420,"comment":"","tags":null,"fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]}]},{"fqdn":"www.gstatic.com","ip":{"addr":"142.250.178.67","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":146047,"first_seen":"2012-05-29T15:36:17Z","last_seen":"2026-03-29T22:42:45.780712Z","alert_count":0,"request_count":5,"received_data":2701140,"sent_data":2418,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.251.38.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-03-29T22:20:07.848058Z","alert_count":0,"request_count":2,"received_data":5296,"sent_data":931,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"dataspot-bucket.gallabet1066.com","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2026-03-29","domain_rank":0,"first_seen":"2026-03-30T00:17:43.240555Z","last_seen":"2026-03-30T00:17:43.240555Z","alert_count":6,"request_count":2,"received_data":0,"sent_data":1490,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.recaptcha.net","ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2007-01-06","domain_rank":7582,"first_seen":"2012-07-11T14:32:37Z","last_seen":"2026-03-23T11:06:08.346109Z","alert_count":0,"request_count":3,"received_data":99268,"sent_data":1884,"comment":"","tags":null,"fingerprints":null},{"fqdn":"cdn.segment.com","ip":{"addr":"3.167.6.134","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"domain_registered":"1998-07-06","domain_rank":9348,"first_seen":"2014-04-11T12:30:48Z","last_seen":"2026-03-25T16:50:38.836186Z","alert_count":0,"request_count":2,"received_data":111164,"sent_data":958,"comment":"","tags":null,"fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}]},{"fqdn":"galabet.winwingames.io","ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-08-15","domain_rank":0,"first_seen":"2026-01-16T16:03:38.346691Z","last_seen":"2026-03-28T21:31:28.204137Z","alert_count":0,"request_count":2,"received_data":4042,"sent_data":950,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"dataspot-int-bucket.gallabet1066.com","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2026-03-29","domain_rank":0,"first_seen":"2026-03-30T00:17:43.243236Z","last_seen":"2026-03-30T00:17:43.243236Z","alert_count":3,"request_count":1,"received_data":0,"sent_data":749,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-03-29T22:16:18.281815Z","alert_count":0,"request_count":2,"received_data":81926,"sent_data":1098,"comment":"","tags":null,"fingerprints":null},{"fqdn":"api.livechatinc.com","ip":{"addr":"2.22.225.83","port":443,"asn":20940,"as":"Akamai International B.V.","country":"France","country_code":"FR"},"domain_registered":"2005-10-31","domain_rank":29526,"first_seen":"2013-12-20T14:27:35Z","last_seen":"2026-03-23T22:39:45.742119Z","alert_count":0,"request_count":2,"received_data":7199,"sent_data":1226,"comment":"","tags":null,"fingerprints":null},{"fqdn":"explorer-api.walletconnect.com","ip":{"addr":"104.20.35.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-12-19","domain_rank":466611,"first_seen":"2022-10-10T18:16:28Z","last_seen":"2026-03-27T01:21:15.031255Z","alert_count":0,"request_count":8,"received_data":461569,"sent_data":5074,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"www.googletagmanager.com","ip":{"addr":"142.251.143.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":283,"first_seen":"2012-10-04T01:07:32Z","last_seen":"2026-03-29T22:23:59.734728Z","alert_count":0,"request_count":5,"received_data":1796136,"sent_data":2495,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"events.eu1.segmentapis.com","ip":{"addr":"99.80.126.176","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"domain_registered":"2018-07-31","domain_rank":186340,"first_seen":"2021-08-11T00:43:45Z","last_seen":"2026-03-26T04:37:52.159631Z","alert_count":0,"request_count":1,"received_data":261,"sent_data":498,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"crm-lib.fasttrack-solutions.com","ip":{"addr":"104.26.5.72","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2016-01-28","domain_rank":1905587,"first_seen":"2019-02-04T20:13:24Z","last_seen":"2026-03-28T16:05:26.210528Z","alert_count":0,"request_count":5,"received_data":2904172,"sent_data":2421,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}]},{"fqdn":"my.rtmark.net","ip":{"addr":"104.18.41.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2014-10-29","domain_rank":43911,"first_seen":"2015-02-04T09:54:57Z","last_seen":"2026-03-25T16:51:12.192335Z","alert_count":0,"request_count":2,"received_data":2114,"sent_data":1052,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"vsb51.tawk.to","ip":{"addr":"172.66.161.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":928167,"first_seen":"2020-04-04T10:02:36Z","last_seen":"2026-03-24T15:18:43.019549Z","alert_count":0,"request_count":1,"received_data":417,"sent_data":1080,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"gallabet1066.com","ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"domain_registered":"2026-03-29","domain_rank":0,"first_seen":"2026-03-30T00:17:43.233293Z","last_seen":"2026-03-30T00:17:43.233293Z","alert_count":600,"request_count":200,"received_data":6825643,"sent_data":144846,"comment":"","tags":null,"fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"PHP:7.3.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}]},{"fqdn":"icons.galabet1063.com","ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"domain_registered":"2024-04-26","domain_rank":0,"first_seen":"2026-03-30T00:17:43.234663Z","last_seen":"2026-03-30T00:17:43.234663Z","alert_count":0,"request_count":54,"received_data":7671757,"sent_data":27045,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"embed.tawk.to","ip":{"addr":"172.66.161.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":52083,"first_seen":"2014-03-19T21:03:49Z","last_seen":"2026-03-23T03:51:07.565074Z","alert_count":0,"request_count":21,"received_data":1112314,"sent_data":9579,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"va.tawk.to","ip":{"addr":"172.66.161.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":51316,"first_seen":"2017-01-30T04:20:46Z","last_seen":"2026-03-23T08:35:22.773834Z","alert_count":0,"request_count":5,"received_data":7872,"sent_data":2610,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"gallabet1066.com/","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"introduction_type":"scriptElement","is_inline":true,"md5":"223b6693eed40a304853d3f3d3960cca","sha1":"29527739effa7543cea383e1abd210e6625d4203","sha256":"3c97397fa89fec308ef0a3460e7c7c35e7ccb0673bfd0f3fc9ea446e80ebea40","sha512":"54f9c1566e69808c097dcb81b7f4035c4e38c21e37e4c9463d1b308ab5bc3c70faac197e780225066f0bfe60429ee7108694298695cd4dbc03fc8108d481debc","ssdeep":"","tlshash":"b951448e65b1b2b327ab20e48f8b3095603b9657100ee511f5dc4b44bfc224ed3679ed","size":2698,"data":"","first_seen":"2026-03-30T00:17:55.509406Z","last_seen":"2026-03-30T02:15:03.323535Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/index-B4qfN096.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"introduction_type":"scriptElement","is_inline":false,"md5":"36f1468e9eea272b887839dab2239b22","sha1":"ea0abc0ef5f84566ac7bf5ab2d20c797f8607558","sha256":"f5f2b44ea4fe7d11481b31e95fa9b90b402d5ee49056225a19579bb43020f47b","sha512":"49616184f0316ed4fa29b102fe03b35c5069da423c1b3c47edd4d88c9d166c1cdab78872d2cdc30feffc242969b01bfb5d6a3e9aafb6a5ea389ba052e5859578","ssdeep":"24576:OyOgWT+GeNs1/FQpkdUDk2YePx6K2GVvbj+PZYv+kfTLmLEb:OyOgWTzeNs1/FQpkdUDk2YePx6K2GVvT","tlshash":"b8357d85b145b9799bb709e560af0006b1391e00f40dc8a0f57cddad29bd849a2b7ffe","size":1131563,"data":"","first_seen":"2026-03-28T16:05:39.73334Z","last_seen":"2026-03-30T02:15:03.32905Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/DisabledMarketEvent-PQcjEpks.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"introduction_type":"importedModule","is_inline":false,"md5":"b245926e1ff60383c327a303aea22c89","sha1":"cf3295b5e706885559b46ca3035913b632440271","sha256":"238373733a1f30665cef616522170ef379b7211d953a8ea2a3a4e498729de4c1","sha512":"9c418152bc8d65bd49c3edd01dd4083d260d591c8bc653f61417ac683256f509abac0ab31262eff233e8b97cce1235a5bb61e8d309daa67efa879f5cecdb5699","ssdeep":"","tlshash":"e451736db290fa3c993604dcd27f1f1b701916a1da660592e0be4d38154c09e35aefea","size":2717,"data":"","first_seen":"2026-03-28T16:05:39.552659Z","last_seen":"2026-03-30T02:15:03.141193Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/tracking.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.179","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"introduction_type":"scriptElement","is_inline":false,"md5":"dd510b4b92c4565876eaba0922be31c1","sha1":"d5cb474672f30fb40b2890b9997489ccc4959ede","sha256":"4867e627df680a89fbfb6f12e0d0d7954c66892b4ed298ea00ff6edf9458e233","sha512":"11cd053e8cd60076b70d6cbc0135fd555b6c7066cbcb380b11c61ffb5b99737d202de4706d734de5aef57bfc8758ed55d810a813d7b045bcb5f906fc4d5c6468","ssdeep":"1536:E5yeuRri7fZnapIckNteu4RbyitiBwpDwLmkojkvRX2L/e:E4euRu7BLqu45yw3kvULW","tlshash":"d5a328d67282b03493f785e7a17fa216b33a191c740d8410f17cec6a396a9879177f2e","size":102724,"data":"","first_seen":"2026-03-26T10:47:24.35031Z","last_seen":"2026-03-30T09:59:39.353304Z","times_seen":338,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.livechatinc.com/global-mapper/lc_license_id/19330347/region?jsonp=__lc_region","fqdn":"api.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"b17346aced6298b7e1cadcd62f40003c","sha1":"c28b849fff4b4d9d006d803bc4d18368446ddce4","sha256":"a379b1707064386da00957301b6eb053249cfb462047d44e4fb6d52898f5b78b","sha512":"93be3c00856eedc8cedd0c7bd2b2a5873aa85dcf9e893d9e972421d122c568cbb1c9b4ca633497bc80900f688898040a218616dc69a4716fcd3d5a2dc93fb928","ssdeep":"","tlshash":"8080000e20002ae30a20ef3e8023ec0cb03e033223008288c302208228002b0822ae0b","size":35,"data":"","first_seen":"2025-05-16T12:26:33.454661Z","last_seen":"2026-06-08T16:18:50.73373Z","times_seen":27953,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/tr/","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"25968e8050b03a228b4d547826b098c6","sha1":"b15ac3dce03be69ab8e198afebaf9cf761cf9da4","sha256":"583e20359cfc6a64154b601fc47309be1e57fc2b89434d8a7649445fc66af0fd","sha512":"d2256261787b021c3ef34b69e3509640f04abd03353b7dbea1d8f07211764770e8b0a4a1ea015475e3c326d1fc797d8191b87834550309076754f8b1213dcab0","ssdeep":"","tlshash":"89e0f1e77817486a749f01bd6bb5902431832119640dc922fcfdd4241f60693cc0e88c","size":435,"data":"","first_seen":"2025-12-24T22:39:16.413128Z","last_seen":"2026-05-22T17:22:58.341014Z","times_seen":52,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/69c8f7f605c7ed1c37642349/1jksgh73g","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"172.66.161.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"94a4bd340dc6119788751c6a95f18ca2","sha1":"c6f23b354a088c909d7aaaf0652561b672650884","sha256":"ee0b8fe37c4386603e789bc7d14c90a3e6f8804f64be931be235b9f90d2c8033","sha512":"4536b60bc7b905811dea575e64c834a051ed275d05727d9073a77134d83d4c3a4f29ebc6dcf06235becee9bd76fc89e906a90537e1b6226139a52edb9742dc01","ssdeep":"","tlshash":"5941edea5b4f1c56b22410d90ebef90ef47220e749da5892870c085272657ad2f8ee38","size":2123,"data":"","first_seen":"2026-03-30T00:17:55.400438Z","last_seen":"2026-03-30T02:15:03.168045Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69967ba6a3b/js/twk-chunk-2d0d2b7c.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"172.66.161.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ecc9e5cf090bf5602a01763e2895acad","sha1":"1d07eaeecb0a31f0d95363694e803282518f81a3","sha256":"1cb6c04d780fb838f64fe8bad72bbc16ff24e2466f9ba3123471321f8342cc0a","sha512":"9ace38dcdfd09222ce1f2536d8e4acc781b0055d6ae35486922b86baa540befc98bd9a5bc67bb00b0ef09b9da16ec97b1fe3b2b676b1403cde8eb2c13981870b","ssdeep":"192:0CFny7CpmxwbZlR1cwr40v0zSrj5D6/L6LvGokD36b4hwseQ:08mChZlRNr40v0GF/LvV4hwsR","tlshash":"073295b7e0a1107ea316871c506fa610f61f6c8ab2161da6b67ab46f900ddcfc065f7c","size":10938,"data":"","first_seen":"2025-11-28T06:07:28.918411Z","last_seen":"2026-05-27T07:42:34.869974Z","times_seen":26442,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69967ba6a3b/js/twk-chunk-7941cc06.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"172.66.161.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"09a6b2a4fc1400ec37c1115e6aa1670f","sha1":"d703fbc76276de75b56fad5c189fb663146d116b","sha256":"59147272a66366aa00b1f3771a23f360ee90c3bcac88ad31f59d29562b2d3c28","sha512":"2af2fecb20cad761430bd295a3e8846ad7404f20c9610dc8e20010e4d941b9067a192e700a964b92fccd2289ae4a10eb0e2ae81db8323b49bc3c0543dfe0e457","ssdeep":"768:Vlxfu8+HYUmI+rTRWf2z+y+Um/+VRJWf/W+Hc1lt7Gj67IW8/JGvgLCBxf6stK43:xfurowf20UJWfO+Et7GZrC90k","tlshash":"a533c8c9b2d6f4258763632130af3006f27a4964a81dd155f334d9f6b9ece48a227f2d","size":53530,"data":"","first_seen":"2025-11-13T12:40:48.539817Z","last_seen":"2026-05-27T07:42:34.882187Z","times_seen":34008,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69967ba6a3b/js/twk-chunk-6289ff8e.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"172.66.161.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"79b4aa69d45c4b43f0b31fd971b1bbdd","sha1":"77122463966366aaa969b55f404af7903b9d8f86","sha256":"34b9a3ffbb7a87b04fe51abdb665588b82d1e5fba4cad27b6d6518228d20c2b5","sha512":"6bc666c4e89838ba9d62ccba15b642154cb69eb86ac22585e64e11eb0bca2ebc710c3c5cf8993a99aa85035e1ae44d566601f6b7649e7d92fa3d72a2f53f252f","ssdeep":"1536:BigMTWFu196wufn32jGDdgaOFUWbaGlDluK1MFY7dZPkx3u4V5pfYMrlSf:4nmuTilGhmPx3u4V5pPrlSf","tlshash":"36a3096ef091b47d8993d26120af3212f3363d55a919d0a8f234cdf859d89c9a127f3e","size":106023,"data":"","first_seen":"2026-02-19T03:13:10.618029Z","last_seen":"2026-04-15T01:21:42.737131Z","times_seen":8426,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/FacebookTracking-hUyPiv-j.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"introduction_type":"scriptElement","is_inline":false,"md5":"329b46df00ba81e577a706e48b1ea8b6","sha1":"6803507b12eb1d49401c2105daee852b12599cdf","sha256":"b83ccab6618c28370253e9678c6421f213cdf215b6cfad2058730d6cd2aeddff","sha512":"080bea66c63b2b2aa1116ad04256965e843c9488fc15cbb5d1191fd9a84d18afc2fe86a516b0711f79aa4d2ff78ce54650ab05151b2d9c12470cffaadb26f048","ssdeep":"","tlshash":"3601fe0f2c45b479167c18a8d3bbd81425ba590a258b44a5c6c389b52a2454a80cdb8d","size":680,"data":"","first_seen":"2026-03-28T16:05:39.419123Z","last_seen":"2026-03-30T02:15:03.124178Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/InformativeWidget-BeeJfdic.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"introduction_type":"scriptElement","is_inline":false,"md5":"cc3bb3dc26cc413e8130530cd33f1977","sha1":"46764917e47719272edcd1c3878b712222a97704","sha256":"700ac463afa61d312192241e608e724ca8b1378064d91ea45125dfefe02ce965","sha512":"19cc0aba25a81433479e695d99f206516d25750b2caa871d562b1bb00cb854b3d47bdb7519e503fd406be62321bc8d237202739db9e1e45ece7909db85698509","ssdeep":"","tlshash":"bb117986f590d6bdb0350dc44217909579312ed4cf39d4edd8b13004a87450bb6db7bc","size":1087,"data":"","first_seen":"2026-03-28T16:05:39.574196Z","last_seen":"2026-03-30T02:15:03.13277Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/jackpot-jNbP6Duk.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"introduction_type":"importedModule","is_inline":false,"md5":"c4e89512f1192d8bdeb452c2cce992bc","sha1":"1d30070e7d0ed0838dbae22c81c41430fb3d0d45","sha256":"4a7f2a8747580d38cb522b361b5cc73a8ebcdb6690f3f8d92d7dded5be8a36fd","sha512":"b548c62816c00d3df156b43a8e608d5d7de55931f121ecfda4e7296e5cd65208ffaf60871ba3b035cd43b5e2aae82b0965329a8c9b5a0821de5a23fbdbc12626","ssdeep":"","tlshash":"00e068eed8c08dfb967007552bb018840e2416ca101ec9e4be2672611800b8828f8239","size":376,"data":"","first_seen":"2026-02-24T14:23:51.255604Z","last_seen":"2026-06-07T06:35:51.65736Z","times_seen":99,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/tr/","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"932d1c008400401a55681904391c206c","sha1":"7cc9f4d6461805e1878406a830a785ed08d9adbb","sha256":"24cbc4e4b2c15b32036fbb84d653cb480e0818fda8318d2a806d8c3e8666dcdc","sha512":"06be73e2b9709f0164075b7fe30d5f2c03288af4d97b5eac9c0d77cd04b238efe0bf6dd746c6c9063b2f2edd00fa981d58769f76a1439687e7b0582a4d78167c","ssdeep":"","tlshash":"b421d6e238630473061625f7a93fb188b479341e2e0dd821c04fd9a839a9fdf81a3a08","size":1405,"data":"","first_seen":"2026-02-24T14:23:51.476805Z","last_seen":"2026-05-22T17:22:58.331427Z","times_seen":50,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/tr-D5SL2RUn.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"introduction_type":"scriptElement","is_inline":false,"md5":"3abf0a5430cab7aa01adf0e7c0166bff","sha1":"d414bd206f1dad3a73c1b996b6d0499ef31880ed","sha256":"4848b14db52c1881d2ab6dcd2da96487bf4cb8a0efcac7cce0985707b1510586","sha512":"ae6956e4640909e6186e53a223a9b897c16190ef91601521f9207accb33f3408fe6e8708aab120f63462a4d89619b52e9f0f9eac879b1b96dc627114598f5aa3","ssdeep":"","tlshash":"a431a44c2946eab287015987882f1f04f81d2b087036f1649ba0c561bab09ed807eb3e","size":1459,"data":"","first_seen":"2026-03-28T16:05:39.464196Z","last_seen":"2026-03-30T02:15:03.222285Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69967ba6a3b/js/twk-chunk-2d0da3af.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"172.66.161.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"6ac4b41bfa3079e73da08ba512cca2e3","sha1":"28236a6e21a500f8eb1fc0804ed1553f4b7fdcae","sha256":"b6ca684b4ef298f79d931ea40f8c3b597bd7e8d892a21e7cfc756cb3215792eb","sha512":"8fc4f8a4242748771f8a9220744ad1a1b501fa381ccbea978dc7062afee4c8788f2ad79a74572020146ce13610abcdba43f005cc36a2a455eb2d6a226a689f24","ssdeep":"384:UJw/U5YK8Hx9KJsThWazJbUZDkM0kWEYPk6F+UtKM5eH:6+9KJsThWazJbUZDkM0kWEYPk6F+92eH","tlshash":"9052c6a7b2a4782d42379712308f3205f33b7d45b215da19f36edcea4aa84c16056f3e","size":14213,"data":"","first_seen":"2026-02-19T03:13:10.683375Z","last_seen":"2026-04-15T01:21:42.644883Z","times_seen":7903,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/DepositCountTracking-BPbMtZMQ.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"introduction_type":"scriptElement","is_inline":false,"md5":"4f72be59fee316e116a7779e14bedef0","sha1":"30b3eae931e72896a74ec79159f38567af5fa8bd","sha256":"94c6db9a68566789952d6cf2d49611c60e2d357b6cd92631d910a4c02c1c0630","sha512":"6800e85fd482a755881dca2d86fe733dbc0f3ce9dd994c50ab54c3670284bd1090e1a2748bb6bf314ff4bf1f952d9bb3efb6b10acd681231b83a20b28b562769","ssdeep":"","tlshash":"c4f0029728b8d2f589493a8072c7a8f373f1791cb907c4c785bd4d56020d406e5cce2b","size":645,"data":"","first_seen":"2026-03-28T16:05:39.535611Z","last_seen":"2026-03-30T02:15:03.186913Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/StatisticsOnHoverContainer-C5ct3o8W.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"introduction_type":"scriptElement","is_inline":false,"md5":"1bbccd110fd24fbdb20d88ed9988b15a","sha1":"39c22630a12b61c951d3285dcd21eae5d8abf9d5","sha256":"2c262ba9bcb6e1f451dbe9b654c5deed31c4fbc060defa5e91afc8ddda8b91f6","sha512":"9cd6c3ddb9f231ba023f396d54db9659091f27065cb6ee57d10150634185967e554433562337e36a356bcfecbd31df9ae55b1474148633c8cce0514146af7e3e","ssdeep":"192:kn2zkXAsarXDxLwxGEE0D9AOgzmxj/e0R:kBParTxLwxGEphAdzmxj2q","tlshash":"6312746c118e5f69f41a8240b4202e35bb3a3877958d66f8bebc451fd3ce444bb9cb18","size":9780,"data":"","first_seen":"2026-03-28T16:05:39.490323Z","last_seen":"2026-03-30T02:15:03.215079Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/NotificationsButton-Ch9T4mRH.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"introduction_type":"scriptElement","is_inline":false,"md5":"5fb31f00e52440a0d2c363b9e2040e4b","sha1":"b3cc1083d243295dd12636e7ea007b4224012679","sha256":"6d9ea89253e66d4d0923f3284d0541cca09b63242f1d02c4767afaeb842df94b","sha512":"2a6ba46d4496de9896989cee8ea4ff0536632bee7cd723452e89e5ccab344cc446f1b05b70712759aa0ec943b29ed46f1be5b36ef57895a30da6554a2ecdc485","ssdeep":"","tlshash":"26f0208be9a8d5f51b824a21622b9016383b6d3cee0b548004a62ca9173401ac58fb9f","size":558,"data":"","first_seen":"2026-03-28T16:05:39.407956Z","last_seen":"2026-03-30T02:15:03.184898Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/index-DnlcLyxn.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"introduction_type":"scriptElement","is_inline":false,"md5":"11f328f79eabc9a081454a4b6686ade3","sha1":"ed07f739fbe2ce6a2af7b39b8f0e94f710f4a92d","sha256":"3c4be5a5ce6a35ef80d0c50e62d17f7b3f8b9fd6bcad633e674d59c7171a4d8b","sha512":"edae2ca5ae3917f42f6560d574795d1a571f5eb2bb3f28e36ac5ff5fc7463295cc032749e623954d42057d936474b91a2539873922e8760294e12adae834cf6a","ssdeep":"3072:mBwaIFmmU4Hxsu9jbgkqJFHSWotoOwhWBx9/F1FV:owhFHU4HNwFH7MoOWexZFHV","tlshash":"74f34ce063b4e17db603836e97e605e0e21cb444f729c0f4b6ed87f540c3599deaa629","size":157556,"data":"","first_seen":"2026-03-28T16:05:39.489438Z","last_seen":"2026-03-30T02:15:03.212531Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/AppSettingsButton-CfXkhn6v.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"introduction_type":"scriptElement","is_inline":false,"md5":"653a6c78a5c695035a2fa54b981e56ec","sha1":"e7e6beac6d97f6d7632063b49bc70238509db04c","sha256":"236c29c32028da8a9e87ecd43072b572d2ea5aeafa32f4e008589050bc36234e","sha512":"5bffa0e360b9609096c590a377a40479341d6eb039c8910fb5ac184474300aa5611cda1722fcfe3907d47acb3298301fee34846d60710184601296f0d23e7034","ssdeep":"","tlshash":"4ae068cb5092d2fa07911ad2c10b820639566c78c345951180b865b13bb8586828e77b","size":385,"data":"","first_seen":"2026-03-28T16:05:39.457303Z","last_seen":"2026-03-30T02:15:03.318917Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.recaptcha.net/recaptcha/api2/anchor?ar=1\u0026k=6LcKXcgUAAAAABnErUWDwYMpRiWUfgDhsWTkyPIJ\u0026co=aHR0cHM6Ly9nYWxsYWJldDEwNjYuY29tOjQ0Mw..\u0026hl=en\u0026v=79clEdOi5xQbrrpL2L8kGmK3\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=30000\u0026cb=d0lzo1o10o6f","fqdn":"www.recaptcha.net","domain":"recaptcha.net","tld":"net"},"ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"47f1d935aa62737ca7d59323b243d7d9","sha1":"15621c1748fc0a22297f0a3ad7ade7695ef3d21f","sha256":"53a9762dbda47069570d8fc45d84fd868cbe9612d4bc2476cc4422a439d58083","sha512":"0264adacde0b99e6d4465c99695d7c048b3cab082245c26cd41759c86e958ed787ba25e9b9f8f96fedb46a299a26f01fdf610f2b575d22d2421227a17a0100e8","ssdeep":"768:O6gL16X4i77geI8nuScsPpkYaeWHXtQZ1a:OXxxifgqnuDUkd8a","tlshash":"d3d2fad8f652b03952b270f4552f151ea2fa3d62ec0c289cf050c6d53eb099aa16ff5b","size":28674,"data":"","first_seen":"2026-03-30T00:19:06.838503Z","last_seen":"2026-03-30T00:19:06.838503Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/destination?id=G-2CT6DSEQTF\u0026cx=c\u0026gtm=4e63p1","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.251.143.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"3ee5c4888e06770b25ca0aceae0c1060","sha1":"85fd0aaaab5bd312bb029f58f75f2f2434d0d419","sha256":"0621b935ed503f3ba72241d05e8470bcb1ad3df542dcb27c3eafe50a9c7c0fd8","sha512":"637a0df2c1df964966673aee8e3a648265d94d2d3bf04c9b5ccb7fa803b76462420abdd42ce3d42878effc7704d475dbc0691dbfe4403cae987742837c74ea43","ssdeep":"6144:drORjaFCE9VJlQGXHIzs8WVP1W+rwkQdqQtYTc0HdZgQ0:DCEfJlbIY8CmOp0","tlshash":"f0a40aceb3d674625296e478903f01cba57b29e2b44cc8a5f189cce02e7465a4277f7c","size":464727,"data":"","first_seen":"2026-03-30T00:17:55.401543Z","last_seen":"2026-03-30T00:19:06.824022Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/firebase-messaging-sw.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"introduction_type":"scriptElement","is_inline":false,"md5":"44b92a7d10cb0970ced5798c2eb1b8ac","sha1":"819f60615624f025d1256efc408d8e576a909c7b","sha256":"a87215bfd90d96fb55335ce2b2411f38074588149c9e896505cb10b250e17e1e","sha512":"75c55da9e8afbd96b6219292c91fb88e01c15d20bafc974028763227220aa042f4b761895d44b0394baae53c225e9b0c109d2eca333aad6b382951a60448e8fe","ssdeep":"","tlshash":"5121cb124be2f8231e4104c7679f32186e290d2507b0f1de61bf56b86b0a57b206bbc5","size":1125,"data":"","first_seen":"2025-12-24T22:39:16.149326Z","last_seen":"2026-06-03T04:20:31.962446Z","times_seen":77,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69967ba6a3b/js/twk-chunk-4fe9d5dd.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"172.66.161.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"8249fafc9a9fbe0f75d4bef0aae2305a","sha1":"fab6dda0967dfbaf8ba0cfe5cfade8e150d1735d","sha256":"69b650b4d6479fd29987836a9b74147aade85cc9c50024bcacd5dfb2cb793e8d","sha512":"d0bc9a750061e5b4b761db081656b0e1e655126a413aaa22e87ce14cdfaeac34d532acd08eb0d61274707212871f6d84369b8b2a1a6d3e6c3bfd3d4167afa865","ssdeep":"","tlshash":"f9110248f056b8fcdc8af64288df143034627d4a898cf9e6f5f0aad405555ab312bb5f","size":1000,"data":"","first_seen":"2025-04-29T08:39:38.372752Z","last_seen":"2026-06-08T19:38:41.30163Z","times_seen":43759,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/Firebase-BQz29U-S.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"introduction_type":"scriptElement","is_inline":false,"md5":"5a7833f78effa1f0d98fe711de9bd881","sha1":"f51570b57fbdd094da0beb311a9741b9d8cc00d3","sha256":"8825b8e95295627a01f597a16173b69bb346e64bf7873da5559e040cdf4cfbb3","sha512":"13c3062da50f0a48a04bf9caf38f787770a31e92d27d6b4dd190d16ff04025f4e90e8c569c86bb350c5757bec0b7251bea5a03e2ae7df3fd8dbf5d07075dc0fd","ssdeep":"1536:N4B1ZtLG0w0MlRdcuwMU51uxIZOLphF4yslNmuICMmWJRvebilqVotWL8Avw+u7h:Ns1ZtLG0w0MlRdcuwMU51uxIZOLzF4yv","tlshash":"3783957d7a922a3317d189ab792f50cbb319c64d390f8394741ec0e91e3e45a45faeb0","size":84095,"data":"","first_seen":"2026-03-28T16:05:39.472649Z","last_seen":"2026-03-30T02:15:03.120027Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/PromotedProductsWidget-ZLuvwdOu.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"introduction_type":"scriptElement","is_inline":false,"md5":"2f3434ede25de2187b46f0f1315f2451","sha1":"0dc0fa5534dc32d81a97b26c1a040f810fc95748","sha256":"e4d84411e81c6fe569f5649ce9a0c60e62f314f382054a2680c206eea2a616fe","sha512":"35d16f7c6f9a36eae2a7eec4dbe7bec5f38865df0e16d184e480cf91e6555f5a2758b349471389bc769eaf68a8504fddb838fd7f370926dcacf5b5dafdf581d4","ssdeep":"","tlshash":"164164c2d834b3b9f63e1cec224510893c267d18c96549a560b77d26a13d812bb57ffc","size":2125,"data":"","first_seen":"2026-03-28T16:05:39.582941Z","last_seen":"2026-03-30T02:15:03.208861Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/CasinoGame-ttw0yr5X.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"introduction_type":"importedModule","is_inline":false,"md5":"89bd8d536c7bd7bb8a6e3bc68e410f81","sha1":"2b72262da87021d6c73ab0286178b33d7ad39b82","sha256":"1fc3bdb84baa35b6847cdbda7954fc6b75a10840a339c14d9e50c655d105e422","sha512":"5bb883e7ddcf0609312bb04df9ce21fdc40850324eb07d3fb041e351ec9c7bbe3b9f4635109f84f387f627f2e5ea68604694aefea2f65662ca62886fc4a277fb","ssdeep":"96:j/1bqI2i+M36ZhR+hoEYxF+OZZ9LWQiN8M+xn5Z9gvWwBVlLVdNRK:zNqIF340T9eKQiN8FxnBcLVdNRK","tlshash":"fac1a549e024ebbdb83a48d9986f102574192fe1de198075f47da839313c11db227bde","size":5870,"data":"","first_seen":"2026-03-28T16:05:39.587003Z","last_seen":"2026-03-30T02:15:03.187727Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/usePriceChange-BUWblRaB.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"introduction_type":"importedModule","is_inline":false,"md5":"6c60da2f36cbb5113e240c4511901263","sha1":"099a076b77c9f0a7167bfc96d85d1288421d160a","sha256":"7ce97772d8642a6c697a506574df8b8e8a7d5901e7426c0dbbf4b8bc4ab51514","sha512":"c0e39a25d56ffe6f51d20ad2f19a0eb5b1bd486eaf25f50c05d3c60d9ad40d89cdf64f675e0a650adf78a3b5efa62772dba7f96105ce56a9c61b0a8a550c1912","ssdeep":"","tlshash":"ccf05cbd14901823545f0cc4c26485572fe52ad56bbec31eb230882d37589af06aef66","size":470,"data":"","first_seen":"2026-03-28T16:05:39.423122Z","last_seen":"2026-03-30T02:15:03.22844Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/CasinoJackpot-RsiXUbiX.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"introduction_type":"importedModule","is_inline":false,"md5":"53a0885d32acbcda504a24d95c4dfb26","sha1":"9ef3fb6695c8de3862eefb6a85b17a0a6cc50510","sha256":"ab8a43e82cb7803d2beac172aad50c08063613c2d5567d3212871248c8ec6eed","sha512":"f37e92ed0c8c2b712c67a4fab882b90a929392a36599c01ef35c1eac7d1c8dc2fff4c7590dca78a6b2884c292aafdafd8658f85019185e830acda44cd240a768","ssdeep":"384:eam6srKqqF3EjFOFEGOpOpeHMtGRxeG/PcyKxV6TSPFFWB:xmB7CEGOpyts/UofB","tlshash":"00525c05f012b7edbca954f7487ee0297a5e1aa9c71808bcd1bd6c313d2c855760b7ac","size":14339,"data":"","first_seen":"2026-03-28T16:05:39.433214Z","last_seen":"2026-03-30T02:15:03.140279Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.livechatinc.com/v3.6/customer/action/get_dynamic_configuration?x-region=us-south1\u0026license_id=19330347\u0026client_id=c5e4f61e1a6c3b1521b541bc5c5a2ac5\u0026url=https%3A%2F%2Fgallabet1066.com%2Ftr%2F\u0026group_id=0\u0026channel_type=code\u0026jsonp=__a91tp2l43a","fqdn":"api.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"2.22.225.83","port":443,"asn":20940,"as":"Akamai International B.V.","country":"France","country_code":"FR"},"introduction_type":"scriptElement","is_inline":false,"md5":"e48e8c20b26fc6d2c37cb114d795e23a","sha1":"3d13f71d9d8f6addf4c0c0e1c34593d73f1e25b8","sha256":"3f55eaef950218f72fff0d17c33b055f4e4442cc1f77f0a70954b2987ce318a5","sha512":"b6db654f7d9995dd36ec63235c6a103874999550a88aaae8cfe2c40a50daec933e4e0cf118fba4314a5d9f1c2a14177634c801fbbd100c176bec91d76fe893a0","ssdeep":"","tlshash":"ebe0f16361142674d6c8e3bd8400674278700a97410495bcb56e0240131b7ceb314507","size":390,"data":"","first_seen":"2026-03-30T00:19:06.834829Z","last_seen":"2026-03-30T00:19:06.834829Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/lodash-mq4f_UMN.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"introduction_type":"importedModule","is_inline":false,"md5":"f8720f0f29964a56710f60e77afd1621","sha1":"62a973c1bcad1ace8e7e59140381c3c58ce6884c","sha256":"e2edd84139ebd5db6d21a8b18f1235348ed9cf7c046c87f1aab29826cacf02f4","sha512":"9e98a629a56bb137444cb533005b46482afda1668df60a44ddee9a038a9af57677cbba38e2c6413a089ce14ed9459814b5c7705dd5ec25704c0e8be0bd23f3a9","ssdeep":"1536:Tit6Yc+cPLTG4Z/e1tR8LWqpx7E6GyT1SCeES3n1dPdy0D5zKKif78dqHQ3DKmLo:TAcqwWq6yT1EedNHYDKmRfKMa","tlshash":"76f3a0c835d7f4a183a7287440bf084ff23dad65a84cc550e1aae0dd7db89298277e6d","size":165288,"data":"","first_seen":"2026-03-28T16:05:39.430528Z","last_seen":"2026-03-30T02:15:03.204731Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/WagmiConf-B3PbL1Lw.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"introduction_type":"scriptElement","is_inline":false,"md5":"2a80458f958682aaf13b3101ac1521ca","sha1":"00248f900da57ef5899070954d48efc880aa87ec","sha256":"eb45d373608b9d08974cbf6d1056e66864cbd70882223b92dfec7bc972b58e0d","sha512":"0e07286342d917656ce8febc219f324b9161cb99c0a203d6f3c1ab17f419b876cb03745cc42803f43bb10a0a68b665c986231cc266b7c6777757d1c5b9aace37","ssdeep":"1536:h2Caz/SCdwD7ZajZlO7jMMDWOx6uxG7k8UhVxSuS7XUF3waGBfGYBgEytq2bPGAV:YCaSlx5xG7NU+WEy1bPJv1K/XGd","tlshash":"fba34ad07196b46103a74ae008bf440bf239ac34200e565cf269ecde79b96e99277f7d","size":100978,"data":"","first_seen":"2026-03-28T16:05:39.390509Z","last_seen":"2026-03-30T02:15:03.158668Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/GoogleTagManagerTracking-RoemoByL.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"introduction_type":"scriptElement","is_inline":false,"md5":"5fb25ba20ae4131564a868996f7359c5","sha1":"ebe3fffd8c659ea368b68676fecaf54a429a13aa","sha256":"31af8004759616dbecd6205c067386976eb69cfdb2e7a940139aad09210c183a","sha512":"e0913be626432beecdfc4dca91d3dca5ce080663bb64fb8a8346dd2c20974371a7fcece00643a3b2e31a6aec55c09dab66223bdb66cdabc4151f35ea26f47673","ssdeep":"384:IUQbKxoHovyaM6xGBYgoxNuN15pK75Q4Fr1xQkbRgywBJsJF+Fa/BmhsRboAki7O:IUIKxoHsYyNuN1zgviimywfkMF2mhQo/","tlshash":"d692a8cbf96508a0a6bc1fe81b93424738f1ba5ef49144747c6e7c0c223cd0ef2a5969","size":19972,"data":"","first_seen":"2026-03-28T16:05:39.4776Z","last_seen":"2026-03-30T02:15:03.175461Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/bookingBet-cESIhAq_.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"introduction_type":"importedModule","is_inline":false,"md5":"02808f2f70ec537c2d34e7d444109b03","sha1":"9d3b7f7cc696da2ffedb1871557f438b0b235d7c","sha256":"bcb2d7b8cd2175fc2d17f002cd0d2292f497b914adda309f5bfedaf901e4ab41","sha512":"ae1b62eaf4c5e2aab0a7f1c0c5e84019eb1906d8dcde9d26831c66f4d26fb0798bd7d89dbf71b5d85470cf7f668119844b96992c51329556aa939d91f51c5c18","ssdeep":"","tlshash":"7a71e664fd20907e67f2317df4de7b426b2c4ba871a19a40ff6b5e0841848cbb534638","size":3796,"data":"","first_seen":"2026-03-28T16:05:39.507069Z","last_seen":"2026-03-30T02:15:03.271067Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/DataspotTracking-C_baP2Ds.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"introduction_type":"scriptElement","is_inline":false,"md5":"75a1c183e0f0a28fd5c2cb66023a8eb2","sha1":"39495b7bb5f5f9b7eff17304c82af4ef71bb5e39","sha256":"b41c2e5c60e2c45827134e035c32cdc98b14af5a4d50251dc7e16d0cc811b739","sha512":"81cec4eeb68b02640a94e2d002400ed517caf7f83efbf755f6aaaad0b539a2f683aed0c1285a490307991192b1db274b7382f4cec1c8923291244e2c6eccc358","ssdeep":"192:0DwuqOQcaXEibcCOi1Kb0cHHnBxCHynNvuvXvqvxuhqVeDt8V7uS:ARqOQcaXEinAxCHyn5Q/0gh8k8xuS","tlshash":"8cf10655641e68bc7033c6ad0d5721a244387051e2329de076aacf6a9e3d9c28ff77cb","size":8166,"data":"","first_seen":"2026-03-28T16:05:39.491245Z","last_seen":"2026-03-30T02:15:03.149918Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/index.es-Bpw37RR6.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"introduction_type":"scriptElement","is_inline":false,"md5":"9df61dc2ccde4dfd054c6b9af8c5e06d","sha1":"f8c4a77d42ba76911290193895b4a3627fbb2a76","sha256":"6827f8b04575955fc94d485b80aeff36fbe2160547ae41fd21390865ccf765ce","sha512":"4c13e2d817e98a74e9a5f3cdbb9fccbea1f35c06875c21e9a62a88c38c49e536fd3711c469b0beed5650b5de129a145e12b76ec19f88d69244cbc4aafcc4eddc","ssdeep":"3072:FzCw7+KZdQZv/7VXKAMJtSu7vYK9u6INz8P1jXJphlzfl8FnN1Nd6UVh:Fz77jdU/7sJJMcvYisoljSFN1Nd6UVh","tlshash":"a054fa8472a7f47543d665a8943b1542f23a5c64700c902cf6acfceebdac4499a3bf78","size":295236,"data":"","first_seen":"2026-03-28T16:05:39.465335Z","last_seen":"2026-03-30T02:15:03.205249Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/FavoriteGamesContent-CiuAoX4I.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"introduction_type":"scriptElement","is_inline":false,"md5":"1c1fbe960c6af46770f31f974364c95a","sha1":"c5099dc75f89a8d32a350dbe111f3a4269df5a83","sha256":"2106b9535d3a8639be04578a9c8ebb498a3f07c848a834aacd58e411dddc981d","sha512":"97b1e193c606c567b7c99ca10a8600edd40d5314fd766e54ce54aae5486ef758b4fdd3290ed2ce58f10127c1bf9fcb3aab01c42b90a952b05cbb41d59a6cf75c","ssdeep":"","tlshash":"d751a50051415ff9bb8f9ed66e17d0a419b6074ca246c17da8785e3d341da007237ffa","size":2785,"data":"","first_seen":"2026-03-28T16:05:39.427402Z","last_seen":"2026-03-30T02:15:03.138643Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/tr/","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"3166d5139ebca4976a7df164026ff20d","sha1":"d7405b66cf00d1db4dc3140d6b1c63bca60fe4a0","sha256":"b297727d234af0837389b8bcaa1e72f4d0b62cfc126a4b9bb76201c5a52755ad","sha512":"ae0db71fd045eb0b103fd15902be9eb9a72763fc8494c7eec08ec13288bb0a46f320674f46a6467ba33f3869d3c388f15a83342bbf86aa38ef1810ed930d046c","ssdeep":"","tlshash":"4390024d71877261454126ed546a1016d3354480561c0113a7010081389814e42a5b8e","size":52,"data":"","first_seen":"2025-08-01T02:35:18.735752Z","last_seen":"2026-05-22T17:22:58.325768Z","times_seen":64,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/__config.js?v=1774829636362","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"introduction_type":"scriptElement","is_inline":false,"md5":"f2297f3087c45c5a7f4f6cf3b39ec5b5","sha1":"429a86e521e3e8d8f71b5e690d9cc28785dcbc61","sha256":"bc682e1d5fd213f2c047447eb35ad4d7b08df65d95f98e85eecafa59b255935d","sha512":"bbe09e6da8dc8b67d9ff376309990f31c5058aa7bf5278cf4d8014da22ac86964c60dd7c84cb186842652514910a56078e028373d4462d5ec6bbe8c4fb6a03b4","ssdeep":"","tlshash":"30d0c220e95408b60329251a54061603751ac0cf095dbd1632d0086cdf4972f4ef39ba","size":280,"data":"","first_seen":"2026-03-30T00:17:55.425516Z","last_seen":"2026-04-14T17:04:19.93023Z","times_seen":9,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69967ba6a3b/js/twk-chunk-2d0c8092.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"172.66.161.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"77424425bd755d02077922d40a96c207","sha1":"9702eba70ac4506031d55a8c9cf6732a66853b2b","sha256":"1128f463d0038310bb65c71ee2bd50f52e40dd9dfc0489e127f3912a1aa728ce","sha512":"2ac723d6ab08dc1cf45141cc44966d9b0f01c892511f40148d785de61ac084e014799555bb3b574f6f8b78e9410df8c112fd437eafe0aa747babdc52b451d1a7","ssdeep":"96:zNC9Hqt7pEma7hY/rcKaJBPDRIv6hJQ7i16p3n4vkjvxQcsD:zKHhNYcLRIvgx43nVY","tlshash":"13b1859ef247b456c156225150ef3b1df33a281ca61ccdc8a66565f218784cba077b39","size":5261,"data":"","first_seen":"2026-02-19T03:13:10.646706Z","last_seen":"2026-04-15T01:21:42.571941Z","times_seen":8490,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/walletConnect-CiycSUBb.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"introduction_type":"importedModule","is_inline":false,"md5":"da47465662d5f1b88313ef72ebb29b9b","sha1":"e0d2fd5d0504d57d4b24f518b22952d2c988a7fe","sha256":"3bab1d05ac548fa6a9da34691fb10a9952e78e39de56d9db8e707490f5693803","sha512":"0caccce9e0a63d128acb707352cf961d8f203ab6088a491971a415a6902229d366a19c5983aa951831611446a97d432ac6eb2fa0aaba7cafee0d82e68688bcb2","ssdeep":"","tlshash":"cc4153ed9a14e4fccd74d1801ac9a709a0268ec6b40d40cb71cd912f0ffd4aad546b27","size":1998,"data":"","first_seen":"2025-03-03T02:49:15.275081Z","last_seen":"2026-06-06T21:30:11.623634Z","times_seen":1659,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/userJWE-CvawXlgF.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"introduction_type":"importedModule","is_inline":false,"md5":"7a4eecb04a9e0fc7776ee56f4a05d7cc","sha1":"adb4113c2febbef9b3a9aa9730bd5fc596ee7908","sha256":"cd3736d732f8431de955d36348ab83aa520e212b54b62c7feb1471a9cb00e95d","sha512":"1555ae9fe9e71a92ead50dcdeabacc62d763744cddae2b2260db151c6c16ca8d1f5b1c3133be8c9ca72c784b22f67b4d03c2e42f4ab52e1423a1f797fdcd2a1f","ssdeep":"","tlshash":"3ec0c0db0cc411f7c5582c40100adc1392303d1463d9d341af1883fa7e5100ff20cb20","size":193,"data":"","first_seen":"2026-03-28T16:05:39.46777Z","last_seen":"2026-03-30T02:15:03.141885Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/SmartMarketEvent-DYGb6D4W.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"introduction_type":"importedModule","is_inline":false,"md5":"9a0359779601302b3cc85b6a76bc78ef","sha1":"d2f9bf1520e5241eb859240a838f8c18f754cf9e","sha256":"abb6c03f0cf5385e809cdbc4991cdaf65ff7457d045f6d70593e95ac3b577e4b","sha512":"24bb729c19af36356788e935eb026bf89fc7132b9e962dd6d5928484f9632e9d789a8433176c8677e714bd073565c22fe50da288c99e334acf3309827791f293","ssdeep":"","tlshash":"5311e3d6d581323a0632c8bdd1109f42429c02d7cb210359e58b86f173ad4fda34de59","size":915,"data":"","first_seen":"2026-03-28T16:05:39.528898Z","last_seen":"2026-03-30T02:15:03.167529Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/UnavailableMarketEvent-BMKM2D6W.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"introduction_type":"importedModule","is_inline":false,"md5":"1ab1e90471648eb242de708c80b8509f","sha1":"7e45a70398b6179c6d68e752d1abf029b19f438a","sha256":"5a2c30ba1fc70dcd7ca3229292fa56415823049898937e7a0f97286274a5fbe3","sha512":"55278ca78d7127c0bbba0dea56f6086edf8dc8a322ea71626df14cb930153417ae9247d0b24c8a2b3ae64be708093559d8e8e45f5675f4fe54e55cf863766f85","ssdeep":"","tlshash":"2fe07d096004bbf6d02518ccce3e4b4d60120ba4c7aa45c3d1b910281f34226360eaab","size":308,"data":"","first_seen":"2026-03-28T16:05:39.509382Z","last_seen":"2026-03-30T02:15:03.17423Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-MCEY36CK22","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.251.143.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"261c16d9255c574bf4f8c8423c51e46c","sha1":"06883eff9a7ea2ed2d973ef8d0fd090c17322a7e","sha256":"e76fa2fb5bbb6c6b12b1e770e9b4f2d3b501bf8c1307c7ac1011165edf3d4e69","sha512":"eb080754c828730dff443361b84a4ce5c6ab3f87ae38ebb24a7a6cd592949c90dcdc4e6d09ad8ec80da5f4cd5a3dd616fcfb79f9f60347d293c55d5d3fa6adad","ssdeep":"6144:vAaORjaFCE9VJlQGXHIzs8WVP1W+rwkQdqQtYTc0HdZgQ0:vDCEfJlbIY8CmOp0","tlshash":"03a409ceb3d674615296e478903f01cba57b29e2b44cc8a6f189cce02e7465a4277f7c","size":464796,"data":"","first_seen":"2026-03-30T00:17:55.411615Z","last_seen":"2026-03-30T00:19:06.748739Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/gameDataProcessing-D5qIumMX.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"introduction_type":"importedModule","is_inline":false,"md5":"eb755f0c5aa5f4eec5a299d8ba09bfff","sha1":"124979f69779a74091b10ff98e551e84f17b40f6","sha256":"f7fa2ba43cf9df83777b3dcfb9479f5b276f866290d7e59bc423baf77be3e78b","sha512":"160bd3c6c8d004140373e06a4531eef8a800487da0ec8b1426d32bf01f7526bdc105e2931deea2cbcb47bbaca0ea8ce89f27f097d1c07f9740b344fbf20b7ef5","ssdeep":"384:8wphrrZxhxlVz12awqhvTXDsB4Pzenac0aw5K4A1nV:8CptXDe8QiAX1nV","tlshash":"8d72750b8a024c12c97e4639c0aa15f1b9781b32e8b8cdd51a655c7afb5fa5b31e173c","size":17258,"data":"","first_seen":"2026-03-28T16:05:39.564915Z","last_seen":"2026-03-30T02:15:03.146789Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"introduction_type":"scriptElement","is_inline":true,"md5":"5f6590d4410f9b76a056888193951561","sha1":"2f692c101778f439c9839521a1acbf7ace017d77","sha256":"871912070f8a2b91a9ee8d9eeab8c5dd9a77b73f08b3203d9180b89e53a5e069","sha512":"51419a681b198e540e46ad3ccfaba157818fc48f4e8a171d6d4a51d7199aca5aa9bc110b6e1c02d2777e3d1948d7256f0cb3b7083ba27b0b05c1931d0e65c246","ssdeep":"96:GsVqm9T0XexhS0cUEG0sZNqO1h3umiUCNHTiB:GKqmx0OPSg0g1QECNziB","tlshash":"9391ca99e0b766750363b43b27bb91013b22a55768c0f9853a1f07c41fd602971abef7","size":4225,"data":"","first_seen":"2026-03-30T00:17:55.519166Z","last_seen":"2026-04-11T18:43:32.574315Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"introduction_type":"scriptElement","is_inline":true,"md5":"01365b73d9a9e684f052cb3e39b94f18","sha1":"513c916385b549c10d71ca5b3c84927ab46cff5a","sha256":"c821c0d5e09b5e32ba8dee4e35db72d8e3d931329e47706861aecb35200327a5","sha512":"20f7fc0d722017c3a2911e238357960e90161e9aa4457e53763a3877d8915a8b7731ae1805e3edadb6a693136cbede5fcbbf72b112190756d09e249e814df69b","ssdeep":"","tlshash":"b5e07d5d2a407d795347535725f3ee1c70723028a946a4115def8c092d0ce8f8415f5f","size":324,"data":"","first_seen":"2026-03-30T00:17:55.526625Z","last_seen":"2026-03-30T02:15:03.336937Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/index-DNnDxRHk.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"introduction_type":"importedModule","is_inline":false,"md5":"36ac1b2ed92a19d8c1c2d0229d27d42f","sha1":"9082abd204b0295885caadead12564df6b160df3","sha256":"8a37d1f12dd355f610202541aa0339600aef47c849708387f23f4082d54cf345","sha512":"5ee404802d19854b1131a6b7748908176321997ec472619560be9c1e9ebc12a93ed2a7e90d547b26a221fca5552e91c47abdbe5dfd0c6e4a21e1dff828266db3","ssdeep":"6144:MfeL9y0h4R78o8e4YfIALoh6wj9Sd51jjVvFazIRcDGRD6On:MmJy0h4R78o8e4YQ/j9e5xazIFROQ","tlshash":"f3240ac4b274b0b556e59494502b1201f1347c56b00d80e8b6bd9dff7faa88d92eef3a","size":221144,"data":"","first_seen":"2026-03-28T16:05:39.497603Z","last_seen":"2026-03-30T02:15:03.214085Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/FavoriteGamesButton-BN7ZNTW1.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"introduction_type":"scriptElement","is_inline":false,"md5":"ee070841bdc59fe58ba681e48c775f40","sha1":"69c5ae8115f75036bcb492f32d9fcee8bfe38253","sha256":"0db2eb58ebe873397c13f9600cc61bc72eaeac3c761f67e7627247817e8d5c17","sha512":"8f34ba99cbdb74c3b9bf99376385de93bfffa3b15b158b2a34be897822f5409b3399ac89c815dff374813c95d0cd93733f521b8ff42f486b32b149edeae3f7b1","ssdeep":"","tlshash":"2be0a34b9089d2fa2b425a901107c4253536a87cd759d050409915703e75456c54eb7f","size":427,"data":"","first_seen":"2026-03-28T16:05:39.51566Z","last_seen":"2026-03-30T02:15:03.120672Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/Tooltip-BkqUYOAI.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"introduction_type":"importedModule","is_inline":false,"md5":"2f6baf68d45f9ded7ae3b615275fe741","sha1":"993bd246e889e14119e8886442351fc5da510b79","sha256":"12037c07ae730bb15ffddf8a3ce9bc8bfbb5fe313e4d9df2f44bda0ee3997bcb","sha512":"faf6f552ecea99ca67488b5b2be331e25f3dfde4e1761ba402fe60fe63238f80df6fc8f2bd64a6591c2ea290cb118636bae4f5465247310e7333c62f0c4dee47","ssdeep":"","tlshash":"5401f646e032fbf4e17754da142d856d71532a6c7e2f58f0a038058f0ee4984d317b8b","size":820,"data":"","first_seen":"2026-03-28T16:05:39.519258Z","last_seen":"2026-03-30T02:15:03.185913Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtm.js?id=GTM-WL4QZ2GQ\u0026gtm_auth=\u0026gtm_preview=\u0026gtm_cookies_win=x","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.251.143.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"735871e59847a355315f61a4a8d5350c","sha1":"7020d4a05e3cbe1a9eb024c18e7471ee46432a32","sha256":"1f3a47d5c8f38da0283195ffe7d09255abcf0faa6f6fc2a78e3cc6e1ef9d8dd5","sha512":"da7b511a5c0f74714af1f7b0fedd900ec4ac99df7ddc35e5e57b38f154212f57c93d770998b2f779ac8b372e96969f47c282645e88b70d7823f3d93c08f3834e","ssdeep":"6144:FrL5bRuPtxd5hORjaFlrQJlQGXms8WVd1W+rwkQd9DOVe5:FrL5bRuPtxdRlUJlp8IsL","tlshash":"f98419cdb7d6b46643a3a474903f118fb27a28e2b44cd894f085c8d42e746aa1277f7d","size":398357,"data":"","first_seen":"2026-03-30T00:17:55.476495Z","last_seen":"2026-03-30T00:19:06.779792Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.segment.com/analytics.js/v1/lilPWXhBdHIJK2XkMZqV7SFa8UZQZd0D/analytics.min.js","fqdn":"cdn.segment.com","domain":"segment.com","tld":"com"},"ip":{"addr":"3.167.6.134","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"26d5c6e9eb5b8acc5d7f0a4acb0bb17d","sha1":"f28c859ece3ceabce922bbdf6272f9f7e826b783","sha256":"8ee1aaf2ad1cbca21e0581993206ba9ffd736c611beffb7287581a87cab67ff3","sha512":"388bd8e7a24945d1a3db30cd4cc03f006d5222f5b399b6578eaf9f87707fefae25b423aa0657dffd191f980827742165f1cfe7577a899ac63ed728bdd9886ee0","ssdeep":"768:IAObYQP9MBTSbyDRP0aubWc+ZdLyiQL96+hYs17eFCgt/oJBpntD/PN/xd0MpIJ4:TQP9MqMZ+vCBF/g0vmBuNfftrcuk","tlshash":"8fb371c8f6d6f064439764b4803f510bf23eb96e680e8464f266dad26c7899d9133f78","size":108916,"data":"","first_seen":"2026-02-24T14:23:50.976435Z","last_seen":"2026-05-22T17:22:58.310306Z","times_seen":50,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.recaptcha.net/recaptcha/api.js?render=6LcKXcgUAAAAABnErUWDwYMpRiWUfgDhsWTkyPIJ","fqdn":"www.recaptcha.net","domain":"recaptcha.net","tld":"net"},"ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"0a08a33a7d5da8ec425b814535fabcc2","sha1":"c5f1b387efe0bcbbb546a4c6089817b817a8012a","sha256":"7399aad1937c164a29c9e2b1b9aaf60b5ad4ba920cd9707860484cf84c080bf1","sha512":"558ecc819d0a227000423e8aa04bf91b0f028f0c6261d6b07a6957d71e4bffe2567260a613a0106994cc8d6628a76932e78a2b9e8f1d44bc57664e4885c6eef5","ssdeep":"","tlshash":"631132b21a29a0390f320de1e1ffdbb5e442701cf15889d8a515ded42ebecc7ce04945","size":1013,"data":"","first_seen":"2026-03-28T16:05:39.623964Z","last_seen":"2026-03-30T02:15:03.202592Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69967ba6a3b/js/twk-vendor.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"172.66.161.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"3b341e35b39f6195793ecaf5db7c1d63","sha1":"3ef56ed9ac8bfbf5347dc4592653703f59763083","sha256":"548669d6434f5204dca25b9a6f8a02f63301b8c1b58a717b91fec8b6c2918305","sha512":"6b222121b74ffeabd4de7b69f354ad25283d0989376e8e3f6d97f829e28175291eab0a535ca77c22d3f65595250ad9ad3909525c2eb74bf9783f4955c3d7cde2","ssdeep":"768:kURUFvX9zXAfE4dm9+fuDosXRfMySUHM1ONdYO31hY6d/o6cyO4fefHvSAW64F:kURUZXGfzd1uU+8ODY6JORfHBWJF","tlshash":"b483e6dcb295b57117ab20b5417f050bf33a7815a80ac0a4f266f4da7c7848ea06bf7d","size":82913,"data":"","first_seen":"2024-03-08T05:46:53Z","last_seen":"2026-06-08T19:38:41.244294Z","times_seen":58995,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/BetslipButton-DUPz8Rmj.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"introduction_type":"scriptElement","is_inline":false,"md5":"74ac41b2ebf06d37fa7688c50df0f636","sha1":"a6390819255b9d5d2bcf6025eb27d272af06096a","sha256":"ac21f1562a9f1b0a02d4f568f85733632a79cfef2c632693c751ef8c626ff6ae","sha512":"f26f9c951b0fc57f71a4901ec8790519887f7ad72d250fdefe09428800e4345e1223c46b25e792314179a3ddbdfd576aaa942e541f66c60e2217e2a651d30cba","ssdeep":"","tlshash":"eee02bc74948c2fa0746598211068112352659bca241a59180b96da27f78959c49eb7f","size":418,"data":"","first_seen":"2026-03-28T16:05:39.551249Z","last_seen":"2026-03-30T02:15:03.171627Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/CasinoJackpotPools-CM3pNZyw.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"introduction_type":"importedModule","is_inline":false,"md5":"b8be1bcea05cdd8b8f974b23d61fc755","sha1":"a31ce5c8148a19a5728204b4412e3aee2d5882fc","sha256":"992e4328c4dd3f32373bd921d575e92f793590a3d9e16d532ed5f4cd92b97f4c","sha512":"13566cb8c8d9623cc0bc14b7d32fe3b60da33b7acf45688af2e0ff9a32c1f20bf8cfd4ed506d76a94d1c8cfdd53716e4864f449813e3a5bcdcd77a09e3f5564e","ssdeep":"","tlshash":"ab11c08bb02af3f4d88c5ce140a5555b073e2f65f72181c4986c57785b2685af5a87c2","size":881,"data":"","first_seen":"2026-03-28T16:05:39.481039Z","last_seen":"2026-03-30T02:15:03.191923Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/JackpotPoolsWidgetContainer-B5MGOsjJ.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"introduction_type":"scriptElement","is_inline":false,"md5":"e89155f8d22a4bd0cc9caf5be0c603c7","sha1":"6d7a821a62d0168044fa74671b4f1d209e871df2","sha256":"5463e0f0b2083232839cb9323193c1e3181e0ee595ae503b95cbba6852e5c8bd","sha512":"26e46c18b5a47a38a120c5b328703db33f2cdf0fce63a08eb9b4a6c232378de220dbd376cd4361a136cb453f23db36c4aceabefb44d4d4cf69f75449f253c6f7","ssdeep":"96:yq51X/vpTBeLzTGNlTh6YaZmD/+oRtPeYFaORtTzk:95FCMN654moRdrPzk","tlshash":"13819517e01ab3fce89c14a3502f911e367e0bfcd65604e8d0ad04240bbd859f25abda","size":4122,"data":"","first_seen":"2026-03-28T16:05:39.608329Z","last_seen":"2026-03-30T02:15:03.198062Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"crm-lib.fasttrack-solutions.com/lib/js/fasttrack-crm-app.js?v=caaa61a","fqdn":"crm-lib.fasttrack-solutions.com","domain":"fasttrack-solutions.com","tld":"com"},"ip":{"addr":"104.26.5.72","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"c2b96460440b1358a43a511913fcc46a","sha1":"815bc669e0c05413dd3618b44e995de5200098b8","sha256":"6a86bcf9466e23eb5dd702ffae4b53f730cde0c3a160ccfff8afca7169cd7c98","sha512":"64c88dfbdb85e2b328f8e690a4829accddbc943dfe479a4210ddf28c872f5fccedd46f23c525e2653f27d6e3d24aefaac7d9500f8027c0f08ab2be0abbe58d13","ssdeep":"768:HQzjpSkGROiRfEu8T3eSwKo2hWN0Kh4yPaw6ANGp2u+A47WFfVVoO4kC:wHpSbROiVJ88hawKV+A47OVo2C","tlshash":"4773b88db1d2badd4de32021535b3604f23b1974542bd484f7acedd52a28b0be227b6d","size":75107,"data":"","first_seen":"2026-02-12T21:09:52.719393Z","last_seen":"2026-04-14T09:08:05.884309Z","times_seen":63,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"crm-lib.fasttrack-solutions.com/wc/rewards-main.umd.cjs?v=493008","fqdn":"crm-lib.fasttrack-solutions.com","domain":"fasttrack-solutions.com","tld":"com"},"ip":{"addr":"104.26.5.72","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"a7570e482ddf964f60caa6a8f57a1c1e","sha1":"ee33327f4bb6eef06278f27b133482c1827ef75e","sha256":"23fa54fd78d3135fc91f2eb6e218cf6bad6177c7582807d095edc2d4eb03600f","sha512":"a0d8c7aa6833ce29a1d6b3226fbc0d23958098242babc6156a2580a6215acd1bd5da7118620c2c3933c3f8c1a85e484474fa5f49789d75fc0424334d98b533d3","ssdeep":"24576:Ilh8uJBnzlhchoxy763W69ht8kjLs638DymN0+o/CeeDHHnmlhkpNR8ehhg:IlauJBnzluhoxy763W69gkjL/E0+o/CS","tlshash":"3c157d9472567434c37795a260be050c733c5b037406c6a8f2bc99a92fd7c9aa27bb7c","size":957435,"data":"","first_seen":"2026-03-28T16:05:39.59312Z","last_seen":"2026-04-04T19:51:35.140437Z","times_seen":15,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.livechatinc.com/v3.6/customer/action/get_configuration?organization_id=ff83b5d6-c81b-46ff-a19f-41e5f7ea1cdf\u0026version=270.0.2.32.102.113.2.3.2.245.2.9.1\u0026x-region=us-south1\u0026group_id=0\u0026jsonp=__lc_static_config","fqdn":"api.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"2.22.225.83","port":443,"asn":20940,"as":"Akamai International B.V.","country":"France","country_code":"FR"},"introduction_type":"scriptElement","is_inline":false,"md5":"c6d60cf72298743c9419baa95dd2ca39","sha1":"cf9b33d5b4a0b13e53def3896eec5259f2c40b4e","sha256":"18eb89dfc804908dbe280d40a9280bb0e486187062c65a5ea4d436ceb733d300","sha512":"6b1ee75b09600fbd51cad30ca02c53ffd2e0a3822537f5b0d0590742d03dfc87fa51fc316751638415105312edaf1982cd9a6bec90d4aafda1a9104bc788ac5a","ssdeep":"96:80hUsXhUA4hUwhUcaDl3acJEt017gWrZSN+/9YXtJ/xN7QcGIIKTe3+/vCaq:FGsXGA4GwGJD7gSZTqQ1Ih6iKn","tlshash":"18c17426835fc8bbb377925a62cbb70f3108507da5f8593fe464ca7072861c7d202d9a","size":6154,"data":"","first_seen":"2026-03-30T00:17:55.497933Z","last_seen":"2026-03-30T02:15:03.223599Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.recaptcha.net/recaptcha/api2/anchor?ar=1\u0026k=6LcKXcgUAAAAABnErUWDwYMpRiWUfgDhsWTkyPIJ\u0026co=aHR0cHM6Ly9nYWxsYWJldDEwNjYuY29tOjQ0Mw..\u0026hl=en\u0026v=79clEdOi5xQbrrpL2L8kGmK3\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=30000\u0026cb=d0lzo1o10o6f","fqdn":"www.recaptcha.net","domain":"recaptcha.net","tld":"net"},"ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"6fe0c1a0967cdfde62cd8e8ffc5ee2e9","sha1":"b0c3136e2d6ae7f2154db3d8b50aa4bf6ae7c699","sha256":"dafd47d1e2ef38f16311e1c65ccd00f295b114be77fcdb2a262b7b8877871d7a","sha512":"4172f04318e85fc1af9dd197de96c7700b1449381aeafabebe2aab08207f97007a8aaa063856301f25b41d8d448b0c561ae1c34fd0084e38e06af2506de42619","ssdeep":"","tlshash":"857000882c0c2000022a32a8088b000c80aa000000803808008023c00e3080a0022c2a","size":22,"data":"","first_seen":"2026-03-22T07:58:52.496649Z","last_seen":"2026-03-31T18:16:21.307576Z","times_seen":1563,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69967ba6a3b/js/twk-app.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"172.66.161.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"e736e189edb5d0d9d5b8e7f23dd9114a","sha1":"bcabee193f13756fa9154fc492fe420c47140343","sha256":"13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd","sha512":"ea972884c185633ea238bdacea6ac9da0e0e92f88588cd85c214514c3597bc7d811c4dc4cd35b671dd2db97179bedceb38bd5d200abb9653fbcaeac2ca6ec7b5","ssdeep":"","tlshash":"a0c080ac1496fc9c1674154a8377f54a5cd510108055141015d851a11311546560c54d","size":151,"data":"","first_seen":"2023-03-07T01:02:46Z","last_seen":"2026-06-08T19:38:41.312264Z","times_seen":85508,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69967ba6a3b/js/twk-chunk-vendors.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"172.66.161.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"b057293b718ae7060a9acc593ff83f67","sha1":"991ec4ae783d59b4ae91113a0ecb5e6b21d19d45","sha256":"39d3bf235a12d663f4c2564a4d0311e4c902370219bdf1c4b81d2d1698dae888","sha512":"61865e60d018bd21ca9c737aeb975e8f52b0d0fa74128720cd03fb59f7766362efc8d84b06def39558f302b15d1bb39e44dde7cf0a840d62cdcaec6932df4f52","ssdeep":"3072:NTX1gABPVhOj6y1ekyYadM/9LJQMoZmVodXsJ5Ar6VKkOPmx/:FGABPVhO5wdKJCMo4VJ5Ar6kOx/","tlshash":"11644bc8f183b0b606e7a1a5009f5207737a151968ed8498f574dee968e8e5c633bf3c","size":324696,"data":"","first_seen":"2026-02-19T03:13:10.628072Z","last_seen":"2026-04-21T03:41:36.073067Z","times_seen":12668,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"galabet.winwingames.io/","fqdn":"galabet.winwingames.io","domain":"winwingames.io","tld":"io"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"8d894772cc8ebc08c554e305272fb743","sha1":"9630696cfb8fb02d834b6c2d590ebecc9e4c1971","sha256":"8822f04d16fcc6ebe390ead32df5d08238c7c383f466f401ebd9d235d32f434f","sha512":"20c22c322a8e6d0cee22113e4bdef0fd06e8b21ab65665bf648a3dcbe3857fad121cce2043bc46551247f2f88af76efcbc8f3ba5053a820439d0383342fa0728","ssdeep":"","tlshash":"5e511f3506b31521036b206c3babe316b23ad2433548f5457e9d93015f45f79d9b2bde","size":2492,"data":"","first_seen":"2026-02-24T14:23:51.4869Z","last_seen":"2026-06-03T04:20:32.028973Z","times_seen":60,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/if-defined-CWaLTnLW.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"introduction_type":"importedModule","is_inline":false,"md5":"a3b110c47aadc250e8c08286a3927c90","sha1":"dc2412f014870a6cdd5d3fe64734a12372b2e66c","sha256":"ff1673476716b35b4481265e15bbbf19e034f23574e163b4f79ab7e39ee93d55","sha512":"a4b3491b2b16d7c8346d302b6c57643dfd39947c2bd5292310d2f86940fd9980430abd20062b49151f9417afc5d133f9056f0da838e0afe5e1c0b3b561b5580e","ssdeep":"1536:vMetjKG9nc1EM27QiZmqog9o/LxGRbVkT68QEC07G8:v5UZg9o/LxGRbVkT68Qup","tlshash":"203308d472d671a243d386e5843b001bf3753824382d846cba2de9dbbd35a4691bbf39","size":53241,"data":"","first_seen":"2025-06-12T05:59:20.504038Z","last_seen":"2026-06-06T21:30:11.633829Z","times_seen":639,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/ButtonWithAction-Bt3bVpTR.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"introduction_type":"scriptElement","is_inline":false,"md5":"7006a69511abcd67d8bd4d8fcd8c5ee4","sha1":"9fd487e57197cdf3f17612558acd7656742fe4cc","sha256":"f9d6b3b2bf48775f8aca0fe5b06e1701518e6257d9bcf41a9cfa9fc708153c2a","sha512":"6faa14f50166468de40c9c94ad65e0ff29640421114bd6366528c52795306cb71b18efa0cd4a1d604bbf5a9b5db9435fb609e761afcbf218d5c07b3cc356004b","ssdeep":"","tlshash":"52d0958f1441d2f603c5aa90511b811239255d60e7948451c04815b03f35d5dc15e737","size":267,"data":"","first_seen":"2026-03-28T16:05:39.486745Z","last_seen":"2026-03-30T02:15:03.121373Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/index-DYyHkwV5.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"introduction_type":"importedModule","is_inline":false,"md5":"3e83cea06fda45c90db6e4e35eb20af9","sha1":"24e06585d12b98ac68e8a63298a284dbfc0c0a9c","sha256":"400c23c5ceee90af147ddfd42b46d0ffee514aa71fc98c4812de54dd376d5863","sha512":"069c52fc64e764eb382c5897264df04a30d57f2af3f3477f2fd73b9d87d01508bd541b2471f18288a967fc14f764396ab196ce72b5597695f6c12744e4a8b5f9","ssdeep":"96:91SCtCFV0h7FhpokS73sjlsv2InwLRiTvHUgAaQKFJ0FdWpA6u6PEDdxrOq+IHWE:E0ljijHvN0FdIuSEDdxP+Vj8Eu","tlshash":"c9c1a65631907534c6d204a6914f42aeee3e7638f00f50a0b23f9c6d3ba1515caa3ebe","size":5948,"data":"","first_seen":"2026-03-28T16:05:39.536639Z","last_seen":"2026-03-30T02:15:03.173183Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/useNotificationsProvider-MUlWkG-w.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"introduction_type":"importedModule","is_inline":false,"md5":"eb992915ad7eb98f91d9d97accb0d0e2","sha1":"19075558dd18365a517f77536198bbcaebebff51","sha256":"c3e7a828f7f806e9743f7f728b72d6404c06e0106d2ef38b118102ee26fa13f7","sha512":"62e575156c52d9151978f1a3d3faffde78050f3feb1e3f175787572c823751a49cd95094bcf81e5b86d4782edce9fd847059a2f0d74456630c1984b4d8022649","ssdeep":"","tlshash":"04b01213044013f0210108dc11194c290e340c3c33428aa06030029815e4089c30ea12","size":92,"data":"","first_seen":"2026-03-28T16:05:39.387326Z","last_seen":"2026-03-30T02:15:03.178022Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/Odometer-CVaM43ag.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"introduction_type":"importedModule","is_inline":false,"md5":"7ce0493e80abab5b502971adf63e2c5e","sha1":"945900a6c23af06d10ee9ee97b3532c7d34603be","sha256":"1f330e0f505666aeda740fec841089b5efb4cba906b2c8c6e5875e4a7bc7fb02","sha512":"ba03da5413f32a34f119078a3a4d1c30367cf37abb950fb8cbace215ac90ced02f7a8f939c5155cf02b5c92f099d8ca9650dfd09019b33d8f94f57e4d574e6d8","ssdeep":"192:Hd7+NJtQaM1S0KCL529Xskmkjm6H/I7kauLPH7BNeSYpkYxSBrC7TlFa4PFD:kVQaM19K0khm6m6H/LPyFtUhkNPZ","tlshash":"3d622a897922723443a3b2a055bb4609773f5d6a3809405db67caeda7e32c09d12bff1","size":15624,"data":"","first_seen":"2026-03-28T16:05:39.445042Z","last_seen":"2026-03-30T02:15:03.137514Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69967ba6a3b/js/twk-chunk-common.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"172.66.161.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"d9deabdd1848c34f3ab46722f446c153","sha1":"ca3efc8a6fe26ae3556374b113dda96032edd201","sha256":"6a583970080e55cee4ced2fc7d5e5de94283f0e6eea428a50219b8e343ff0890","sha512":"d260841afedfa06bc864b92b64cf3bd1a323b2de447ce38cb1499cc6fccfab0da309a76814b6cfb20fae85fb5707fc72fec9996b64bfa31703445d6a933daa3c","ssdeep":"3072:I4MYggYqWzhT9dyWFW1Wn+fM4fOrcErQYIMPdLMz9o115:kyWFW1W+fM4fFkBLMz9215","tlshash":"7e34c69df186b47606a37130501f320af23a685ab45ac494f636d8e1bd789cea133f7d","size":240941,"data":"","first_seen":"2026-02-19T03:13:10.643204Z","last_seen":"2026-04-15T01:21:42.632515Z","times_seen":11130,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/___vite-browser-external_commonjs-proxy-C-V_74Qv.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"introduction_type":"importedModule","is_inline":false,"md5":"bcdd2299304276bd8102d55b18afba70","sha1":"dd91109a1e97d1b89b2c5425b9bc71134990f3f4","sha256":"47b3f6446d936b20a76a2f4db59aae540ee5f59c3becac560f5c86b7de445a8b","sha512":"ca7c4e86bf14573c3691da6d053e9c9235191c7f3dd49956f98c200128bb70c1afaf1fc7ce7dde54c658b8c63f8eb691d3ca37dfca2cbcc556cc0296d568d585","ssdeep":"","tlshash":"c5c080491a94dcb052471d8286159403d58c4d6d73f4f5e0fb088d71020558b62b8f57","size":178,"data":"","first_seen":"2026-03-28T16:05:39.52126Z","last_seen":"2026-03-30T02:15:03.147521Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/GoogleAnalyticsTracking-XfS-t3v-.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"introduction_type":"scriptElement","is_inline":false,"md5":"6778172e064a8f5e326ca0e9470a5158","sha1":"9a8eba429c0550c36497f3be65f5d43bf1984794","sha256":"1f1614773c7d90ad19e37324462180bd8efe2952be950c3f5d62ca68c9067e39","sha512":"8db856e9fff27df937c2d60cd22d95f3cb98ad2fa89976c297ffdce075647b52c06d32d98273ee35ee63033387343d06acce4a069972974827eefdc2e44cab25","ssdeep":"192:HWYceR0SE+m/CTb3bHXCT76hoxGE0VK7D6L7kBNrnPWh52Lz2PM7mBE:2YcoE/CzCIEP3Byy2PdBE","tlshash":"3852b55c32adb0b682df6054487f720bf1755910a458f480a265edf46ef8caf02abf36","size":13704,"data":"","first_seen":"2026-03-28T16:05:39.414374Z","last_seen":"2026-03-30T02:15:03.148843Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/AiPromotedGamesWidget-Cb_R6mvW.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"introduction_type":"scriptElement","is_inline":false,"md5":"35044149492f3c3abdc71d6907e863c7","sha1":"015287d44698eef8e6c1973c473635ce225b4492","sha256":"4e8f0db79c7336cafddaefda0cd64290e9aa4fb7b7ac2c430ecbd857b8d01965","sha512":"f37f242eadbb8f64af1f8123243a99234d4155fdc20530f945700bb310fd993f702c80dc739d1c5f0b6d7739c0a16df5599fe2cab89a65bd4b69f77551e2b4b5","ssdeep":"","tlshash":"9b41632b700dca7cf3ac06a49294f34165113b7dd755a0e8baee1901732809d63bdf80","size":2051,"data":"","first_seen":"2026-03-28T16:05:39.538557Z","last_seen":"2026-03-30T02:15:03.205962Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/useJackpot-D3CfHg5h.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"introduction_type":"importedModule","is_inline":false,"md5":"2f35f1b682fcc0133730fc13d994d982","sha1":"826d9de5db427fb33d003cb07ce064006d770455","sha256":"cbf704512cfd9422e0d3971b7462ec032c8ea726f7210201147934c832ea8f69","sha512":"d25cceab0749d0952121e522d15436ec05e6947888ebe01f5f8d71ef1195156fd17a625b0691d246911efa23f05f0514e115e6cc7f9c21ea2d527d80c77f7d7b","ssdeep":"","tlshash":"9721e045c059e5f8f5cd8cb10167972a2b3c3f797440a0a0e0ba5ebd57ace45b6a0b93","size":1419,"data":"","first_seen":"2026-03-28T16:05:39.405107Z","last_seen":"2026-03-30T02:15:03.166974Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/HorizontalSportsList-BPz81vbO.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"introduction_type":"importedModule","is_inline":false,"md5":"1f88a219cf0ebc5b46874e3a383aa7b2","sha1":"054a2668a82b8b2b113bac60a5e9762a187078ce","sha256":"e6f7b2217e27a9951b16e1fa5f46ba8901f4c7c35a071960756151442c5747f5","sha512":"b1a49bf38ce729459fa7180f26c0bcac1e91aed1f1eb7d20454f2161e828b6b1e28c6ff2d7b8861f13c4f4558172edebbe2f9ea6be44908c71cfb150e1ca81f8","ssdeep":"","tlshash":"2fe02bc198629ef46a1a88efa95c24847162087cef176660e29492581f7408bf76914e","size":422,"data":"","first_seen":"2026-03-28T16:05:39.424659Z","last_seen":"2026-03-30T02:15:03.179737Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/getLiveGameAdditionalInfo-X6I7keVs.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"introduction_type":"importedModule","is_inline":false,"md5":"1fe279b3908651bd999d78e09f81fa92","sha1":"ca7d181aec7e24bf88071628e38a5937559bd49e","sha256":"1c5e1bafe5d307297e9378e140676f593441bdbc68d4dc48db0b90652cf1cb8b","sha512":"0797f7005dccb782502173de5777b13fca3fcaa66332f418bd392a931dde6bd3e26ab1ce243ec3317948e54c52c36c1453636b2f0e514450a58640148b416ae1","ssdeep":"","tlshash":"332114b6606e93bba5c9499456b01b31a2b5ba05380445ccbb3cca191877884a7e2039","size":1150,"data":"","first_seen":"2026-03-28T16:05:39.642086Z","last_seen":"2026-03-30T02:15:03.125629Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/TabItem-BG99olJy.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"introduction_type":"importedModule","is_inline":false,"md5":"e3376ee9a88dd7571d01ed83a52b1575","sha1":"2066be5294b4919fb893a0d08e2e0877f49204d2","sha256":"a18382c584c849316565066c6d9c15135cbd26c13d422af3efd32bd1547682c8","sha512":"d177f55d9d5724b20d061bf15994345f058b742a78c7ca5ec65c8e7ed4a4ab3abfd78d16dd663bbe7431765dd637bd30ef57bbffd4979d78c8c1b80ffa90d260","ssdeep":"","tlshash":"03e02b42a020f3f5982b44d6d26e94c732260ddcda5688e6f0a22050072e521f74ff8e","size":413,"data":"","first_seen":"2026-03-28T16:05:39.471795Z","last_seen":"2026-03-30T02:15:03.16973Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/InternalDataspotTracking-MyZPPxux.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"introduction_type":"scriptElement","is_inline":false,"md5":"ed14a2790ee1c276644b889ed243b8d4","sha1":"c55a07355a5a25719e40399b0ca5a0989986c8ef","sha256":"8ad6149846eceeb7f576f4ebb7f81b99a23a686d8f161adb23b9f5211ebb03b3","sha512":"00b2511fa9650848035436540fa8026ebb90b8515ca3f3b8e310380ebe46a9260e92016708ad775944764e64c588e196f8076c29ec107a41dd957c8185d21f69","ssdeep":"","tlshash":"1b81851fd83c0471706489ce5877a9a7c5ad3c8951c0c8f060379eaa661ee05d6f5ed7","size":4089,"data":"","first_seen":"2026-03-28T16:05:39.570301Z","last_seen":"2026-03-30T02:15:03.184301Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/LiveChatInc-BKOBRr3D.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"introduction_type":"scriptElement","is_inline":false,"md5":"b756d4d1f92e579f1317bf579d849632","sha1":"9876b01235bf8f476b8779d222942d73e10d6df0","sha256":"2509fd9b431b75989acc83f49124dddde3690706feb30f2d747f446832919e1b","sha512":"9ab55631d639d1e6304b524665aa04838e15174e3accb35d92a4273327cfc92e158e97c3e0562338280fa52de60b3cc69c64616caec229e811057bf695bf7387","ssdeep":"","tlshash":"b25133eec43cb4b092ae67d1323f7b5f711a571a94008d31656c4b1af62e4cbc463aca","size":2920,"data":"","first_seen":"2026-03-28T16:05:39.498935Z","last_seen":"2026-03-30T02:15:03.209908Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/HorizontalNavigationListItem-D4fpIAXB.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"introduction_type":"importedModule","is_inline":false,"md5":"6b6c589ea06049b9b4c2579de1d2aa6f","sha1":"b11c8148c2e0aa3f9e8b84929ad22e35ebf57bbc","sha256":"aaef91c5ebf80a33c429637fc110ff141a03743e4b1159164c89722e18ed32f3","sha512":"3c199fefc80ac38b2bb02e33cac5808290be539349510f1cd55844bbe3a15f4b84d32551a37b37631d73c17c99c07099629c8564435f007342b17c878b9d0a20","ssdeep":"","tlshash":"f901ce12f004dbbc9a2b48dc9b4e6045b2564affdf382ce1b4f4a0011a384467a47fce","size":835,"data":"","first_seen":"2026-03-28T16:05:39.434356Z","last_seen":"2026-03-30T02:15:03.133318Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/tr/","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"73b8b49b4f5dd8adfdee877cd58546f0","sha1":"9f41caaee4b514ed017a6258c4a2166e6df5fad8","sha256":"b8ac084bd8c078db89ea019d31398c712a77cf27480be3b2aaaf7754615679ad","sha512":"b0dc33f21d8d930095dd34608c4cd501b4cecd139e1854fb636bb4e0d1722b22bda57425ebaf257860fc364a6ed9935865d391026a55c36bd7cbad695321d11e","ssdeep":"","tlshash":"6e4120b937867cb200f96633d6af771734f5d071d4018c10272adc896ab9d6a41a7c6d","size":2178,"data":"","first_seen":"2025-12-24T22:39:16.422871Z","last_seen":"2026-05-22T17:22:58.334241Z","times_seen":51,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"my.rtmark.net/p.js?f=sync\u0026lr=1\u0026partner=139a886e39fc38c92e86d82c241e5af2bdde29b6844bc7ddeb0c099f62648e4a","fqdn":"my.rtmark.net","domain":"rtmark.net","tld":"net"},"ip":{"addr":"104.18.41.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"cebc7667967e601f02df39ba19712d86","sha1":"c7d3677008d76115cc41ba1b734aad112c743dbf","sha256":"089867e58a1de5998b0d74b779119d8a30fe54616ea3ce76063a5530163febea","sha512":"80a26888852e4a15ef49580494958b710628b404f4026c5b218daa918280b24a8f2fcc698ac49ee66c6e9b91954c54f5f296abfd4645d71cc32c83d4ba199378","ssdeep":"","tlshash":"2b01c07d5b86312454f634906b2bbb4a743b12be5c535808848d0414a3a8bafa21add8","size":697,"data":"","first_seen":"2025-12-24T22:39:16.348988Z","last_seen":"2026-05-22T17:22:58.055376Z","times_seen":51,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.recaptcha.net/recaptcha/api2/anchor?ar=1\u0026k=6LcKXcgUAAAAABnErUWDwYMpRiWUfgDhsWTkyPIJ\u0026co=aHR0cHM6Ly9nYWxsYWJldDEwNjYuY29tOjQ0Mw..\u0026hl=en\u0026v=79clEdOi5xQbrrpL2L8kGmK3\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=30000\u0026cb=d0lzo1o10o6f","fqdn":"www.recaptcha.net","domain":"recaptcha.net","tld":"net"},"ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"497770a2ab62f2aa5e9a92139301634d","sha1":"49c10647ffe35e24f84f743006f162ff0fe16399","sha256":"0663d282ac18b3e9d3e81725926a5310e5cae5e6954873f09b7ee193136fb5e4","sha512":"94a5141ed28656c5873a486aebfdda52790c8517426987bf905bf3c44163a25932ab17ac498215ddbea8e0e9887a8dabe6ed80acc950c993bdc61ecf977724b9","ssdeep":"","tlshash":"06a001b2053584208e6299509553bac4e187605dfd81819470265a89f3e15e7d144940","size":72,"data":"","first_seen":"2023-03-07T01:11:36Z","last_seen":"2026-06-08T17:59:10.479713Z","times_seen":25040,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/__inject.js?v=1774829636362","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"introduction_type":"scriptElement","is_inline":false,"md5":"947f072fdf604c0d61ed77fa7932c765","sha1":"9bcab1be38b498c7dc213174606cf8b1c89275fa","sha256":"56e606eb900514d4c134bbdb17e6585ec187ddcd949d8747159874b8078e6ce1","sha512":"659e5233ce8b0661a91ec76127779a3a4ce7f894ea10bf70f8adad58ea14902bac674fc9fd8221e49d6834771d2019269eec04a6704bd9eb68f681b9513b6147","ssdeep":"1536:oQtg8nVFTFcFuFZruVNZQrwGvP/0RriCU0xA:oHtbACS","tlshash":"c773a7487ef261b2577ba2ae278bb240753240031006ee517fec87146fc6a6dc576bde","size":75019,"data":"","first_seen":"2026-03-30T00:17:55.484698Z","last_seen":"2026-03-30T02:15:03.151694Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/LiveChatAdviser-CdPTlBD4.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"introduction_type":"scriptElement","is_inline":false,"md5":"72dd7751d5241be75f878b8c2b8aed80","sha1":"ade144e50220fc8e86732a888516353c8bce4f95","sha256":"ee6723aededa76aafd64e561d0a2eb63a9bebe33b909815e5a36aceaf44da3c4","sha512":"87c9153c186438336b5718602a0ab46103346b48a12fecb6b04d25b7206307cc87ad41a8b893f27fa11fa021e23b5f1b4ece55199066db3cf96fd267225a33bc","ssdeep":"","tlshash":"29112fd6b0c2a3fd6667148dd79a6043300a4fa4c22d0dba807b15a01a2ce09a34efd4","size":862,"data":"","first_seen":"2026-03-28T16:05:39.554024Z","last_seen":"2026-03-30T02:15:03.185401Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/FastTrackTracking-sSvnyG2s.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"introduction_type":"scriptElement","is_inline":false,"md5":"e9270e8ad7d9ea7366da998ab93ec1dd","sha1":"6ca908f04af2efd653db88be74b056c44966e5ca","sha256":"e4b2bc99d3a76fd43d49399a1eb7aa909ba62d7092203f95c0ca06444107205b","sha512":"7eac93d0925219e4b626f1dab4918692c02c76d318b327572473ca8c11b7bbedba9179b68e71f8593fa316fe179555e690c896e11a27cccd2a35794f2d0c5011","ssdeep":"","tlshash":"3921534e50d543a478804e8da3d7a261a57e5971711ec4e1f0770bbd2e0ca6983dac97","size":1322,"data":"","first_seen":"2026-03-28T16:05:39.606783Z","last_seen":"2026-03-30T02:15:03.265615Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"crm-lib.fasttrack-solutions.com/lib/js/fasttrack-crm-chunk-vendors.js?v=caaa61a","fqdn":"crm-lib.fasttrack-solutions.com","domain":"fasttrack-solutions.com","tld":"com"},"ip":{"addr":"104.26.5.72","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"a2363889186e23777b4b704661794f3d","sha1":"7f50ba76565cbebe1ce54ed6e30f3794fee96554","sha256":"f71def488c2fb369e417b84e2088a8c9c21a59a3d1dffe4a43f4dad196460b8c","sha512":"4fb51fd523149c9cb04134a77d41461736a1e832dbd48af01a71d47843a56fed5a4474275e8752a2460c3cd7203bbbe9fb897a4c027d81a6b446973169d3eea4","ssdeep":"12288:xF7gB5EvtEvEEvtEvud6Bg1qgn+w7b7EqGDeuPLK3c8WsIJS8oqIpCFaFIpSAJyO:xGBzd6BgJn+wT8ZI3I5Z7y+","tlshash":"688533582a6bf3849409d0d7f9373d84c59ed19aa44764d24fb24bf31bb2352eaacd03","size":1831195,"data":"","first_seen":"2025-03-04T03:23:02.060485Z","last_seen":"2026-04-13T13:13:58.719874Z","times_seen":95,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/tr/","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"f6f941adb2ce1c3c336f01b65e00b5b9","sha1":"225bb5c32199edc5a116b0b6108c4e5308b28e58","sha256":"3131d130bcb57e9c2593c009769729464af0ba726b8821274bcd76e44e283f56","sha512":"995db58cf4462f52c3f124666f58d5ad9725f77b17342864521087a05333bc53a776ce1c8d2d194b5c5880ee09b72f31aeb536258aec48b96a4de62adcc013d3","ssdeep":"","tlshash":"9011147d3ce76848d60e9bfa356f978d20b7b8155d40cd90c189c498a555fc800a5bbc","size":926,"data":"","first_seen":"2026-03-07T12:53:25.05797Z","last_seen":"2026-05-22T17:22:58.364344Z","times_seen":45,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gstatic.com/recaptcha/releases/79clEdOi5xQbrrpL2L8kGmK3/recaptcha__en.js","fqdn":"www.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.67","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"b55b90c630ad899c694dc42582979708","sha1":"f08949879387eb8dd6553c8b0c548c701b5f0db9","sha256":"eb297967f5005eb95dfb369ff9f780a436a67144be372260b6f86f6fe37b917f","sha512":"eb9945688c1c7a4847df769bd9072f9f3be532c697c1b11185b48345162ab6a22c7ac2b8a251c9835e81ad8a8b155d67f0885a1986908cd69b3f9370f5a030d3","ssdeep":"12288:Epo+RhFDORIh355fBjbFOsAi6dhTOLtl5dlV3EZm9eyVbI:UhFDsIZ55fBjbFwZItXB3EZAhbI","tlshash":"ea053bd879127be16372b4f510673009736da826d88c086df6a5d8f02eb194d70f6ebb","size":870412,"data":"","first_seen":"2026-03-26T03:15:38.916554Z","last_seen":"2026-06-05T22:00:02.856876Z","times_seen":11772,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.recaptcha.net/recaptcha/api2/anchor?ar=1\u0026k=6LcKXcgUAAAAABnErUWDwYMpRiWUfgDhsWTkyPIJ\u0026co=aHR0cHM6Ly9nYWxsYWJldDEwNjYuY29tOjQ0Mw..\u0026hl=en\u0026v=79clEdOi5xQbrrpL2L8kGmK3\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=30000\u0026cb=d0lzo1o10o6f","fqdn":"www.recaptcha.net","domain":"recaptcha.net","tld":"net"},"ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"49499a7d9add7e38a07df4457e9979a9","sha1":"22d37da3d04f204bc4b8dc7dc19261ffaf5f5783","sha256":"289898c3238128dff0d4b2852bb844f42df9e5feac3ced22da0fc9b08c6e779b","sha512":"93fb64dcaad977dcfa3045ba1649eb0706a618126a4c7f905b9dd836079267a419305d2548a00406fc9f5462fc0e757bdeabc53a5b7da689c3ff817097b0cbac","ssdeep":"","tlshash":"3fa0220c2a00a0ae003023b23a0b000b203300022800af008080238003a038e3002e03","size":64,"data":"","first_seen":"2026-03-22T07:58:52.49501Z","last_seen":"2026-03-31T18:16:21.353595Z","times_seen":1561,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69967ba6a3b/js/twk-runtime.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"172.66.161.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"0beffdc96a1a1b35b5ce2759d6d1d51a","sha1":"8d9d42c92a1d18382b66ee353d3b81b8641ced00","sha256":"e27dcd41e84265874a28c43fa5780e5ddabc8cae4fa0d010d0ca18360e704389","sha512":"6c5f688f184fa65416108e0f6af9947e741b70ccce5053b318e8ed64858d9ccd6e6b2f905103bb3871e540ecfb7a85efb0503c539bb4545d6975c34aa58dc090","ssdeep":"","tlshash":"7f4183d936e8f9b6434318a1043f9016f6352976097be4c0531dd4f5bc78849815afb6","size":2306,"data":"","first_seen":"2026-02-19T03:13:10.681687Z","last_seen":"2026-04-15T01:21:42.763559Z","times_seen":11136,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69967ba6a3b/js/twk-chunk-2d224aff.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"172.66.161.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"87f83aeea14051d9edd97ec3dd41fa0e","sha1":"8649c359a630d1c55eb268ff051d5a284ef7587e","sha256":"38a072ee28e39fadd2153244a3f0a48df473ce7d8dfe16e2f2fcbe5d9cd0bc6f","sha512":"c56e03220951ba738fa2f29bec6d02b1de5ca769f1f41c39ff3f12334b16d0a82db78487c4e4cfcd8fdfaddf4af6b923c725af335346028224efa849bc140eca","ssdeep":"384:jqiSR0nIa0kIrCQl2kL3kCrGN//h6LiJq:SzP2DZSLi8","tlshash":"37822ba6f149311bc925c750605f2228b33b19a9fa1ece7df2745cf245a8cc2906af3d","size":18392,"data":"","first_seen":"2026-02-19T03:13:10.613764Z","last_seen":"2026-04-15T01:21:42.807167Z","times_seen":8478,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/events-iw1xtyOD.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"introduction_type":"importedModule","is_inline":false,"md5":"bd3f1fd12c3c34313631fb65d0efa876","sha1":"46e031b82501ed2d258cf2325277447e4b6053a9","sha256":"64889c65b6786afa069c8fddebc1703aa0d53a80c284cbbc7bb20e5061e33599","sha512":"38e3ec4a3d2164f9516ec56556ac4ca1b231b8e0c25ed030097a7c4cc38b6129c989ab4b5015c35ee6b9da912a2015a50b4c94a0d4428816dc18bf2155f0f10e","ssdeep":"96:4d9bkM29yWHs9qYfoJCOoRLRlqSpbDq6v3WZHbK3hMSNPaVqsVqH:43IM2sWMtBq6n3PzH","tlshash":"14c144ccb38574b013e7d3abb07f520bf135a598740c5108b61aecf9696bd9e4126b78","size":6141,"data":"","first_seen":"2026-03-28T16:05:39.523388Z","last_seen":"2026-03-30T02:15:03.162556Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/GameSuggestedEventsWidget-DCblnLbG.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"introduction_type":"importedModule","is_inline":false,"md5":"af99640f3bfb5eb0aae27e266b2a56df","sha1":"860039db87c5018f2b8d6c77f36dfd8d9eda2055","sha256":"1a4514f20b327bca4a1dc3c97de218ae6aec303716e506012da8422b31ead621","sha512":"ef5405cee32413c6d7d8b3e9a7b77f3c438b9a481fb8608e848770a05dbd1004c4a0d8df59566176120f8dbf95508b6c4f0a89814b0d711b3f3f9f94cbed2089","ssdeep":"","tlshash":"2571d74ae014aa39a13741d82baf311914363278b54353c1b63fca7127e11927b5bbdf","size":3726,"data":"","first_seen":"2026-03-28T16:05:39.512335Z","last_seen":"2026-03-30T02:15:03.192503Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"crm-lib.fasttrack-solutions.com/loader/fasttrack-crm.js","fqdn":"crm-lib.fasttrack-solutions.com","domain":"fasttrack-solutions.com","tld":"com"},"ip":{"addr":"104.26.5.72","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"0e62b669f80928b5dac9ece193256095","sha1":"a04e0c32df6e15dd5621258cdab16ca08361d27a","sha256":"cd306f0e4ea334dc0a9ab35e3e6c3c73a34876b8d8be27330916196042a1437d","sha512":"930f28be027cbe059bedfe820c6920d8668380c8aef844a15c140de8e907d2be6c5eb38470f0809709bf8d2d0cffd411c61a92a1fb1592503d59e24ff8350cc0","ssdeep":"192:/XKuPlMK5EbbbCUuUD7Z4ac2tMOx5YemndU25i5ObHwxaf6pedviiA:vKEiw8nbxDt4atx5Ye4ymr//A","tlshash":"e5e10e5c29f394610a93351f033be125f3b6e533221eec41b9dc8968af54667caa7d88","size":6791,"data":"","first_seen":"2026-02-12T21:09:52.600201Z","last_seen":"2026-04-14T09:08:05.84184Z","times_seen":66,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/tr/","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"3166d5139ebca4976a7df164026ff20d","sha1":"d7405b66cf00d1db4dc3140d6b1c63bca60fe4a0","sha256":"b297727d234af0837389b8bcaa1e72f4d0b62cfc126a4b9bb76201c5a52755ad","sha512":"ae0db71fd045eb0b103fd15902be9eb9a72763fc8494c7eec08ec13288bb0a46f320674f46a6467ba33f3869d3c388f15a83342bbf86aa38ef1810ed930d046c","ssdeep":"","tlshash":"4390024d71877261454126ed546a1016d3354480561c0113a7010081389814e42a5b8e","size":52,"data":"","first_seen":"2025-08-01T02:35:18.735752Z","last_seen":"2026-05-22T17:22:58.325768Z","times_seen":64,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gstatic.com/recaptcha/releases/79clEdOi5xQbrrpL2L8kGmK3/recaptcha__en.js","fqdn":"www.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.67","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"b55b90c630ad899c694dc42582979708","sha1":"f08949879387eb8dd6553c8b0c548c701b5f0db9","sha256":"eb297967f5005eb95dfb369ff9f780a436a67144be372260b6f86f6fe37b917f","sha512":"eb9945688c1c7a4847df769bd9072f9f3be532c697c1b11185b48345162ab6a22c7ac2b8a251c9835e81ad8a8b155d67f0885a1986908cd69b3f9370f5a030d3","ssdeep":"12288:Epo+RhFDORIh355fBjbFOsAi6dhTOLtl5dlV3EZm9eyVbI:UhFDsIZ55fBjbFwZItXB3EZAhbI","tlshash":"ea053bd879127be16372b4f510673009736da826d88c086df6a5d8f02eb194d70f6ebb","size":870412,"data":"","first_seen":"2026-03-26T03:15:38.916554Z","last_seen":"2026-06-05T22:00:02.856876Z","times_seen":11772,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.recaptcha.net/recaptcha/api2/anchor?ar=1\u0026k=6LcKXcgUAAAAABnErUWDwYMpRiWUfgDhsWTkyPIJ\u0026co=aHR0cHM6Ly9nYWxsYWJldDEwNjYuY29tOjQ0Mw..\u0026hl=en\u0026v=79clEdOi5xQbrrpL2L8kGmK3\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=30000\u0026cb=d0lzo1o10o6f","fqdn":"www.recaptcha.net","domain":"recaptcha.net","tld":"net"},"ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"12a10b90a1172ff1672f92f3c2f33c5b","sha1":"71f5814c2013424327e9f310096b5a4a6545955f","sha256":"7ab9983510d384dd5a2ef25e6eb33f3f05134969156ec38ea85f72c550586868","sha512":"a4b82b52af723b52a94a0cd1dfc16fe0f2bf1fb0f55617c853bad8074670a02be606f030da2b9224197de5dd7e858d26df47f3dea62393ff95fd6625ef149f54","ssdeep":"","tlshash":"4a7000882c0c2000022a32a8088b000800aa00000000b800008023c00e30c2a8022c2a","size":22,"data":"","first_seen":"2026-03-22T07:58:52.501955Z","last_seen":"2026-03-31T18:16:21.295485Z","times_seen":1562,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69967ba6a3b/js/twk-main.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"172.66.161.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"da5bb1dc647470204df0e49f5afac2de","sha1":"f5cbf596ca5e4fe208e4c55af6e45b71f9febbe8","sha256":"705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c","sha512":"d9c0eda8c93df421f8147960ff4b00f8eacd8791b8386b020f04d0478c6b7a4328767a82b52b8cfbb7c3a44cb55cec488c2d1008670bee709d67d8bdbd887c39","ssdeep":"","tlshash":"d4b09b6c1057f86955e8064ed3b7f65d1d961050811104301658a1753321143c61c55b","size":121,"data":"","first_seen":"2023-03-07T01:02:45Z","last_seen":"2026-06-08T19:38:41.30349Z","times_seen":85467,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/index-BW_ti3FS.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"introduction_type":"importedModule","is_inline":false,"md5":"2dd75fcad69ad5f5c2f546ad21dbd00a","sha1":"4bc77ab23906a3469604cf8cb86c8ff28565818d","sha256":"51469018a1994e685c695564b1b189995059786ac932f9d3babf2fb06cc400df","sha512":"45c33a2ff69129346d028e14bc3e2bfdb757445cf03e60e3048501a6b007a4ee55aab58bb82c45bff5c5c17271afab127e4134abf856dfa8cbfda861f98a7298","ssdeep":"384:hkMci40qXFFnJImIjE3QEuAOY2E0/JqNPR3OUFxmZ1d33PdEkBcxJG:hkMci408FFnJrIjE3D/OY2E0xqpc1NK4","tlshash":"55820ad0e2b4f7a602e85adc80392074f2248c28343dd0f1b6b6edea74664cac56dd37","size":18027,"data":"","first_seen":"2026-03-28T16:05:39.578625Z","last_seen":"2026-03-30T02:15:03.22647Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/SystemBetCalculatorContainer-BXahpv9w.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"introduction_type":"scriptElement","is_inline":false,"md5":"929928ab8a7615f346915b4f66c5040b","sha1":"986652a2ddd432b98c533931b225a789fc4eebed","sha256":"5873d309db53f9e5c74a0dd19ee024520a969055ae6cc6b31f8d114b26069f64","sha512":"7b08a6721acd51c7d73e5867534a5f740e838ba1e62701f26f8feaa34ada76d5582f2379b9f0c82c2f373c7177cd824e4598d900eadb9af69be501caf1b4d21d","ssdeep":"","tlshash":"ee11ef275754ce74888e0ba2094664650cf507185a09f628f6b44c38e018483c3ebffb","size":888,"data":"","first_seen":"2026-03-28T16:05:39.45624Z","last_seen":"2026-03-30T02:15:03.166439Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/useOpenLiveChat-ouw1dXXi.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"introduction_type":"importedModule","is_inline":false,"md5":"5ed14b0ee49217c54464d186f0ee1dcd","sha1":"99d34f8f4399ad1c3659c5208d9553eb45b41623","sha256":"4946c8527ecfafc0f5fb9252c65cbc03495e63453e4d83d763d0519727253ef9","sha512":"c99c121d3adf186d95e8a1bd515548c3f5b65a33b34be9203f3bd377e2ce3a756490597a98781cfc9096813ac19f25c3e768a7701367e7752e188cf43a606647","ssdeep":"","tlshash":"bef0e1db42948e7cc1c0cfc1515fe5f46b381aa4700dd841b83f2cd95824c0443bada7","size":583,"data":"","first_seen":"2026-03-28T16:05:39.420314Z","last_seen":"2026-03-30T02:15:03.163796Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/index-BPfjku9q.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"introduction_type":"scriptElement","is_inline":false,"md5":"398568143e29b91d01a39cb130b59bf4","sha1":"9277291996539a016f25fe8b6375816110a4de6f","sha256":"1ebb7de2c487c9cac381d172e2f976282ffee405357432cb4d33c82ced2c3a86","sha512":"a233095558707aac2418e3d7b692523b8bb9af5e7c480c1f0c72d425bf41abcc9a8b676af86cb605977e92ff9a00cd0c28c6755d0de0d9a1928a5266c13c2125","ssdeep":"","tlshash":"d55151c7a042e7f4bfe708e6429b10b074374d5cfe1b44a092be58964958752e35bf4d","size":2923,"data":"","first_seen":"2026-03-28T16:05:39.532641Z","last_seen":"2026-03-30T02:15:03.14624Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/tr/","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"5ab5194607d8db08f9abe85264322389","sha1":"105aa6a7c0d330d097cc7c9f6989d8223f23adf1","sha256":"3728c769109ca09c38155c787c6e13da31835fc34bfc842f7415f3d3eca691c2","sha512":"c48df33aa42a930e98ce83dcaf1dc59293d777ed22f746eb7ea8e299fe1622aec1f07ee914f18decfd1b998bcb691f84f58a5219a5e5ec1c230f9db6a331de8d","ssdeep":"","tlshash":"6ae0a31d1c1eb46227b419a8e237895530d5130529462655cb87d4543971cc554c6a4c","size":423,"data":"","first_seen":"2025-12-24T22:39:16.410899Z","last_seen":"2026-05-22T17:22:58.329852Z","times_seen":51,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-2CT6DSEQTF\u0026cx=c\u0026gtm=4e63p1","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.251.143.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"fbcdc00d7bc715339ecfb7e871199d83","sha1":"be72eff8839fc4c2a288bd3bf80fcb5a01b76e09","sha256":"9b0afb32e79782c6ec25c784ed165a07197aa02a14189de74e031a06da5c183a","sha512":"c59ec6e08d5f91e1cf343a405f4f13816a4c348127bc0fd7d46e58fee8a5c8333815a15410221dfbbfd7c953b5674cda5f274f6cd3616e679bc5cedfa018da2b","ssdeep":"6144:dCORjaFCE9VJlQGXHIzs8WVP1W+rwkQdqQtYTc0HdZgQ0:CCEfJlbIY8CmOp0","tlshash":"cea40aceb3d674625296e478903f01cba57b29e2b44cc8a5f189cce02e7465a4277f7c","size":464718,"data":"","first_seen":"2026-03-30T00:17:55.465615Z","last_seen":"2026-03-30T00:19:06.732068Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.recaptcha.net/recaptcha/api2/anchor?ar=1\u0026k=6LcKXcgUAAAAABnErUWDwYMpRiWUfgDhsWTkyPIJ\u0026co=aHR0cHM6Ly9nYWxsYWJldDEwNjYuY29tOjQ0Mw..\u0026hl=en\u0026v=79clEdOi5xQbrrpL2L8kGmK3\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=30000\u0026cb=d0lzo1o10o6f","fqdn":"www.recaptcha.net","domain":"recaptcha.net","tld":"net"},"ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"f3d0be269f4815de9c126e3bbffb1716","sha1":"22f4e45d3dea6b1a00e31b03803f3d917a54758c","sha256":"ce0a4a072411011cc414683270605e2a23740c493394cc3d551f0c3e60cb234a","sha512":"db470a651b477ad1bd1a99dba8f8143a7e98e0385121c90377a0e97bc5a93d8e5c058f3d88fe56dedb86ea1158b540c1e9bea0e347aa0da944800f4db276eeb5","ssdeep":"1536:8TrQ1UcwvTI9HmLiUjFZcGFjMA5BWUBiYR35P0EDRJpEoLgvjmfo8qfLqhwC/:oJsHKZJZc+kUhp5P0SRz0n8qzqhwC/","tlshash":"5b73cf26e703709bdebf8f411af577ed133ea11618a306dd12ab10c21679fd6a22d1c8","size":77138,"data":"","first_seen":"2026-03-30T00:19:06.845276Z","last_seen":"2026-03-30T00:19:06.845276Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69967ba6a3b/js/twk-chunk-3ea2c7ce.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"172.66.161.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"52698c6dc96b5f2bd13e8f921334e398","sha1":"eb0adbc44ebc73775c5cca0a3851e8a6510d360c","sha256":"37527b07ac54a4567d7e23bde1edfde8ed74c4f30402c96fb56f4c0020c6af42","sha512":"032e41ececcfc651f34c235d15953baacb81e7cfaf492dd919c7fca2a7c49d507ae4a60710064c5419df70eb581254058dffbf1d0d4c53ef47d87bce4e036524","ssdeep":"96:60WlCWYW5rugkENQdx0hZUASzpqrcHZ73abT3Qlgjm6i5cCEsK7oGuyGwDf/2/5N:XBTW5qgNQdAR7c573abF8cCEsK72/5N","tlshash":"b5b11982b251b4668ab5380045cf6f07b07baf4f5d09cd50d783e4a3b230c5a9667e8c","size":5504,"data":"","first_seen":"2025-11-13T12:40:48.559139Z","last_seen":"2026-06-08T19:38:41.225388Z","times_seen":36113,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/withPanelButton-Bpxwaf69.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"introduction_type":"importedModule","is_inline":false,"md5":"89b6a48fe47185ce4f5c4a33a071c6ad","sha1":"cdfe3c0981e99a2492dbd43ffdc9f5b58f422cae","sha256":"e11eeacaa70afd147e464e1ad09ec130270a1344f5db3f218a6e426cef596ad4","sha512":"0fd698127b2bbf6d6fb73fcfe475cc0d2f8b26c1b87f62c9d2af7bbf1861166fc822fee14ef4868e742bbb1ce5eda186245bf4c4ecae6cd3325c6b886f640844","ssdeep":"","tlshash":"311112e4f5c4a9b1f0c41188577b2cb2759e32c9dce114d031b6c8ea5fe80489a5e9af","size":1089,"data":"","first_seen":"2026-03-28T16:05:39.510646Z","last_seen":"2026-03-30T02:15:03.139335Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/FeaturedGames-DfIwIlXg.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"introduction_type":"scriptElement","is_inline":false,"md5":"99db3268cd7badcfabce503c52da9e23","sha1":"5474ec4eeaacf7747f68f574e190877f17da50c2","sha256":"0c58e6cce6014652c4494c1df481a6231c4235c5c902173681fb94b23d6e91ff","sha512":"6e372a9360b0a38e63d407c556979ec31610924cf35cf7be380343c8c46f10c5e43746a33223a5a2eaf4264f0d521d0a2b72d437d58512fe7bdaea85fb3a1ced","ssdeep":"192:0JY/13fNH4EwDlNKyYE3406hcMO/zHwL4BflCayjae:qkVH4NNPYE34XhASaCV","tlshash":"6ff1fa0ae011ba7de53b49e7b57e6104f57a06d4e7150880d07e2e2919ea306733ff8b","size":7902,"data":"","first_seen":"2026-03-28T16:05:39.50794Z","last_seen":"2026-03-30T02:15:03.177503Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.recaptcha.net/recaptcha/api2/anchor?ar=1\u0026k=6LcKXcgUAAAAABnErUWDwYMpRiWUfgDhsWTkyPIJ\u0026co=aHR0cHM6Ly9nYWxsYWJldDEwNjYuY29tOjQ0Mw..\u0026hl=en\u0026v=79clEdOi5xQbrrpL2L8kGmK3\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=30000\u0026cb=d0lzo1o10o6f","fqdn":"www.recaptcha.net","domain":"recaptcha.net","tld":"net"},"ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"5ea7938a752b254513b19e7cb6db0cce","sha1":"3f052dee3d4921640a71957ce3d7e7a7c5669c36","sha256":"dc88cc9c9e0556e0ef68e6038ecc84133aea8b10160b111d876a921604b8471b","sha512":"5a23f2dffdb0b49c96361893864577c9af417394c7c707a1c9f33332a28a629c8996b9b3cafb99538d56f138cb489f7503bb95cd53e8c00b56a48d6de83b90fa","ssdeep":"384:9ybgL1Lu6AoiWu7MvePQW7nuScsjKtAplZ4v6naeuMLRja2uXF/QZ16:96gL16Xoi77geI8nuScsPpgYaeWHXtQ6","tlshash":"00a2d9d87662f03952b270f4553f151ee2fa2d62680c28acf050c6d57eb098ea16ff5b","size":22004,"data":"","first_seen":"2026-03-22T07:58:52.503343Z","last_seen":"2026-03-31T18:16:21.341878Z","times_seen":1556,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"gallabet1066.com/assets/if-defined-CWaLTnLW.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.074Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/if-defined-CWaLTnLW.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/assets/index-DnlcLyxn.js\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"cff9-3CQS8BSHCmzdXT/mRzShI3Ky5mw\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":53241,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (18566)","md5":"a3b110c47aadc250e8c08286a3927c90","sha1":"dc2412f014870a6cdd5d3fe64734a12372b2e66c","sha256":"ff1673476716b35b4481265e15bbbf19e034f23574e163b4f79ab7e39ee93d55","sha512":"a4b3491b2b16d7c8346d302b6c57643dfd39947c2bd5292310d2f86940fd9980430abd20062b49151f9417afc5d133f9056f0da838e0afe5e1c0b3b561b5580e","ssdeep":"1536:vMetjKG9nc1EM27QiZmqog9o/LxGRbVkT68QEC07G8:v5UZg9o/LxGRbVkT68Qup","tlshash":"203308d472d671a243d386e5843b001bf3753824382d846cba2de9dbbd35a4691bbf39","first_seen":"2025-06-12T05:59:20.504038Z","last_seen":"2026-06-06T21:30:11.633829Z","times_seen":639,"resource_available":true,"data":null}},"time_used":32,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":32,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1063.com/storage/medias/galabet10/content_751_da7fd2aef093b5a314e87feff05fa24f.webp","fqdn":"icons.galabet1063.com","domain":"galabet1063.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:13.840Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1063.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:15:23 GMT","end":"Sun, 24 May 2026 11:15:19 GMT"},"fingerprint":{"sha1":"C4:6E:C1:0C:2A:88:F4:C7:0A:FC:21:E6:85:92:C0:68:80:2C:FB:17","sha256":"91:A1:28:71:34:B4:38:04:7E:56:1B:F2:5E:81:57:F5:65:0C:43:12:65:B7:83:86:E2:32:BC:61:62:00:6E:8C"}}},"request":{"raw":"GET /storage/medias/galabet10/content_751_da7fd2aef093b5a314e87feff05fa24f.webp HTTP/1.1\r\nHost: icons.galabet1063.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 30 Mar 2026 00:18:13 GMT\r\ncontent-type: image/webp\r\ncontent-length: 171720\r\nserver: cloudflare\r\nlast-modified: Mon, 12 Jan 2026 11:40:42 GMT\r\npriority: u=4,i=?0\r\netag: \"6964ddba-29ec8\"\r\nexpires: Mon, 06 Apr 2026 00:16:51 GMT\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\naccept-ranges: bytes\r\nage: 82\r\ncf-cache-status: HIT\r\nset-cookie: __cf_bm=pDN1x.iWMZ7Lx81pLh5bwLqUTK2Ik0OoBvjyF9npufY-1774829893.839848-1.0.1.1-moNDHnUqIi0OStN6N2lRYkNrexLvgrmrWEIwPJzwHb9aE4J9y6gHcKRzULbzYCqwp2bkOfEqXer_Jv5sJfuo9sn.9_3tV7dN0vkcDNNrLSgV5DcXH6MGihrNKdGqvu3w; HttpOnly; Secure; Path=/; Domain=galabet1063.com; Expires=Mon, 30 Mar 2026 00:48:13 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hVK1kv5OEcO1EIQhCmqnLiJUSeikytvCeMetgvRdqCaznr%2FeFvpUoVm8UbTay1SkO5i5xr%2BItfk0AZrOrbavCPsrew9A53Xs4nzuP80U440Hm47ATwXcp35rIZlUTNmWjq%2BDTTvWWLo%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e42ef947c855687-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":171720,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 2600x662, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"b0c680206c6f282a6f4f994192ee1a43","sha1":"eaf6c28680e13d5bf73e2ff38d9f5f28666f4871","sha256":"75f43f766d9a1135e66165ad40166cbf2e1a0a4bb6af172e4f7b8332010e9c63","sha512":"d166a6622f7e4b4705fed6d16d5e709a8a817c2551cafe1bc416767e87243fc3532026e36002bd246675a297626e5f7e58312251fbcafe5f69af73d025c9f4d4","ssdeep":"3072:jfTZ2uE+qjIx7QSBP0TWj8bgHPc5nim8E5qHUkygY3/XROvehWKWosKi6S2P47:jf4cuGuwagErFzBBOv2g+9/P47","tlshash":"dbf32349560adb782c417d902ef46d8713b61f0b03b883559db892482988defed7a3fd","first_seen":"2026-03-28T21:46:03.130554Z","last_seen":"2026-04-03T20:51:16.104827Z","times_seen":5,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/BetslipButton-DUPz8Rmj.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:07.495Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/BetslipButton-DUPz8Rmj.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gallabet1066.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:07 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"1a2-pjkIGSVbnV0rz2Al6yfScq8GCWo\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":418,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (417)","md5":"74ac41b2ebf06d37fa7688c50df0f636","sha1":"a6390819255b9d5d2bcf6025eb27d272af06096a","sha256":"ac21f1562a9f1b0a02d4f568f85733632a79cfef2c632693c751ef8c626ff6ae","sha512":"f26f9c951b0fc57f71a4901ec8790519887f7ad72d250fdefe09428800e4345e1223c46b25e792314179a3ddbdfd576aaa942e541f66c60e2217e2a651d30cba","ssdeep":"","tlshash":"eee02bc74948c2fa0746598211068112352659bca241a59180b96da27f78959c49eb7f","first_seen":"2026-03-28T16:05:39.551249Z","last_seen":"2026-03-30T02:15:03.171627Z","times_seen":8,"resource_available":true,"data":null}},"time_used":30,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":30,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/Odometer.Dtmtuu8d.css","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.079Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/Odometer.Dtmtuu8d.css HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/tr/\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"ac6-Ca9TICZiffJinxqYoEnujFAZRjE\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":2758,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2757)","md5":"e60bd0b6b84d162ff84ef731b11ed036","sha1":"09af532026627df2629f1a98a049ee8c50194631","sha256":"8d2a9d2617a60055e91c6b16f4cabd14851836edec7bf90fc8760e1d31a39df3","sha512":"a85638b5f89d49c50da5f9dc0cfaceec033c45f524a51bbf266fe9cf67f9ce63ef157745964b9ab7c1811f8e2f2d2c5d6348efebe6818d6fa5beb8291e36c725","ssdeep":"","tlshash":"2451e1154f910364633a7906b5c81b51bfece5415223c58e7329a447cf83db9e398e1b","first_seen":"2025-05-18T15:21:59.195484Z","last_seen":"2026-06-07T06:35:51.628424Z","times_seen":250,"resource_available":false,"data":null}},"time_used":32,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":32,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/CasinoJackpot-RsiXUbiX.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.089Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/CasinoJackpot-RsiXUbiX.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gallabet1066.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"3803-nvP7ZpXI3jhi7vtqhbF6CmzFBRA\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":14339,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (14338)","md5":"53a0885d32acbcda504a24d95c4dfb26","sha1":"9ef3fb6695c8de3862eefb6a85b17a0a6cc50510","sha256":"ab8a43e82cb7803d2beac172aad50c08063613c2d5567d3212871248c8ec6eed","sha512":"f37e92ed0c8c2b712c67a4fab882b90a929392a36599c01ef35c1eac7d1c8dc2fff4c7590dca78a6b2884c292aafdafd8658f85019185e830acda44cd240a768","ssdeep":"384:eam6srKqqF3EjFOFEGOpOpeHMtGRxeG/PcyKxV6TSPFFWB:xmB7CEGOpyts/UofB","tlshash":"00525c05f012b7edbca954f7487ee0297a5e1aa9c71808bcd1bd6c313d2c855760b7ac","first_seen":"2026-03-28T16:05:39.433214Z","last_seen":"2026-03-30T02:15:03.140279Z","times_seen":8,"resource_available":true,"data":null}},"time_used":42,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":42,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/gameDataProcessing-D5qIumMX.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.093Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/gameDataProcessing-D5qIumMX.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gallabet1066.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"436a-Ekl59pd5p0CRsQ/5jlUehPF7QPY\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":17258,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (17257)","md5":"eb755f0c5aa5f4eec5a299d8ba09bfff","sha1":"124979f69779a74091b10ff98e551e84f17b40f6","sha256":"f7fa2ba43cf9df83777b3dcfb9479f5b276f866290d7e59bc423baf77be3e78b","sha512":"160bd3c6c8d004140373e06a4531eef8a800487da0ec8b1426d32bf01f7526bdc105e2931deea2cbcb47bbaca0ea8ce89f27f097d1c07f9740b344fbf20b7ef5","ssdeep":"384:8wphrrZxhxlVz12awqhvTXDsB4Pzenac0aw5K4A1nV:8CptXDe8QiAX1nV","tlshash":"8d72750b8a024c12c97e4639c0aa15f1b9781b32e8b8cdd51a655c7afb5fa5b31e173c","first_seen":"2026-03-28T16:05:39.564915Z","last_seen":"2026-03-30T02:15:03.146789Z","times_seen":8,"resource_available":true,"data":null}},"time_used":43,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":43,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/__proxy-cms-api/api/public/v1/tur/casino/partners/751/platforms/0/games?limit=12","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.103Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /__proxy-cms-api/api/public/v1/tur/casino/partners/751/platforms/0/games?limit=12 HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/tr/\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 1386\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS\r\naccess-control-allow-headers: X-Requested-With,Content-Type,Origin,Accept,Accept-Encoding,Accept-Response\r\ncf-ray: 9e42ef709c2b9723-AMS\r\ncontent-encoding: br\r\ncache-control: max-age=600\r\nvary: Accept-Encoding\r\ncf-cache-status: DYNAMIC\r\nset-cookie: __cf_bm=VB7vBea0UFaApGzU8PN4B8rZwZlm7K0sN1hgQKovBJ8-1774829888-1.0.1.1-M1FTaS7EyFGGdaZ.MDXrXTICBE1hkrgqgxtLPKkCuj5wFHu0E9mGPW1b6FkXDpWssYZ6a1Bd1lKPDkn5plQe.2Ix7dKSXYX6s9kwt50.09o; path=/; expires=Mon, 30-Mar-26 00:48:08 GMT; domain=.betcoapps.com; HttpOnly; Secure; SameSite=None\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":6292,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"83ef43018498adba51526ce7b5baf3ff","sha1":"9afe4d9134f70b929576460df8436f91feed9970","sha256":"f159acaf856bb9d349442ab8758b29cea5dec374ac7d441b079f59eec701fd92","sha512":"76c3c16806ffce6ebc4f72ddf16bc5a48853215fa8b4cb52e9ebcdec84566e1763168b5a700d70e88f16c199248861f472b006ea6e4d303f7b0a02b11769cc03","ssdeep":"192:E4FvaNhHJFvvPvhheioxlI7K51U1BblEIoa1wx7i1sdjZFCCI:N+P13hlOZswq9mNO","tlshash":"a5d1de4a4d34f7efbb49094174533d0c987e57d26b89bd60cd4ada4a20e90f622322df","first_seen":"2026-03-28T16:05:39.566215Z","last_seen":"2026-03-30T02:15:03.182809Z","times_seen":8,"resource_available":false,"data":null}},"time_used":77,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":77,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.livechatinc.com/v3.6/customer/action/get_configuration?organization_id=ff83b5d6-c81b-46ff-a19f-41e5f7ea1cdf\u0026version=270.0.2.32.102.113.2.3.2.245.2.9.1\u0026x-region=us-south1\u0026group_id=0\u0026jsonp=__lc_static_config","fqdn":"api.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"2.22.225.83","port":443,"asn":20940,"as":"Akamai International B.V.","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:09.882Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"livechat.com","organization":"LIVECHAT, INC."},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 11 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"66:A3:6F:A0:92:9E:A2:01:91:16:68:AA:27:A9:41:28:FC:25:27:68","sha256":"03:FC:5A:F6:F7:06:15:5B:0F:31:DB:6C:4E:D7:E4:1B:69:80:1F:C3:5A:E3:85:5A:FF:8D:22:81:92:ED:25:2F"}}},"request":{"raw":"GET /v3.6/customer/action/get_configuration?organization_id=ff83b5d6-c81b-46ff-a19f-41e5f7ea1cdf\u0026version=270.0.2.32.102.113.2.3.2.245.2.9.1\u0026x-region=us-south1\u0026group_id=0\u0026jsonp=__lc_static_config HTTP/1.1\r\nHost: api.livechatinc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=UTF-8\r\ncross-origin-resource-policy: cross-origin\r\nvary: Accept-Encoding\r\ncontent-length: 1866\r\ncache-control: public, max-age=600\r\nexpires: Mon, 30 Mar 2026 00:28:10 GMT\r\ndate: Mon, 30 Mar 2026 00:18:10 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6154,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Unicode text, UTF-8 text, with very long lines (6121), with no line terminators","md5":"c6d60cf72298743c9419baa95dd2ca39","sha1":"cf9b33d5b4a0b13e53def3896eec5259f2c40b4e","sha256":"18eb89dfc804908dbe280d40a9280bb0e486187062c65a5ea4d436ceb733d300","sha512":"6b1ee75b09600fbd51cad30ca02c53ffd2e0a3822537f5b0d0590742d03dfc87fa51fc316751638415105312edaf1982cd9a6bec90d4aafda1a9104bc788ac5a","ssdeep":"96:80hUsXhUA4hUwhUcaDl3acJEt017gWrZSN+/9YXtJ/xN7QcGIIKTe3+/vCaq:FGsXGA4GwGJD7gSZTqQ1Ih6iKn","tlshash":"18c17426835fc8bbb377925a62cbb70f3108507da5f8593fe464ca7072861c7d202d9a","first_seen":"2026-03-30T00:17:55.497933Z","last_seen":"2026-03-30T02:15:03.223599Z","times_seen":3,"resource_available":true,"data":null}},"time_used":185,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":185,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gstatic.com/recaptcha/releases/79clEdOi5xQbrrpL2L8kGmK3/styles__ltr.css","fqdn":"www.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.67","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.recaptcha.net/recaptcha/api2/anchor?ar=1\u0026k=6LcKXcgUAAAAABnErUWDwYMpRiWUfgDhsWTkyPIJ\u0026co=aHR0cHM6Ly9nYWxsYWJldDEwNjYuY29tOjQ0Mw..\u0026hl=en\u0026v=79clEdOi5xQbrrpL2L8kGmK3\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=30000\u0026cb=d0lzo1o10o6f","date":"2026-03-30T00:18:14.577Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 09 Mar 2026 08:37:46 GMT","end":"Mon, 01 Jun 2026 08:37:45 GMT"},"fingerprint":{"sha1":"CE:A8:F5:0E:2D:25:9E:74:0C:47:4D:6C:AD:DF:7B:FC:CE:E6:41:7D","sha256":"E1:06:81:F7:22:E3:29:2F:2A:B9:4C:3F:37:46:25:24:5B:C8:B5:7F:9C:3E:54:A2:D2:DD:E0:54:C0:09:12:C1"}}},"request":{"raw":"GET /recaptcha/releases/79clEdOi5xQbrrpL2L8kGmK3/styles__ltr.css HTTP/1.1\r\nHost: www.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.recaptcha.net/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha-scs\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"recaptcha-scs\"\r\nreport-to: {\"group\":\"recaptcha-scs\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/recaptcha-scs\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 42575\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sun, 29 Mar 2026 22:33:11 GMT\r\nexpires: Mon, 29 Mar 2027 22:33:11 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Mon, 23 Mar 2026 04:01:54 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\nage: 6303\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":83366,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"24ab119daca047e256b1ef36d6a0ec02","sha1":"4bd663653b55f8448c6c58c02b28851c41f64a4c","sha256":"952367c39542f1f7a7444b1d38c94fb932299aa63315ba204e71448695bd11c2","sha512":"97bea09c2fecf0111048194cb47b59d35968bcff1a34877bfe7344b157461ca1d84fa7119a1c7cac7a85c709a9e2289338cf8f26a76fe10d523dffd3c952742b","ssdeep":"1536:h7Rpgh9C9ToL9gTNfWNfK4RxrDldthXwW5l1Dx7:h7ArC9ULiTYNC4RhLX1","tlshash":"27838e7338913a1afc278b616196bdfdf21cc923e5515bfaa5497a20c3cb0978213747","first_seen":"2026-03-26T03:15:39.037579Z","last_seen":"2026-05-30T17:30:22.949701Z","times_seen":10417,"resource_available":false,"data":null}},"time_used":73,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":30,"receive":43,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/fonts/default/Roboto.woff2?v=366","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:05.183Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /fonts/default/Roboto.woff2?v=366 HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/assets/index.B9_sFxRT.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:05 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 64248\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"faf8-1a8G5XndX0APgDtOJLwQIHQLC4o\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":64248,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 64248, version 2.0","md5":"b65b078c2f62cb030e8faa332896afec","sha1":"d5af06e579dd5f400f803b4e24bc1020740b0b8a","sha256":"594544184c059f885e1499c36a4147c3d3b41ce4f50252ac245a3a5faea6c72f","sha512":"34c06275b329ac62dddd6eb3981ef47d022d4e841c6a2659b9c648e77caf58277c91d1aa1b1bc432cbaccf9e3a7c89e67a3f41c940637942e692c90db9d910e1","ssdeep":"1536:T4FysiYyiqM4dWrgU2Tx5hpx1/VjrHS+92eTa:T4FyPY+rEATHH/xye2","tlshash":"df5301e2be45d926afc2dbeca3bd561c210eddbd2480d11717d5eaa002c1dbaf07c252","first_seen":"2023-04-17T11:05:44Z","last_seen":"2026-06-06T23:43:56.100029Z","times_seen":2788,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69967ba6a3b/js/twk-chunk-common.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"172.66.161.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:05.626Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 06 Mar 2026 09:33:33 GMT","end":"Thu, 04 Jun 2026 10:33:27 GMT"},"fingerprint":{"sha1":"F0:6C:DC:32:63:CD:34:E3:15:CD:7F:77:F5:A3:64:E0:9B:36:95:83","sha256":"B6:7F:6E:A3:69:3E:0D:3B:04:3E:8B:65:86:7E:1D:5F:82:84:18:16:8D:AD:72:D5:51:E3:46:BC:BD:CD:BC:38"}}},"request":{"raw":"GET /_s/v4/app/69967ba6a3b/js/twk-chunk-common.js HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://gallabet1066.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 30 Mar 2026 00:18:05 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Thu, 19 Feb 2026 02:56:35 GMT\r\netag: W/\"d9deabdd1848c34f3ab46722f446c153\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\nage: 82\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nx-content-type-options: nosniff\r\ncf-ray: 9e42ef61297d3181-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":240941,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65458)","md5":"d9deabdd1848c34f3ab46722f446c153","sha1":"ca3efc8a6fe26ae3556374b113dda96032edd201","sha256":"6a583970080e55cee4ced2fc7d5e5de94283f0e6eea428a50219b8e343ff0890","sha512":"d260841afedfa06bc864b92b64cf3bd1a323b2de447ce38cb1499cc6fccfab0da309a76814b6cfb20fae85fb5707fc72fec9996b64bfa31703445d6a933daa3c","ssdeep":"3072:I4MYggYqWzhT9dyWFW1Wn+fM4fOrcErQYIMPdLMz9o115:kyWFW1W+fM4fFkBLMz9215","tlshash":"7e34c69df186b47606a37130501f320af23a685ab45ac494f636d8e1bd789cea133f7d","first_seen":"2026-02-19T03:13:10.643204Z","last_seen":"2026-04-15T01:21:42.632515Z","times_seen":11130,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/CasinoJackpot-RsiXUbiX.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.488Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/CasinoJackpot-RsiXUbiX.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/assets/JackpotPoolsWidgetContainer-B5MGOsjJ.js\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"3803-nvP7ZpXI3jhi7vtqhbF6CmzFBRA\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":14339,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (14338)","md5":"53a0885d32acbcda504a24d95c4dfb26","sha1":"9ef3fb6695c8de3862eefb6a85b17a0a6cc50510","sha256":"ab8a43e82cb7803d2beac172aad50c08063613c2d5567d3212871248c8ec6eed","sha512":"f37e92ed0c8c2b712c67a4fab882b90a929392a36599c01ef35c1eac7d1c8dc2fff4c7590dca78a6b2884c292aafdafd8658f85019185e830acda44cd240a768","ssdeep":"384:eam6srKqqF3EjFOFEGOpOpeHMtGRxeG/PcyKxV6TSPFFWB:xmB7CEGOpyts/UofB","tlshash":"00525c05f012b7edbca954f7487ee0297a5e1aa9c71808bcd1bd6c313d2c855760b7ac","first_seen":"2026-03-28T16:05:39.433214Z","last_seen":"2026-03-30T02:15:03.140279Z","times_seen":8,"resource_available":true,"data":null}},"time_used":35,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":35,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Lato:400,700,900","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.251.38.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:09.417Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 09 Mar 2026 08:37:40 GMT","end":"Mon, 01 Jun 2026 08:37:39 GMT"},"fingerprint":{"sha1":"5F:99:6E:26:2A:3A:DA:FF:7F:0D:EE:C5:8B:2A:01:AE:28:26:AD:C4","sha256":"2B:88:E7:79:70:E5:E9:DE:0E:A9:0A:B8:F1:F5:C6:D6:10:77:F0:C9:0F:E6:2A:13:A3:D6:08:F9:89:A3:60:E8"}}},"request":{"raw":"GET /css?family=Lato:400,700,900 HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://crm-lib.fasttrack-solutions.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Mon, 30 Mar 2026 00:18:09 GMT\r\ndate: Mon, 30 Mar 2026 00:18:09 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2338,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"ae317c913d9f17e384174fcac1e95f49","sha1":"97048ceeff296795e17fc282e38d26d44fce8bad","sha256":"0250efe84de4fea78b47bed1e3367687b72cbad25fa556879acfd9adf33f6b24","sha512":"3be7c2d8b49c8ecfd8fbe46e0e57aec92fe696894da6243f6b9f0052461f28eaff9b6974068276cde565287efe54a8a16379b21a522dfaaad925fa38215bfcc5","ssdeep":"","tlshash":"ee41ce92096fb908db830cc212c97d32ef0f625064499935afff14d8bca7d699362b0d","first_seen":"2025-09-17T17:57:20.126253Z","last_seen":"2026-06-08T09:49:50.571001Z","times_seen":7396,"resource_available":false,"data":null}},"time_used":218,"timings":{"blocked":97,"dns":1,"connect":8,"send":0,"wait":21,"receive":0,"ssl":88},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69967ba6a3b/js/twk-runtime.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"172.66.161.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:05.628Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 06 Mar 2026 09:33:33 GMT","end":"Thu, 04 Jun 2026 10:33:27 GMT"},"fingerprint":{"sha1":"F0:6C:DC:32:63:CD:34:E3:15:CD:7F:77:F5:A3:64:E0:9B:36:95:83","sha256":"B6:7F:6E:A3:69:3E:0D:3B:04:3E:8B:65:86:7E:1D:5F:82:84:18:16:8D:AD:72:D5:51:E3:46:BC:BD:CD:BC:38"}}},"request":{"raw":"GET /_s/v4/app/69967ba6a3b/js/twk-runtime.js HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://gallabet1066.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 30 Mar 2026 00:18:05 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Thu, 19 Feb 2026 02:56:35 GMT\r\netag: W/\"0beffdc96a1a1b35b5ce2759d6d1d51a\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\nage: 82\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nx-content-type-options: nosniff\r\ncf-ray: 9e42ef6129803181-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2306,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (2306), with no line terminators","md5":"0beffdc96a1a1b35b5ce2759d6d1d51a","sha1":"8d9d42c92a1d18382b66ee353d3b81b8641ced00","sha256":"e27dcd41e84265874a28c43fa5780e5ddabc8cae4fa0d010d0ca18360e704389","sha512":"6c5f688f184fa65416108e0f6af9947e741b70ccce5053b318e8ed64858d9ccd6e6b2f905103bb3871e540ecfb7a85efb0503c539bb4545d6975c34aa58dc090","ssdeep":"","tlshash":"7f4183d936e8f9b6434318a1043f9016f6352976097be4c0531dd4f5bc78849815afb6","first_seen":"2026-02-19T03:13:10.681687Z","last_seen":"2026-04-15T01:21:42.763559Z","times_seen":11136,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/if-defined-CWaLTnLW.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:07.107Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/if-defined-CWaLTnLW.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gallabet1066.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:07 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"cff9-3CQS8BSHCmzdXT/mRzShI3Ky5mw\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":53241,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (18566)","md5":"a3b110c47aadc250e8c08286a3927c90","sha1":"dc2412f014870a6cdd5d3fe64734a12372b2e66c","sha256":"ff1673476716b35b4481265e15bbbf19e034f23574e163b4f79ab7e39ee93d55","sha512":"a4b3491b2b16d7c8346d302b6c57643dfd39947c2bd5292310d2f86940fd9980430abd20062b49151f9417afc5d133f9056f0da838e0afe5e1c0b3b561b5580e","ssdeep":"1536:vMetjKG9nc1EM27QiZmqog9o/LxGRbVkT68QEC07G8:v5UZg9o/LxGRbVkT68Qup","tlshash":"203308d472d671a243d386e5843b001bf3753824382d846cba2de9dbbd35a4691bbf39","first_seen":"2025-06-12T05:59:20.504038Z","last_seen":"2026-06-06T21:30:11.633829Z","times_seen":639,"resource_available":true,"data":null}},"time_used":68,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":68,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/__proxy-cms-media/storage/medias/galabet10/media_751_d95c491056861c55d9808002ec3083fb.png","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.070Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /__proxy-cms-media/storage/medias/galabet10/media_751_d95c491056861c55d9808002ec3083fb.png HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/tr/\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: image/png\r\ncontent-length: 2125\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: Content-Type\r\ncache-control: public, max-age=315360000\r\ncf-ray: 9e42ef70990b9fd0-AMS\r\nlast-modified: Thu, 14 Dec 2023 08:21:59 GMT\r\netag: \"657abb27-84d\"\r\nexpires: Thu, 27 Mar 2036 00:18:08 GMT\r\ncf-cache-status: HIT\r\nage: 48225\r\naccept-ranges: bytes\r\nset-cookie: __cf_bm=pFAhY19rdVo9GHY6RlHkVZumcz64TtW5WroWN2.y2q4-1774829888-1.0.1.1-s43ckHKnkKbtUKtFN8NEry3CjivqQZJxo6BfyXSwGW_gaSCa1cP91uE_AvcXIURLsKppDqbnOeJ3HpnbBXRDNeEl1oe4b2NSoB7yJdDCs7w; path=/; expires=Mon, 30-Mar-26 00:48:08 GMT; domain=.betcoapps.com; HttpOnly; Secure; SameSite=None\r\nvary: Accept-Encoding\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2125,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced","md5":"d0a6f672bc6bd2e097de029109a7577c","sha1":"228e47b53bf80adec61493761d90165771a81012","sha256":"35dc3f8b307cacbf717f898b6a669c2eb188cc425a1f356b94132ebc7e8441c2","sha512":"7a700fc3f2a2cced35def804efb78f631ae965591bca74fe55eb23a593f5cd77cdb31f9f947e8614f0ed1d67cd29c3b25797fc46d9d22f6788bedf34d84bd8a2","ssdeep":"","tlshash":"7741eaf57111586cd591a232475cbdd2589db408d035d507fea3ba2c7c3f17814c32ae","first_seen":"2025-12-24T22:39:16.220215Z","last_seen":"2026-06-06T23:43:56.132258Z","times_seen":54,"resource_available":false,"data":null}},"time_used":101,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":101,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/UnavailableMarketEvent-BMKM2D6W.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.518Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/UnavailableMarketEvent-BMKM2D6W.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/assets/FeaturedGames-DfIwIlXg.js\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"134-fkWnA5i2F5xtaOdS0avwKbGfQ4o\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":308,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (307)","md5":"1ab1e90471648eb242de708c80b8509f","sha1":"7e45a70398b6179c6d68e752d1abf029b19f438a","sha256":"5a2c30ba1fc70dcd7ca3229292fa56415823049898937e7a0f97286274a5fbe3","sha512":"55278ca78d7127c0bbba0dea56f6086edf8dc8a322ea71626df14cb930153417ae9247d0b24c8a2b3ae64be708093559d8e8e45f5675f4fe54e55cf863766f85","ssdeep":"","tlshash":"2fe07d096004bbf6d02518ccce3e4b4d60120ba4c7aa45c3d1b910281f34226360eaab","first_seen":"2026-03-28T16:05:39.509382Z","last_seen":"2026-03-30T02:15:03.17423Z","times_seen":8,"resource_available":true,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dataspot-bucket.gallabet1066.com/configs/d212f7f1f16e55d50593214ba05a0f99.js","fqdn":"dataspot-bucket.gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.654Z","timestamp":0,"http_version":"","security_state":"broken","security_info":null,"request":{"raw":"GET /configs/d212f7f1f16e55d50593214ba05a0f99.js HTTP/1.1\r\nHost: dataspot-bucket.gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nCookie: twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T19:34:27.179619Z","times_seen":16247994,"resource_available":true,"data":null}},"time_used":59,"timings":{"blocked":0,"dns":0,"connect":22,"send":0,"wait":0,"receive":0,"ssl":34},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"dataspot-bucket.gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"dataspot-bucket.gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"dataspot-bucket.gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/__proxy-cms-api/api/public/v1/tur/partners/751/notifications/whats_new?platform=0\u0026country=TR","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.982Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /__proxy-cms-api/api/public/v1/tur/partners/751/notifications/whats_new?platform=0\u0026country=TR HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/tr/\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:09 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 982\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS\r\naccess-control-allow-headers: X-Requested-With,Content-Type,Origin,Accept,Accept-Encoding,Accept-Response\r\ncf-ray: 9e42ef76d9e6f5e3-AMS\r\ncontent-encoding: br\r\ncache-control: max-age=600\r\nvary: Accept-Encoding\r\ncf-cache-status: DYNAMIC\r\nset-cookie: __cf_bm=._MimGgT6lHEIN_ss8zyI5WiA6cA.5JpE_JIARRzCuQ-1774829889-1.0.1.1-dRhkwGsSkq0.ZksGk8KjazIA34ebFSO2rva3kiWCbHM2vpHhiEeUZRcBrEhm0CW4aJ9961f.qLcYn90tYkP2crZpYbeUfdQXf0lK8B3ffTA; path=/; expires=Mon, 30-Mar-26 00:48:09 GMT; domain=.betcoapps.com; HttpOnly; Secure; SameSite=None\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1780,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"d3c54fbb58bdbc049cdb0511ebe72bfe","sha1":"952c530fa5e60d5e6f4092dca93e957ff475f0e4","sha256":"e937a0e69c3616d29c6b6d653f7b58c1dedced93f6c31b8c4c7edc0aa70af0e9","sha512":"dc0267bfc82cc2bb6c9c397203c45bf5c4515432a8fcd8f0c50bedaf985707d1c2ad0fa8bfc057e3e25bd40b82e41fc3d6b57ffa4ebfa26699345edfcb66571d","ssdeep":"","tlshash":"b8315335657d4f4c8f81178a9487f12ea40f035aec54fa34d658cb6690686b8d5331e9","first_seen":"2025-12-24T22:39:16.028828Z","last_seen":"2026-05-04T14:33:03.573483Z","times_seen":59,"resource_available":false,"data":null}},"time_used":163,"timings":{"blocked":96,"dns":0,"connect":0,"send":0,"wait":65,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/__statistics-proxy/images/e/s/1/2061.png","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:14.191Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /__statistics-proxy/images/e/s/1/2061.png HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/tr/\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D; _ga_2CT6DSEQTF=GS2.1.s1774829891$o1$g1$t1774829891$j60$l0$h0; _ga=GA1.1.1980892810.1774829891; ajs_anonymous_id=8a3528ef-ecae-4d6a-918e-6b61b4f3e7d5\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T19:34:27.179619Z","times_seen":16247994,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/index.B9_sFxRT.css","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:04.981Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/index.B9_sFxRT.css HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:05 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"7e283-h/+WJxEa0MXoRgVE+2iQxUrxIzo\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":516739,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (62128), with no line terminators","md5":"a169e7ca1e522404c8f4456545fa45c3","sha1":"35924651911a87c728fc4a84da59a16f1d96c224","sha256":"1524cc15f3ee09643656994abb579871a1a8ebd873479d53df91ac6425d34baa","sha512":"1a53edf17fceee6e378822cc5444b8217e69db98fd382ad1742162aee04c5180ac9db97a34d92a1e5a52e8cefcfd96f0b093cb8d4a6da3c12562b4e35e9e9468","ssdeep":"3072:pT4qmID/L6Zt4llM9bGBYIZpbBjokUVzseBrKSaQFr:pUqmID/L6Zt4llM9bUYzkcoRs","tlshash":"19b4d9a2968822f87b33d61f93c5b39cb014e061d9621e6ff19a612dc6d77900263f7d","first_seen":"2026-03-28T16:05:39.526024Z","last_seen":"2026-03-30T02:15:03.194958Z","times_seen":7,"resource_available":false,"data":null}},"time_used":68,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":68,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/dynamicallyStructuredPages.json?v=1774830000000","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:05.600Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /dynamicallyStructuredPages.json?v=1774830000000 HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:06 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: MISS\r\naccess-control-allow-origin: *\r\netag: W/\"2fc-kUiJY6kVdVRjg3WtqCHEu0SxLdI\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":764,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"61ff5ed77b867ea7b436a21eb8e5ab4e","sha1":"91488963a9157554638375ada821c4bb44b12dd2","sha256":"8329002355bc98821e6757dc86bd87104c3f79ab3fa48db2435c5d3baf0ec870","sha512":"e93a660a89166b2b4f17735c7ed67f95b3b333006596634a735da5159f605181c8a74bffe6924a82feef888aea5bab127c2aaf77685cd27efbd0d71b9d888456","ssdeep":"","tlshash":"2001493d3c10ceb4f7a08862d58167809992e576c7880c5c2cdeeb19c3ad24e1441b7b","first_seen":"2025-05-24T17:16:20.011585Z","last_seen":"2026-06-08T11:36:24.275836Z","times_seen":2738,"resource_available":false,"data":null}},"time_used":553,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":553,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/flags.png","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:07.382Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/flags.png HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/assets/index.B9_sFxRT.css\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:07 GMT\r\ncontent-type: image/png\r\ncontent-length: 94974\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"172fe-w5wJfXBMdUKU4/vtI7gOUCBUOW4\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":94974,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 66 x 17960, 8-bit colormap, non-interlaced","md5":"02c3b5af3d0ec1f21c51bf21a22241e9","sha1":"c39c097d704c754294e3fbed23b80e502054396e","sha256":"1c0578c469db9a3da5c0b6fa0258f99b2a2ac602d0027ab6fcb7b218c3acbb75","sha512":"bb097e3532e83aa4db8e8dd7cd16d95d83ae77f4cc19207f04f3b929ca695ebcd7f5730e9ea888763108c95028f40f81490a03093ef8d57665c6f4393091dc63","ssdeep":"1536:wxq8h3gUrI89XxfLcduXa08ucH+te2RIr8T8hKdPzgkjM+PDRzSKR2JLDpzm5NLX:Sq8h3e85FquXPAeExk8odPFg+tzSKe3M","tlshash":"509302ab06de36c6e10b2e9408902d3c720f65fdcba545ad497cc743d8e5a68d48feb4","first_seen":"2025-12-12T09:55:43.277784Z","last_seen":"2026-06-08T11:36:24.208609Z","times_seen":817,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/FeaturedGames-DfIwIlXg.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.253Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/FeaturedGames-DfIwIlXg.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/assets/index-B4qfN096.js\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"1ede-VHTsTuqs93R/aPV04ZCHfxfaUMI\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":7902,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (7901)","md5":"99db3268cd7badcfabce503c52da9e23","sha1":"5474ec4eeaacf7747f68f574e190877f17da50c2","sha256":"0c58e6cce6014652c4494c1df481a6231c4235c5c902173681fb94b23d6e91ff","sha512":"6e372a9360b0a38e63d407c556979ec31610924cf35cf7be380343c8c46f10c5e43746a33223a5a2eaf4264f0d521d0a2b72d437d58512fe7bdaea85fb3a1ced","ssdeep":"192:0JY/13fNH4EwDlNKyYE3406hcMO/zHwL4BflCayjae:qkVH4NNPYE34XhASaCV","tlshash":"6ff1fa0ae011ba7de53b49e7b57e6104f57a06d4e7150880d07e2e2919ea306733ff8b","first_seen":"2026-03-28T16:05:39.50794Z","last_seen":"2026-03-30T02:15:03.177503Z","times_seen":8,"resource_available":true,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/__statistics-proxy/images/e/s/1/2062.png","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:14.301Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /__statistics-proxy/images/e/s/1/2062.png HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/tr/\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D; _ga_2CT6DSEQTF=GS2.1.s1774829891$o1$g1$t1774829891$j60$l0$h0; _ga=GA1.1.1980892810.1774829891; ajs_anonymous_id=8a3528ef-ecae-4d6a-918e-6b61b4f3e7d5\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:15 GMT\r\ncontent-type: image/png\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":1017,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced","md5":"4a2d4d39b86b00f3d636230daf1b4696","sha1":"d4a08701fbe8438df1bd53ea3e9ff2bf544907af","sha256":"253d84913dc61732357bdd2d504fa3e75bab423cb2693b507698ffac91e39fb6","sha512":"ce2c0d5f1dc848371a45b8f9ca263340303c687d141b1ccd68ad451e53263f1b8669346a065ca5d9d9248f2d60147a5d1ff3e92ec1da107d50b941263c20c44b","ssdeep":"","tlshash":"7111a8e1834afd5dbd89f41372d621119464d1688168f9fe3ab529e51146688119c01f","first_seen":"2025-03-18T10:52:19.782116Z","last_seen":"2026-04-29T13:47:02.883896Z","times_seen":11,"resource_available":false,"data":null}},"time_used":1026,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1026,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/index-DNnDxRHk.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:06.820Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/index-DNnDxRHk.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gallabet1066.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:06 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"35fd8-kIKr0gSwKViFyq3q0SVk32sWDfM\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":221144,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (37523)","md5":"36ac1b2ed92a19d8c1c2d0229d27d42f","sha1":"9082abd204b0295885caadead12564df6b160df3","sha256":"8a37d1f12dd355f610202541aa0339600aef47c849708387f23f4082d54cf345","sha512":"5ee404802d19854b1131a6b7748908176321997ec472619560be9c1e9ebc12a93ed2a7e90d547b26a221fca5552e91c47abdbe5dfd0c6e4a21e1dff828266db3","ssdeep":"6144:MfeL9y0h4R78o8e4YfIALoh6wj9Sd51jjVvFazIRcDGRD6On:MmJy0h4R78o8e4YQ/j9e5xazIFROQ","tlshash":"f3240ac4b274b0b556e59494502b1201f1347c56b00d80e8b6bd9dff7faa88d92eef3a","first_seen":"2026-03-28T16:05:39.497603Z","last_seen":"2026-03-30T02:15:03.214085Z","times_seen":8,"resource_available":true,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/GameSuggestedEventsWidget-DCblnLbG.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:07.586Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/GameSuggestedEventsWidget-DCblnLbG.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gallabet1066.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:07 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"e8e-hgA524fFAY8rjWx38239jZ7aIFU\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":3726,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (3725)","md5":"af99640f3bfb5eb0aae27e266b2a56df","sha1":"860039db87c5018f2b8d6c77f36dfd8d9eda2055","sha256":"1a4514f20b327bca4a1dc3c97de218ae6aec303716e506012da8422b31ead621","sha512":"ef5405cee32413c6d7d8b3e9a7b77f3c438b9a481fb8608e848770a05dbd1004c4a0d8df59566176120f8dbf95508b6c4f0a89814b0d711b3f3f9f94cbed2089","ssdeep":"","tlshash":"2571d74ae014aa39a13741d82baf311914363278b54353c1b63fca7127e11927b5bbdf","first_seen":"2026-03-28T16:05:39.512335Z","last_seen":"2026-03-30T02:15:03.192503Z","times_seen":8,"resource_available":true,"data":null}},"time_used":32,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":32,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/InternalDataspotTracking-MyZPPxux.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:07.832Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/InternalDataspotTracking-MyZPPxux.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/assets/index-B4qfN096.js\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:07 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"ff9-xVoHNVpaJXGeQDmbDKWgmJmGyO8\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":4089,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (4088)","md5":"ed14a2790ee1c276644b889ed243b8d4","sha1":"c55a07355a5a25719e40399b0ca5a0989986c8ef","sha256":"8ad6149846eceeb7f576f4ebb7f81b99a23a686d8f161adb23b9f5211ebb03b3","sha512":"00b2511fa9650848035436540fa8026ebb90b8515ca3f3b8e310380ebe46a9260e92016708ad775944764e64c588e196f8076c29ec107a41dd957c8185d21f69","ssdeep":"","tlshash":"1b81851fd83c0471706489ce5877a9a7c5ad3c8951c0c8f060379eaa661ee05d6f5ed7","first_seen":"2026-03-28T16:05:39.570301Z","last_seen":"2026-03-30T02:15:03.184301Z","times_seen":8,"resource_available":true,"data":null}},"time_used":44,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":44,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/Casino.BjyJcCbk.css","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.084Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/Casino.BjyJcCbk.css HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/tr/\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"8bc1-J3GVrgfl5ea7tLZzLDoE1BrwTrM\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":35777,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (35770)","md5":"f113b1c9638ce76e385e727e0ea46694","sha1":"277195ae07e5e5e6bbb4b6732c3a04d41af04eb3","sha256":"5365ca88751244c00948d0275a580d625398578985219c10ab31efd9f8289c35","sha512":"768492a4bdec3871cd5e1eba328330f381846d86c3d9a9f85adf02e49f6d53042c1846be971b332a5f73702b2351f4a048a799744993e32b65ee9e4321439c15","ssdeep":"384:Rpo8j6E4sa1Hk9eeGKtNyGG6PwPJwWzY8IwgrOl009Hkz7qQXFDpNDF6:RZj6E7Ie3uIIEz1XN96","tlshash":"6cf28673961923bd75b796523ac0de9ce81c48b9da232641ec967237c3c79992c307ec","first_seen":"2026-03-01T06:34:53.940522Z","last_seen":"2026-05-26T00:51:05.480174Z","times_seen":89,"resource_available":false,"data":null}},"time_used":43,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":43,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/PromotedProductsWidget-ZLuvwdOu.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.091Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/PromotedProductsWidget-ZLuvwdOu.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gallabet1066.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"84d-DcD6VTTcMtgal7JsGgQPgQ/JV0g\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":2125,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (2124)","md5":"2f3434ede25de2187b46f0f1315f2451","sha1":"0dc0fa5534dc32d81a97b26c1a040f810fc95748","sha256":"e4d84411e81c6fe569f5649ce9a0c60e62f314f382054a2680c206eea2a616fe","sha512":"35d16f7c6f9a36eae2a7eec4dbe7bec5f38865df0e16d184e480cf91e6555f5a2758b349471389bc769eaf68a8504fddb838fd7f370926dcacf5b5dafdf581d4","ssdeep":"","tlshash":"164164c2d834b3b9f63e1cec224510893c267d18c96549a560b77d26a13d812bb57ffc","first_seen":"2026-03-28T16:05:39.582941Z","last_seen":"2026-03-30T02:15:03.208861Z","times_seen":8,"resource_available":true,"data":null}},"time_used":41,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":41,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"explorer-api.walletconnect.com/w3m/v1/getAllListings?projectId=45f4062f4f6427f9e6eab952d2452b3c\u0026sdkType=w3m\u0026sdkVersion=js-2.7.1\u0026recommendedIds=6db5c2cd78ea5a09e820b7543dacc90bf3b1727e5bbaddff544b301de1f74f39%2Cc57ca95b47569778a828d19178114f4db188b89b763c899ba0be274e97267d96%2Cecc4036f814562b41a5268adc86270fba1365471402006302e70169465b7ac18%2C4622a2b2d6af1c9844944291e5e7351a6aa24cd7b23099efac1b2fd875da31a0%2C8a0ee50d1f22f6651afcae7eb4253e52a3310b90af5daef78a8c4929a9bb99d4","fqdn":"explorer-api.walletconnect.com","domain":"walletconnect.com","tld":"com"},"ip":{"addr":"104.20.35.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.244Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"walletconnect.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 05 Feb 2026 12:00:46 GMT","end":"Wed, 06 May 2026 13:00:31 GMT"},"fingerprint":{"sha1":"0B:75:F6:C4:1F:5C:D6:FA:A0:CD:3E:89:69:B2:43:70:98:34:EB:71","sha256":"A7:6F:DB:DB:DF:40:40:BC:E0:FA:21:6A:0A:3B:17:05:37:B7:17:6E:6E:BC:B2:89:3D:F4:E2:7C:EB:48:E6:5E"}}},"request":{"raw":"GET /w3m/v1/getAllListings?projectId=45f4062f4f6427f9e6eab952d2452b3c\u0026sdkType=w3m\u0026sdkVersion=js-2.7.1\u0026recommendedIds=6db5c2cd78ea5a09e820b7543dacc90bf3b1727e5bbaddff544b301de1f74f39%2Cc57ca95b47569778a828d19178114f4db188b89b763c899ba0be274e97267d96%2Cecc4036f814562b41a5268adc86270fba1365471402006302e70169465b7ac18%2C4622a2b2d6af1c9844944291e5e7351a6aa24cd7b23099efac1b2fd875da31a0%2C8a0ee50d1f22f6651afcae7eb4253e52a3310b90af5daef78a8c4929a9bb99d4 HTTP/1.1\r\nHost: explorer-api.walletconnect.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gallabet1066.com/\r\nOrigin: https://gallabet1066.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncf-ray: 9e42ef7198265ebd-OSL\r\ncf-cache-status: HIT\r\naccess-control-allow-origin: *\r\nage: 82\r\ncache-control: public, max-age=2592000, s-maxage=86400\r\nlast-modified: Mon, 30 Mar 2026 00:16:46 GMT\r\nserver: cloudflare\r\nx-robots-tag: noindex\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4368,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"1594744c430c14575dd987b06663f8af","sha1":"6ae3a00b9045083fc80dba950b908f9e7513e211","sha256":"db922d127c83813e54ac9a7e4fb61318bdc34765fde199edd3859da07f9b1a04","sha512":"6dbc4888f6eb430e5c148b063707a5488e01f7a4ffef184ac67db37cb847c0d69eff429b0c1bd3122ca4b1594229d6f4f600497011a876d5ddaada4d1fb9569f","ssdeep":"96:nNSNbh/YiOQxX+1A2teUB7SOMVMrhIa1WUqrZurozkhLQtwN:8OQVqfhSPbUK6J0i","tlshash":"ec9110b79f444a5e2b2407c9702d3e9c855e250bcbc09ceaf0c0cf2984f9eb967559a6","first_seen":"2026-02-01T05:09:11.282943Z","last_seen":"2026-06-06T21:30:11.817911Z","times_seen":246,"resource_available":false,"data":null}},"time_used":91,"timings":{"blocked":11,"dns":1,"connect":1,"send":0,"wait":55,"receive":0,"ssl":20},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1063.com/storage/medias/galabet10/content_751_81708316ae460e2d7c097fe8bfca6077.webp","fqdn":"icons.galabet1063.com","domain":"galabet1063.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.969Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1063.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:15:23 GMT","end":"Sun, 24 May 2026 11:15:19 GMT"},"fingerprint":{"sha1":"C4:6E:C1:0C:2A:88:F4:C7:0A:FC:21:E6:85:92:C0:68:80:2C:FB:17","sha256":"91:A1:28:71:34:B4:38:04:7E:56:1B:F2:5E:81:57:F5:65:0C:43:12:65:B7:83:86:E2:32:BC:61:62:00:6E:8C"}}},"request":{"raw":"GET /storage/medias/galabet10/content_751_81708316ae460e2d7c097fe8bfca6077.webp HTTP/1.1\r\nHost: icons.galabet1063.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 30 Mar 2026 00:18:09 GMT\r\ncontent-type: image/webp\r\ncontent-length: 39974\r\nserver: cloudflare\r\nlast-modified: Mon, 15 Dec 2025 14:02:35 GMT\r\npriority: u=4,i=?0\r\netag: \"694014fb-9c26\"\r\nexpires: Sat, 04 Apr 2026 16:12:10 GMT\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\naccept-ranges: bytes\r\nage: 115558\r\ncf-cache-status: HIT\r\nset-cookie: __cf_bm=GlBx5DkcKY0oovpmwUofknfg4TEKJkHLqVEfRMV4Kd8-1774829889.0862525-1.0.1.1-69Kr8yNyKgQ.ODCM2YlpTQV5cvOxOnoxOGwsMliSCi8mA.teupmTJIjgYiv22fOfX_RkvmXh9FzSnswBGXpcRs3hXj9GSJU5ZF69KvUKP.nV8Ok4CATSEPILXPgfCVkX; HttpOnly; Secure; Path=/; Domain=galabet1063.com; Expires=Mon, 30 Mar 2026 00:48:09 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9ywKDi1O3u%2BbIUotn7O1UgmcgZdaGmuvlD8%2FlUrccOYK1voEG98Cm6qLLDVOMeTzRzUC0Wv4LqzMDgubfi0LXGl4C5dlen95HefsEgESLclnb7%2BFTcZjNGLTfFCdcbBokQjzl7ORVew%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e42ef76ca3f5687-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":39974,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"86013b42eae428e11372f049516b7ff9","sha1":"225a913e812a35bbd292b3316c359967757f3801","sha256":"e55c587494457c03fdc8be31a70077cbab07905855cdf253454ab76b7b069271","sha512":"524cd729a736a3cea55239e8a2cc8d1434bda345dc35a6e663552ba59db3be7adb4419ed21cfda32a1468a0dd735e910482186438c6cc119f70064e1d854771b","ssdeep":"768:IEmoxuaqs5NSF/H1M1photHZYN+MeKRlSGifuJvy2UbLWIKp8mkx+:xdxuUgFm1pmHOsMHlSms2P8mkx+","tlshash":"790302a130ad0760f79a56ebb11d8d3a91167fc149be3c782c780c5cf379fe64658650","first_seen":"2025-12-24T22:39:16.381848Z","last_seen":"2026-06-03T04:20:31.952385Z","times_seen":63,"resource_available":false,"data":null}},"time_used":141,"timings":{"blocked":114,"dns":0,"connect":0,"send":0,"wait":26,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1063.com/storage/medias/galabet10/content_751_2fbcd393de6e2087aa59ff73668d3cfd.webp","fqdn":"icons.galabet1063.com","domain":"galabet1063.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:13.841Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1063.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:15:23 GMT","end":"Sun, 24 May 2026 11:15:19 GMT"},"fingerprint":{"sha1":"C4:6E:C1:0C:2A:88:F4:C7:0A:FC:21:E6:85:92:C0:68:80:2C:FB:17","sha256":"91:A1:28:71:34:B4:38:04:7E:56:1B:F2:5E:81:57:F5:65:0C:43:12:65:B7:83:86:E2:32:BC:61:62:00:6E:8C"}}},"request":{"raw":"GET /storage/medias/galabet10/content_751_2fbcd393de6e2087aa59ff73668d3cfd.webp HTTP/1.1\r\nHost: icons.galabet1063.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 30 Mar 2026 00:18:13 GMT\r\ncontent-type: image/webp\r\ncontent-length: 36902\r\nserver: cloudflare\r\nlast-modified: Thu, 23 Oct 2025 12:54:53 GMT\r\npriority: u=4,i=?0\r\netag: \"68fa259d-9026\"\r\nexpires: Mon, 06 Apr 2026 00:16:51 GMT\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\naccept-ranges: bytes\r\nage: 82\r\ncf-cache-status: HIT\r\nset-cookie: __cf_bm=2EXbQP8FZJO81gYQ1NK.yCGRZcgcULVbJ2T_D0pgMu4-1774829893.8405275-1.0.1.1-lgCkNK2g4EMDc9TvXsG1_wGR5M6Y3g0FPan.te01_63jhon9UvIiQNlS02wNgLbYcGRBLC.f_0LAcyNv8rw9WevhirjYIDsFIsxEdmHfyvP8HEq.thTBwIR5So0.ZiQt; HttpOnly; Secure; Path=/; Domain=galabet1063.com; Expires=Mon, 30 Mar 2026 00:48:13 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PtcNhgwlRDCHo3BzwboOaaQKRu5p%2BjiaeapL6EiWzV6SaLkX628Vo6sSYDHf2VPaRol0cZI5g%2BOf3ETaDSuGbrVsps2E4IjLRsGOoneDNsq7FhaYda1XbOSfOJ2tsTPZ7W4ZD4R8amY%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e42ef948c885687-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":36902,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1600x160, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"9178dce074f6f5da14aa962d2d1eff1d","sha1":"afd5dedc4d9b6db21ec314a88ccf8ffdb4a7e358","sha256":"952f7cb545a4d304de18f0b58657973281cf89598d682dcca9fed33c513ce9b6","sha512":"30721d72dc204df72ad17431c1731cdc5e2f16d3d5406c3799e64872fabc9891c2028086ef9d7628b75a26fb15f839b822ea83f5fdf76b6200d7127c88bd9de6","ssdeep":"768:llaVUjckpH6fDslCO+7tpfQL3ocEvIIkr0wYhr8R0QfnAutxKF:llDjckpHyO+pfQL4cEXkrqr8KQPMF","tlshash":"94f2f18b599c03d0b9bfec30ab2983f7a45955cd44b0416abf8aee70d2135f94b86358","first_seen":"2026-02-24T14:23:51.465777Z","last_seen":"2026-06-06T23:43:56.12804Z","times_seen":30,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"va.tawk.to/v1/session/start","fqdn":"va.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"172.66.161.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:05.980Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 06 Mar 2026 09:33:33 GMT","end":"Thu, 04 Jun 2026 10:33:27 GMT"},"fingerprint":{"sha1":"F0:6C:DC:32:63:CD:34:E3:15:CD:7F:77:F5:A3:64:E0:9B:36:95:83","sha256":"B6:7F:6E:A3:69:3E:0D:3B:04:3E:8B:65:86:7E:1D:5F:82:84:18:16:8D:AD:72:D5:51:E3:46:BC:BD:CD:BC:38"}}},"request":{"raw":"POST /v1/session/start HTTP/1.1\r\nHost: va.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gallabet1066.com/\r\nContent-Type: application/json; charset=utf-8\r\nContent-Length: 178\r\nOrigin: https://gallabet1066.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":178,"data":"{\"p\":\"69c8f7f605c7ed1c37642349\",\"w\":\"1jksgh73g\",\"platform\":\"desktop\",\"tzo\":0,\"url\":\"https://gallabet1066.com/\",\"vss\":\"\",\"consent\":false,\"wss\":\"min\",\"uik\":\"ZQHueEbqZ3R9x6w8tRgBs\"}"}},"response":{"raw":"HTTP/3 200 OK\r\nx-served-by: visitor-application-preemptive-mc49\r\naccess-control-allow-origin: https://gallabet1066.com\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 3600\r\naccess-control-allow-methods: POST,OPTIONS\r\naccess-control-allow-headers: content-type,x-tawk-token\r\ncontent-type: application/json\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ndate: Mon, 30 Mar 2026 00:18:06 GMT\r\npriority: u=4,i=?0\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\ncf-cache-status: DYNAMIC\r\nserver: cloudflare\r\ncf-ray: 9e42ef635c11dfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1038,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"77c5c818e21ba2ccc7320c73eb87cffd","sha1":"0541f58b5a323e00338ca4c3c691231e38b176d0","sha256":"fabb3861524174b92445fffa3dc395a19e2253ad7a1b515ad567c509615b6bba","sha512":"a5c315c04d03e69b6879954b683158ea78f748c085a4022c731cceb91b5a9da8c048d5f34191dd135c1e3d5611d5d18795ced190497a000e892eb751d8bff860","ssdeep":"","tlshash":"0c11a5241a482f2b6492b6068fa69dc402cd13677468456dc8c55e9aad7027e2743c7b","first_seen":"2026-03-30T00:19:06.638139Z","last_seen":"2026-03-30T00:19:06.638139Z","times_seen":1,"resource_available":false,"data":null}},"time_used":901,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":901,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/__proxy-cms-api/api/public/v1/tur/partners/751/components/1974/contents?use_webp=1\u0026platform=0\u0026country=TR","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.102Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /__proxy-cms-api/api/public/v1/tur/partners/751/components/1974/contents?use_webp=1\u0026platform=0\u0026country=TR HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/tr/\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 2121\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS\r\naccess-control-allow-headers: X-Requested-With,Content-Type,Origin,Accept,Accept-Encoding,Accept-Response\r\ncf-ray: 9e42ef708cacfeb7-AMS\r\ncontent-encoding: br\r\ncache-control: no-cache\r\npragma: no-cache\r\nvary: Accept-Encoding\r\ncf-cache-status: DYNAMIC\r\nset-cookie: __cf_bm=Eira5i5zQFpnYjqDPntCwhEKq86edoOdYywsqVHQO0c-1774829888-1.0.1.1-U_CSBLv5dLEhwf2wJvCEO3H3tNCLsySwiT4UmM6WdrI8JVT6JJAqyy8Vqu3hmdajTOQMEzo9zXQzSiVS1DJ9AnV5X980CVHIm7lqTCrLTbI; path=/; expires=Mon, 30-Mar-26 00:48:08 GMT; domain=.betcoapps.com; HttpOnly; Secure; SameSite=None\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":9986,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"ba3dc88e929069ba8da7ff73623abf42","sha1":"7077a9c8a83f9a540e6942b3fd573952d6b909c3","sha256":"d5df7468c6eacc8867c781b9cd5a93b0c018c711ad462ab044acb552afd89549","sha512":"cdf3a812d1deb071f66678e47031db4be4ede78fff94e30b5506f048abc062229c2cdb2271a7879d1c0312b971b88fe4a0730766ad7aca66f79e903003a58107","ssdeep":"192:EW/pKT/Er6a/5Au/QKm/ZZ+/lDB/u5/ar/7p/Q5/aJ/tRR/uE/56/rP/A/c/QS/n:JpsE759QDZZOllupaL75QpaZtRRus5Ch","tlshash":"0122dd23b02dd96a5b547b40b4c3394ac9de5446ec0e9a70cc458f8d92ea62dc6e33d7","first_seen":"2026-03-30T00:17:55.437158Z","last_seen":"2026-03-30T02:15:03.295864Z","times_seen":3,"resource_available":false,"data":null}},"time_used":71,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":71,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"va.tawk.to/log-performance/v3","fqdn":"va.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"172.66.161.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.428Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 06 Mar 2026 09:33:33 GMT","end":"Thu, 04 Jun 2026 10:33:27 GMT"},"fingerprint":{"sha1":"F0:6C:DC:32:63:CD:34:E3:15:CD:7F:77:F5:A3:64:E0:9B:36:95:83","sha256":"B6:7F:6E:A3:69:3E:0D:3B:04:3E:8B:65:86:7E:1D:5F:82:84:18:16:8D:AD:72:D5:51:E3:46:BC:BD:CD:BC:38"}}},"request":{"raw":"POST /log-performance/v3 HTTP/1.1\r\nHost: va.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gallabet1066.com/\r\nContent-Type: application/json; charset=utf-8\r\nContent-Length: 95\r\nOrigin: https://gallabet1066.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":95,"data":"{\"logData\":\"{\\\"socket\\\":1139,\\\"register\\\":0,\\\"widget\\\":2868,\\\"script\\\":2295,\\\"download\\\":573}\"}"}},"response":{"raw":"HTTP/3 200 OK\r\nx-served-by: visitor-application-preemptive-2qdn\r\naccess-control-allow-origin: https://gallabet1066.com\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 3600\r\naccess-control-allow-methods: POST,OPTIONS\r\naccess-control-allow-headers: content-type,x-tawk-token\r\ncontent-type: text/html; charset=utf-8\r\nvary: Accept-Encoding\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\npriority: u=4,i=?0\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\ncf-cache-status: DYNAMIC\r\nserver: cloudflare\r\ncontent-encoding: br\r\ncf-ray: 9e42ef7288c78be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"ASCII text, with CRLF line terminators","md5":"fda44910deb1a460be4ac5d56d61d837","sha1":"f6d0c643351580307b2eaa6a7560e76965496bc7","sha256":"933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9","sha512":"57dda9aa7c29f960cd7948a4e4567844d3289fa729e9e388e7f4edcbdf16bf6a94536598b4f9ff8942849f1f96bd3c00bc24a75e748a36fbf2a145f63bf904c1","ssdeep":"","tlshash":"0e3000000000000000000000000000000000000000000000300000000000000000000c","first_seen":"2023-04-06T02:18:46Z","last_seen":"2026-05-10T02:19:39.188302Z","times_seen":38514,"resource_available":false,"data":null}},"time_used":153,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":152,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1063.com/content/images/casino/icon3/bf14c645e1b4175cb7d9af759b02edd1_casinoGameIcon3.gif","fqdn":"icons.galabet1063.com","domain":"galabet1063.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.528Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1063.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:15:23 GMT","end":"Sun, 24 May 2026 11:15:19 GMT"},"fingerprint":{"sha1":"C4:6E:C1:0C:2A:88:F4:C7:0A:FC:21:E6:85:92:C0:68:80:2C:FB:17","sha256":"91:A1:28:71:34:B4:38:04:7E:56:1B:F2:5E:81:57:F5:65:0C:43:12:65:B7:83:86:E2:32:BC:61:62:00:6E:8C"}}},"request":{"raw":"GET /content/images/casino/icon3/bf14c645e1b4175cb7d9af759b02edd1_casinoGameIcon3.gif HTTP/1.1\r\nHost: icons.galabet1063.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: image/gif\r\ncontent-length: 913720\r\nserver: cloudflare\r\nlast-modified: Thu, 14 Dec 2023 11:24:04 GMT\r\npriority: u=4,i=?0\r\netag: \"657ae5d4-df138\"\r\nexpires: Mon, 06 Apr 2026 00:18:08 GMT\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nset-cookie: __cf_bm=j5Cgz4CVCi9UGUmEHCrVA7akeFlKE3sjqyY04MiWwKU-1774829888.4971728-1.0.1.1-1IZywNgTzk_SMhRg04pxwkwEPSLcokPnFXdv8DNf2tA.faTRafo7SumO47WnQFy78NVmYMxADJ9tVwf4QgKCmIhB3T9ep5Z_U_KUb_qk5lpew1MQHMYLHGFHARfBeOHA; HttpOnly; Secure; Path=/; Domain=galabet1063.com; Expires=Mon, 30 Mar 2026 00:48:08 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wKnwDaYHwsuLnH349AZ9b%2B4VfILgIOYzcqKpFoNNCkF%2BI0qnhL%2BjJ9zBXM9Wham3jarC493z2Ffpm72XuzNSTfHrAKXCmjMSSRSQR8AoqY64p7FjMLJ945iIgsaprlg%2FNxLCvQ23Sc4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e42ef7318af5687-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":913720,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 440 x 310","md5":"909666f6746ef431d37304c58c6871e5","sha1":"50f9549d49c701c3adad42a5d176a4a9a07be6b2","sha256":"aa20abf1bd815b9e7248a8cd3bd1f83078b6d123e307983a11f44bf82dc14911","sha512":"0ff510636e04a51b2987ca77bc71eab1a1d282b540ea5e0d87d6942044f0f54b1ae842ae9e90243c9035a77dec155b1a3a5ba36fbfcbdbee076419974d27f1fa","ssdeep":"24576:9ayMCZ8OBrb1/N036zWjxK0hakTC9Itg/UEyJWlHx:peGUk0BeSg/dyJWlHx","tlshash":"d71533d4901fd402c07267e285eb66497fc1981ac7b4c9e7d8b31393c62817ae68fe53","first_seen":"2023-12-20T01:06:50Z","last_seen":"2026-06-03T09:16:08.872658Z","times_seen":92,"resource_available":false,"data":null}},"time_used":643,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":84,"receive":559,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/__statistics-proxy/images/e/s/1/2406.png","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:14.183Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /__statistics-proxy/images/e/s/1/2406.png HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/tr/\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D; _ga_2CT6DSEQTF=GS2.1.s1774829891$o1$g1$t1774829891$j60$l0$h0; _ga=GA1.1.1980892810.1774829891; ajs_anonymous_id=8a3528ef-ecae-4d6a-918e-6b61b4f3e7d5\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T19:34:27.179619Z","times_seen":16247994,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69967ba6a3b/css/max-widget.css","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"172.66.161.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:07.040Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 06 Mar 2026 09:33:33 GMT","end":"Thu, 04 Jun 2026 10:33:27 GMT"},"fingerprint":{"sha1":"F0:6C:DC:32:63:CD:34:E3:15:CD:7F:77:F5:A3:64:E0:9B:36:95:83","sha256":"B6:7F:6E:A3:69:3E:0D:3B:04:3E:8B:65:86:7E:1D:5F:82:84:18:16:8D:AD:72:D5:51:E3:46:BC:BD:CD:BC:38"}}},"request":{"raw":"GET /_s/v4/app/69967ba6a3b/css/max-widget.css HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 30 Mar 2026 00:18:07 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 19 Feb 2026 02:56:34 GMT\r\netag: \"7c8224daff490314bbee102edaf64029\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\nage: 1462316\r\nvary: accept-encoding\r\ncf-cache-status: HIT\r\npriority: u=2,i=?0\r\nx-content-type-options: nosniff\r\ncf-ray: 9e42ef6a08198be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":100307,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"7c8224daff490314bbee102edaf64029","sha1":"13aabbb4f10305443e0fbb19c55fd27c149828a6","sha256":"a3652c70ae4477871298cf7fec970ce38a1a5f26a814c06b72cbbafa9c6f3298","sha512":"4a1ac844d0cfc147baefde211336f72422efaaa9c92b4e3a150e434aa3bcd0ca3ab49c34aefca46bed94139738c01ec1af989beb50b48dc747faef0cb8a779b0","ssdeep":"1536:f/Uifm7kUdwddCri1iLc0Lg261F2BBCrikauV3cGiH27PNWE98MGfU0nPROpmi0U:xauVLmi0V0d+tKaK","tlshash":"dda399b2e56710cc7363c22692c1faac1029e370c757caa6f827767d4bc25963562f9c","first_seen":"2026-01-16T00:46:03.978063Z","last_seen":"2026-05-27T07:42:34.872881Z","times_seen":27804,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":6,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1063.com/svg/Promotions3.json","fqdn":"icons.galabet1063.com","domain":"galabet1063.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:07.362Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1063.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:15:23 GMT","end":"Sun, 24 May 2026 11:15:19 GMT"},"fingerprint":{"sha1":"C4:6E:C1:0C:2A:88:F4:C7:0A:FC:21:E6:85:92:C0:68:80:2C:FB:17","sha256":"91:A1:28:71:34:B4:38:04:7E:56:1B:F2:5E:81:57:F5:65:0C:43:12:65:B7:83:86:E2:32:BC:61:62:00:6E:8C"}}},"request":{"raw":"GET /svg/Promotions3.json HTTP/1.1\r\nHost: icons.galabet1063.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://gallabet1066.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 30 Mar 2026 00:18:07 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nlast-modified: Mon, 30 Jun 2025 11:09:57 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=ddrBwIcO35ZJvbQu47vqRy7i338BIeO.GF67HMsy7g0-1774829887.375934-1.0.1.1-XnNfiVcCvEEzVTU1zctFuXNb7Bca6H2B3.1I0ZraK6BMxwZ0zI6LgCFnPI_5VwT1Iw1ACwmbwGqFmvuuXj_kxXM1dToUHb6tMWUW8IrSsxfwcRfCNyxHH2KW4rOiEiRc; HttpOnly; Secure; Path=/; Domain=galabet1063.com; Expires=Mon, 30 Mar 2026 00:48:07 GMT\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DGJLY55AFO5RxmGKR6wf%2FuQt45I5RHK1u%2BZuqYpE9%2BKXPFG8Wf2bUsMjrTlbLJdACiNxSewi7oAhPszz%2F46z6n1KDWUvlHAj3An7Ai0GiwT0zzObS%2FNH51ycqQvnrLBM7xz%2BNxADIQw%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\netag: W/\"68627085-710\"\r\ncontent-encoding: br\r\ncf-ray: 9e42ef6c1b5eb509-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":1808,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"60e5a10a5bbcc415db7edd6ea60aec4f","sha1":"65af716c48e21ed7c837e77c4b7c3e2f33205dd3","sha256":"a8c1d1768e9efff44b10ffebd02cb4959af6be79610cdc02e44e840f0ec39a28","sha512":"418d3b818cc59a64f5261e2cc27fa2234ef1bf94a886866217d032d211c2ee47b758410154acbb7721314b855778c3e6bbd73fd57fdb092c5703c9270796ed22","ssdeep":"","tlshash":"ee312cd8ee305570eec443ffab118988795614bb69328edcf22c83886b8390800288d9","first_seen":"2025-07-08T10:50:27.664088Z","last_seen":"2026-06-06T11:08:41.264724Z","times_seen":614,"resource_available":false,"data":null}},"time_used":98,"timings":{"blocked":12,"dns":0,"connect":0,"send":0,"wait":86,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1063.com/svg/Mobile.json","fqdn":"icons.galabet1063.com","domain":"galabet1063.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:07.369Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1063.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:15:23 GMT","end":"Sun, 24 May 2026 11:15:19 GMT"},"fingerprint":{"sha1":"C4:6E:C1:0C:2A:88:F4:C7:0A:FC:21:E6:85:92:C0:68:80:2C:FB:17","sha256":"91:A1:28:71:34:B4:38:04:7E:56:1B:F2:5E:81:57:F5:65:0C:43:12:65:B7:83:86:E2:32:BC:61:62:00:6E:8C"}}},"request":{"raw":"GET /svg/Mobile.json HTTP/1.1\r\nHost: icons.galabet1063.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://gallabet1066.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 30 Mar 2026 00:18:07 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nlast-modified: Mon, 30 Jun 2025 11:12:20 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=c9LZTIo3jUxBxe3ZOWOCgjOJNmuCmICKzQPClkRq_t8-1774829887.3874502-1.0.1.1-wA3mCvePfSfX8jJpapWnfdk5Fpmzkn44gQDxrzn_UE5EpjkNl2BBiBmTRb.PU8F8aNcL_o44.tHqdcYuT2J3xQIchLcgk75X5Rb7Mio2SERbxxFPh9mgxfSObwX0RdUb; HttpOnly; Secure; Path=/; Domain=galabet1063.com; Expires=Mon, 30 Mar 2026 00:48:07 GMT\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=OwKpLqzDTMIA0nMbqEmkhk63xMXNRzd%2BAXLJaIgAzPMXm%2B%2BOQk%2BAjW9ZQ8CG0XDyd19YvmcN7jirc164Z09yuOyUopFo2VtTLBBL5k4WXHC4LrYIGNzzzRzU2BDcY9Cqjw8%2BpZahXbk%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\netag: W/\"68627114-155\"\r\ncontent-encoding: br\r\ncf-ray: 9e42ef6c2b65b509-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":341,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"b140aef15c3a0e2328970dbf675bda24","sha1":"77f0fce91e82379b75340bef8bcf39509d1c55eb","sha256":"08c2a0b66d7c329ce1e9e957188e98e920311984544c6d824a29cb8c73d668c0","sha512":"06c19a313efcafa154900f41bd864dc6bc5764a82dfaee82c91ec6fb360d61e0da1a1bb8fa6c58dd8a14f6cde01b85fe25e0ab56a9ba3009f4be67f99eb1ddd5","ssdeep":"","tlshash":"dde078e5b250d40ab5557d53b3fcd5a35e69f0d1da940c39713e791e0fa3034128d14d","first_seen":"2025-10-24T05:32:28.297874Z","last_seen":"2026-05-14T23:49:57.513273Z","times_seen":55,"resource_available":false,"data":null}},"time_used":99,"timings":{"blocked":18,"dns":0,"connect":0,"send":0,"wait":81,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/StatisticsOnHoverContainer-C5ct3o8W.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:07.718Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/StatisticsOnHoverContainer-C5ct3o8W.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/assets/index-B4qfN096.js\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:07 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"2634-OcImMKErYclR0yhdzSHq5dir+dU\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":9780,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (9539)","md5":"1bbccd110fd24fbdb20d88ed9988b15a","sha1":"39c22630a12b61c951d3285dcd21eae5d8abf9d5","sha256":"2c262ba9bcb6e1f451dbe9b654c5deed31c4fbc060defa5e91afc8ddda8b91f6","sha512":"9cd6c3ddb9f231ba023f396d54db9659091f27065cb6ee57d10150634185967e554433562337e36a356bcfecbd31df9ae55b1474148633c8cce0514146af7e3e","ssdeep":"192:kn2zkXAsarXDxLwxGEE0D9AOgzmxj/e0R:kBParTxLwxGEphAdzmxj2q","tlshash":"6312746c118e5f69f41a8240b4202e35bb3a3877958d66f8bebc451fd3ce444bb9cb18","first_seen":"2026-03-28T16:05:39.490323Z","last_seen":"2026-03-30T02:15:03.215079Z","times_seen":8,"resource_available":true,"data":null}},"time_used":46,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":46,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1063.com/content/images/casino/icon3/5499e215e950e7761be625a3e2ab5acf_casinoGameIcon3.webp","fqdn":"icons.galabet1063.com","domain":"galabet1063.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.539Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1063.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:15:23 GMT","end":"Sun, 24 May 2026 11:15:19 GMT"},"fingerprint":{"sha1":"C4:6E:C1:0C:2A:88:F4:C7:0A:FC:21:E6:85:92:C0:68:80:2C:FB:17","sha256":"91:A1:28:71:34:B4:38:04:7E:56:1B:F2:5E:81:57:F5:65:0C:43:12:65:B7:83:86:E2:32:BC:61:62:00:6E:8C"}}},"request":{"raw":"GET /content/images/casino/icon3/5499e215e950e7761be625a3e2ab5acf_casinoGameIcon3.webp HTTP/1.1\r\nHost: icons.galabet1063.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: image/webp\r\ncontent-length: 35402\r\nserver: cloudflare\r\nlast-modified: Thu, 12 Mar 2026 11:47:49 GMT\r\npriority: u=4,i=?0\r\netag: \"69b2a7e5-8a4a\"\r\nexpires: Mon, 06 Apr 2026 00:18:08 GMT\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nset-cookie: __cf_bm=Ul0TIiwno53i9s_1U9byCR1DOw2hC3x_V4.k6VWBE6o-1774829888.5045524-1.0.1.1-ldUDVUe1CcTq5tv9Lc_yP0OAdPQq3OqRXKfjBUhle1b0MnWciYoqCaLJzUIm5p96Sm_OY9Z9Jvgv_Wy3lA56yYKot4CMDi7pgWI6T.JwtUX1H77NnHgsS4gejfZauzCu; HttpOnly; Secure; Path=/; Domain=galabet1063.com; Expires=Mon, 30 Mar 2026 00:48:08 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7wltpwF6e6Rz7KONac4hwnBDQyt7NOa9EGcowS0OswKkqYo4B4ExiO3IPOGPnzO4CaNtTWq7wLRdtiquHApoLRzwrCOnHN6W1RbnUT4Y9EalkBfq5jDMKTdjVi%2B%2FsN3PqwDhfT9SiwU%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e42ef7328b55687-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":35402,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 440x310, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"b79fb6683ecdfeaa75594f661eacb520","sha1":"8d6bd2e5127c1d98f3c1cf90fded73dd28e8ed8c","sha256":"22e8c5710ae417c6b1183da9f5e79aa59e66044c745a9ae17348dfa52f982508","sha512":"e0630025b2b85958609d4aad2f0a0dcfa7b1c9a55a112967c1eb2ce885a0726895cfb4eb74b82932cdf182996db5fd052e5a3fe5893c1ed142fe4e6163d4ef55","ssdeep":"768:Ke/D7Cw6I7v6oPr2BFG+bMiSVqsYPkozpDs6VNT1mozNuPJ:KWDXz7R4QqsUkYN9oJ","tlshash":"26f2f1cf12eaabd2b36857e913a9cb1e794a5c9301bd6c229f876c540630c951ac3372","first_seen":"2026-03-28T21:31:36.644912Z","last_seen":"2026-04-29T13:47:02.874322Z","times_seen":8,"resource_available":false,"data":null}},"time_used":119,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":83,"receive":36,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/__statistics-proxy/images/e/s/1/2017.png","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:14.180Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /__statistics-proxy/images/e/s/1/2017.png HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/tr/\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D; _ga_2CT6DSEQTF=GS2.1.s1774829891$o1$g1$t1774829891$j60$l0$h0; _ga=GA1.1.1980892810.1774829891; ajs_anonymous_id=8a3528ef-ecae-4d6a-918e-6b61b4f3e7d5\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T19:34:27.179619Z","times_seen":16247994,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.recaptcha.net/recaptcha/api2/webworker.js?hl=en\u0026v=79clEdOi5xQbrrpL2L8kGmK3","fqdn":"www.recaptcha.net","domain":"recaptcha.net","tld":"net"},"ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.recaptcha.net/recaptcha/api2/anchor?ar=1\u0026k=6LcKXcgUAAAAABnErUWDwYMpRiWUfgDhsWTkyPIJ\u0026co=aHR0cHM6Ly9nYWxsYWJldDEwNjYuY29tOjQ0Mw..\u0026hl=en\u0026v=79clEdOi5xQbrrpL2L8kGmK3\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=30000\u0026cb=d0lzo1o10o6f","date":"2026-03-30T00:18:15.166Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"misc.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 09 Mar 2026 08:36:54 GMT","end":"Mon, 01 Jun 2026 08:36:53 GMT"},"fingerprint":{"sha1":"5C:63:31:39:A7:BF:00:B2:81:36:9A:4F:63:5D:AC:4E:FF:2B:F2:1E","sha256":"56:0A:B3:57:A9:15:3D:4B:A1:0A:00:8E:9C:83:79:4F:39:31:72:70:02:A3:EF:08:4C:94:7D:30:6F:B3:3E:01"}}},"request":{"raw":"GET /recaptcha/api2/webworker.js?hl=en\u0026v=79clEdOi5xQbrrpL2L8kGmK3 HTTP/1.1\r\nHost: www.recaptcha.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1\u0026k=6LcKXcgUAAAAABnErUWDwYMpRiWUfgDhsWTkyPIJ\u0026co=aHR0cHM6Ly9nYWxsYWJldDEwNjYuY29tOjQ0Mw..\u0026hl=en\u0026v=79clEdOi5xQbrrpL2L8kGmK3\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=30000\u0026cb=d0lzo1o10o6f\r\nSec-Fetch-Dest: worker\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/javascript; charset=utf-8\r\ncross-origin-embedder-policy: require-corp\r\nreport-to: {\"group\":\"recaptcha\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/recaptcha\"}]}, {\"group\":\"coop_38fac9d5b82543fc4729580d18ff2d3d\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d\"}]}\r\nexpires: Mon, 30 Mar 2026 00:18:15 GMT\r\ndate: Mon, 30 Mar 2026 00:18:15 GMT\r\ncache-control: private, max-age=300\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"coop_38fac9d5b82543fc4729580d18ff2d3d\"\r\ncross-origin-resource-policy: same-site\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":102,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"8461de2ea2f2601eaf21ad5931e74681","sha1":"115fa39dad73b3bedfd6778a27122aa30d2826a8","sha256":"9b81e9a5eb8a2c4f7a3c7d22dd92bebded7d4471ee300444c67c678b4a893cc8","sha512":"1ab5c97bd41c499b2b1e71f740c493d889e0fe35046f77755a34c7aba0f0ced418610881c01148055d7470698e2332cf375a543cf87313d0cc5b5ff0de5ff3fa","ssdeep":"","tlshash":"e3b012731575c43c0c020203d627a7ece0435074d650c8f841347fd841690e7522d500","first_seen":"2026-03-26T03:15:38.909416Z","last_seen":"2026-05-02T10:21:31.183563Z","times_seen":9888,"resource_available":false,"data":null}},"time_used":46,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":46,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/conf.json?v=1774830000000","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:05.593Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /conf.json?v=1774830000000 HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:06 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: MISS\r\naccess-control-allow-origin: *\r\netag: W/\"5975-DsXpP3h8isG+Kpeb5pQLnfjwoxw\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":22901,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"73e69c48a357de0624540f8f288352f1","sha1":"0ec5e93f787c8ac1be2a979be6940b9df8f0a31c","sha256":"587895b88d674062f7371f7d0cb3bf1f3f63bf52b658aa1ef04c2810c2dca58e","sha512":"0c7b55e954c3f834d88014b1fa982963a3bbaf50a14e87ac84d9eaf1c7875072e075de3c08157ae70b113d4cd92dff1288ac063250bbb42e2c73cb1374a05cd7","ssdeep":"384:tiodO1z2Gn+LoU4rWmnzl8mAhtrfS632Sk3NNJ36:tOz2Gn+LoU4rWmnzl8mOtrfS6WH6","tlshash":"aea21f29d5b44db302ca71b468be6147b534948b4e987c283f4c826c0f5da2f29bb7dd","first_seen":"2026-03-28T16:05:39.5315Z","last_seen":"2026-03-30T02:15:03.23968Z","times_seen":8,"resource_available":false,"data":null}},"time_used":724,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":724,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69967ba6a3b/js/twk-chunk-2d0d2b7c.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"172.66.161.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:06.897Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 06 Mar 2026 09:33:33 GMT","end":"Thu, 04 Jun 2026 10:33:27 GMT"},"fingerprint":{"sha1":"F0:6C:DC:32:63:CD:34:E3:15:CD:7F:77:F5:A3:64:E0:9B:36:95:83","sha256":"B6:7F:6E:A3:69:3E:0D:3B:04:3E:8B:65:86:7E:1D:5F:82:84:18:16:8D:AD:72:D5:51:E3:46:BC:BD:CD:BC:38"}}},"request":{"raw":"GET /_s/v4/app/69967ba6a3b/js/twk-chunk-2d0d2b7c.js HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 30 Mar 2026 00:18:06 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 19 Feb 2026 02:56:35 GMT\r\netag: W/\"ecc9e5cf090bf5602a01763e2895acad\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\nage: 402865\r\nvary: accept-encoding\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nx-content-type-options: nosniff\r\ncf-ray: 9e42ef6918038be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10938,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (10938), with no line terminators","md5":"ecc9e5cf090bf5602a01763e2895acad","sha1":"1d07eaeecb0a31f0d95363694e803282518f81a3","sha256":"1cb6c04d780fb838f64fe8bad72bbc16ff24e2466f9ba3123471321f8342cc0a","sha512":"9ace38dcdfd09222ce1f2536d8e4acc781b0055d6ae35486922b86baa540befc98bd9a5bc67bb00b0ef09b9da16ec97b1fe3b2b676b1403cde8eb2c13981870b","ssdeep":"192:0CFny7CpmxwbZlR1cwr40v0zSrj5D6/L6LvGokD36b4hwseQ:08mChZlRNr40v0GF/LvV4hwsR","tlshash":"073295b7e0a1107ea316871c506fa610f61f6c8ab2161da6b67ab46f900ddcfc065f7c","first_seen":"2025-11-28T06:07:28.918411Z","last_seen":"2026-05-27T07:42:34.869974Z","times_seen":26442,"resource_available":true,"data":null}},"time_used":5,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/events-iw1xtyOD.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:07.083Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/events-iw1xtyOD.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gallabet1066.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:07 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"17fd-RuAxuCUB7S0ljPIyUndEfktgU6k\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":6141,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (6140)","md5":"bd3f1fd12c3c34313631fb65d0efa876","sha1":"46e031b82501ed2d258cf2325277447e4b6053a9","sha256":"64889c65b6786afa069c8fddebc1703aa0d53a80c284cbbc7bb20e5061e33599","sha512":"38e3ec4a3d2164f9516ec56556ac4ca1b231b8e0c25ed030097a7c4cc38b6129c989ab4b5015c35ee6b9da912a2015a50b4c94a0d4428816dc18bf2155f0f10e","ssdeep":"96:4d9bkM29yWHs9qYfoJCOoRLRlqSpbDq6v3WZHbK3hMSNPaVqsVqH:43IM2sWMtBq6n3PzH","tlshash":"14c144ccb38574b013e7d3abb07f520bf135a598740c5108b61aecf9696bd9e4126b78","first_seen":"2026-03-28T16:05:39.523388Z","last_seen":"2026-03-30T02:15:03.162556Z","times_seen":8,"resource_available":true,"data":null}},"time_used":57,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":57,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Lato|Lilita+One","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.251.38.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:09.415Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 09 Mar 2026 08:37:40 GMT","end":"Mon, 01 Jun 2026 08:37:39 GMT"},"fingerprint":{"sha1":"5F:99:6E:26:2A:3A:DA:FF:7F:0D:EE:C5:8B:2A:01:AE:28:26:AD:C4","sha256":"2B:88:E7:79:70:E5:E9:DE:0E:A9:0A:B8:F1:F5:C6:D6:10:77:F0:C9:0F:E6:2A:13:A3:D6:08:F9:89:A3:60:E8"}}},"request":{"raw":"GET /css?family=Lato|Lilita+One HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://crm-lib.fasttrack-solutions.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Mon, 30 Mar 2026 00:18:09 GMT\r\ndate: Mon, 30 Mar 2026 00:18:09 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1586,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"2f31f582a62929942285136edb852eb4","sha1":"ade05009e3f52242452d23f325d0d60eb2f4945d","sha256":"86d1d33f6f9e190954cb9cf8f930c7ce03e60bb102b64f2ce0baab352285acab","sha512":"2e4b5ff5cb64ede4c3e63e2477f156c55597e1c3ddd83d888fd96c66bf7cc6716dcf522fad19cdde2a4a564f530022feaff488500797d01f3673e52e295ddabd","ssdeep":"","tlshash":"6e31bf92097ba80497930dc212ce7d32ef1e62406845a825afff18dcfc67c699362b0d","first_seen":"2025-09-20T10:36:49.753015Z","last_seen":"2026-06-06T23:43:56.083256Z","times_seen":146,"resource_available":false,"data":null}},"time_used":230,"timings":{"blocked":103,"dns":1,"connect":7,"send":0,"wait":20,"receive":0,"ssl":92},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.segment.com/analytics.js/v1/lilPWXhBdHIJK2XkMZqV7SFa8UZQZd0D/analytics.min.js","fqdn":"cdn.segment.com","domain":"segment.com","tld":"com"},"ip":{"addr":"3.167.6.134","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:11.193Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segment.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 16 Sep 2025 00:00:00 GMT","end":"Thu, 15 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"90:3F:7C:B8:04:2E:CD:A4:E1:F1:8C:5D:DB:17:18:85:E6:C0:E9:98","sha256":"18:9C:5C:43:17:4C:C1:EA:72:5A:8E:DD:37:64:4C:DF:83:99:F4:51:8E:85:20:61:7F:A0:40:01:DC:6F:65:43"}}},"request":{"raw":"GET /analytics.js/v1/lilPWXhBdHIJK2XkMZqV7SFa8UZQZd0D/analytics.min.js HTTP/1.1\r\nHost: cdn.segment.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/javascript; charset=utf-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, HEAD\r\naccess-control-max-age: 3000\r\nx-amz-replication-status: COMPLETED\r\nlast-modified: Wed, 21 Jan 2026 08:14:20 GMT\r\ncontent-encoding: br\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: J8ajF9t6IlT2U7tuuuuEWLpJqziHNggp\r\nserver: AmazonS3\r\ndate: Mon, 30 Mar 2026 00:17:03 GMT\r\ncache-control: public, max-age=120\r\netag: W/\"26d5c6e9eb5b8acc5d7f0a4acb0bb17d\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 3ecfca26003921b3f6dfb1a287300c24.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: KkEHvxDiTPXh90dWHuNVzI8v1X6nDVXcCO7pWR3I0CIrqAR5wQIifQ==\r\nage: 69\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":108916,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"26d5c6e9eb5b8acc5d7f0a4acb0bb17d","sha1":"f28c859ece3ceabce922bbdf6272f9f7e826b783","sha256":"8ee1aaf2ad1cbca21e0581993206ba9ffd736c611beffb7287581a87cab67ff3","sha512":"388bd8e7a24945d1a3db30cd4cc03f006d5222f5b399b6578eaf9f87707fefae25b423aa0657dffd191f980827742165f1cfe7577a899ac63ed728bdd9886ee0","ssdeep":"768:IAObYQP9MBTSbyDRP0aubWc+ZdLyiQL96+hYs17eFCgt/oJBpntD/PN/xd0MpIJ4:TQP9MqMZ+vCBF/g0vmBuNfftrcuk","tlshash":"8fb371c8f6d6f064439764b4803f510bf23eb96e680e8464f266dad26c7899d9133f78","first_seen":"2026-02-24T14:23:50.976435Z","last_seen":"2026-05-22T17:22:58.310306Z","times_seen":50,"resource_available":true,"data":null}},"time_used":161,"timings":{"blocked":48,"dns":28,"connect":6,"send":0,"wait":64,"receive":0,"ssl":11},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69967ba6a3b/js/twk-chunk-4fe9d5dd.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"172.66.161.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:06.920Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 06 Mar 2026 09:33:33 GMT","end":"Thu, 04 Jun 2026 10:33:27 GMT"},"fingerprint":{"sha1":"F0:6C:DC:32:63:CD:34:E3:15:CD:7F:77:F5:A3:64:E0:9B:36:95:83","sha256":"B6:7F:6E:A3:69:3E:0D:3B:04:3E:8B:65:86:7E:1D:5F:82:84:18:16:8D:AD:72:D5:51:E3:46:BC:BD:CD:BC:38"}}},"request":{"raw":"GET /_s/v4/app/69967ba6a3b/js/twk-chunk-4fe9d5dd.js HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 30 Mar 2026 00:18:06 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 19 Feb 2026 02:56:35 GMT\r\netag: \"8249fafc9a9fbe0f75d4bef0aae2305a\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\nage: 1618578\r\nvary: accept-encoding\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nx-content-type-options: nosniff\r\ncf-ray: 9e42ef6938088be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1000,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (1000), with no line terminators","md5":"8249fafc9a9fbe0f75d4bef0aae2305a","sha1":"fab6dda0967dfbaf8ba0cfe5cfade8e150d1735d","sha256":"69b650b4d6479fd29987836a9b74147aade85cc9c50024bcacd5dfb2cb793e8d","sha512":"d0bc9a750061e5b4b761db081656b0e1e655126a413aaa22e87ce14cdfaeac34d532acd08eb0d61274707212871f6d84369b8b2a1a6d3e6c3bfd3d4167afa865","ssdeep":"","tlshash":"f9110248f056b8fcdc8af64288df143034627d4a898cf9e6f5f0aad405555ab312bb5f","first_seen":"2025-04-29T08:39:38.372752Z","last_seen":"2026-06-08T19:38:41.30163Z","times_seen":43759,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/__statistics-proxy/images/e/s/1/2014.png","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:14.307Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /__statistics-proxy/images/e/s/1/2014.png HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/tr/\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D; _ga_2CT6DSEQTF=GS2.1.s1774829891$o1$g1$t1774829891$j60$l0$h0; _ga=GA1.1.1980892810.1774829891; ajs_anonymous_id=8a3528ef-ecae-4d6a-918e-6b61b4f3e7d5\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:20 GMT\r\ncontent-type: image/png\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":1640,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced","md5":"2445841d20c5fa1995c44901bede031c","sha1":"8878aeec550dd0f80fbe0e986a792917c94a43f9","sha256":"c0b40021d1a9af7f6c30801970e4b7a4bcd1e890b17384a6f8fd92ad5401de27","sha512":"f6f939ead02d7e4b4f18e2676f3bcbeff22aefa70be05113ec48ce941c47a6f0afff6d3649ee42026540fb0d84b88f4193b73dc792c0267589d2a75d55ee4483","ssdeep":"","tlshash":"e2310aa01b611c7cca635e43970f4e117dea15bfaa358274ba94ef5b457342a8c91383","first_seen":"2025-12-01T12:46:20.536603Z","last_seen":"2026-05-13T03:37:24.261056Z","times_seen":10,"resource_available":false,"data":null}},"time_used":6346,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6346,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/walletConnect-CiycSUBb.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:06.951Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/walletConnect-CiycSUBb.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/assets/WagmiConf-B3PbL1Lw.js\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:06 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"7ce-4NL9XQUE1X1LJPUYsilS0smIp/4\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":1998,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (1997)","md5":"da47465662d5f1b88313ef72ebb29b9b","sha1":"e0d2fd5d0504d57d4b24f518b22952d2c988a7fe","sha256":"3bab1d05ac548fa6a9da34691fb10a9952e78e39de56d9db8e707490f5693803","sha512":"0caccce9e0a63d128acb707352cf961d8f203ab6088a491971a415a6902229d366a19c5983aa951831611446a97d432ac6eb2fa0aaba7cafee0d82e68688bcb2","ssdeep":"","tlshash":"cc4153ed9a14e4fccd74d1801ac9a709a0268ec6b40d40cb71cd912f0ffd4aad546b27","first_seen":"2025-03-03T02:49:15.275081Z","last_seen":"2026-06-06T21:30:11.623634Z","times_seen":1659,"resource_available":true,"data":null}},"time_used":36,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":36,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1063.com/svg/live.json","fqdn":"icons.galabet1063.com","domain":"galabet1063.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:07.326Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1063.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:15:23 GMT","end":"Sun, 24 May 2026 11:15:19 GMT"},"fingerprint":{"sha1":"C4:6E:C1:0C:2A:88:F4:C7:0A:FC:21:E6:85:92:C0:68:80:2C:FB:17","sha256":"91:A1:28:71:34:B4:38:04:7E:56:1B:F2:5E:81:57:F5:65:0C:43:12:65:B7:83:86:E2:32:BC:61:62:00:6E:8C"}}},"request":{"raw":"GET /svg/live.json HTTP/1.1\r\nHost: icons.galabet1063.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://gallabet1066.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 30 Mar 2026 00:18:07 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nlast-modified: Mon, 30 Jun 2025 11:11:19 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=n6B2WHlPb_Thamo7H5jAxnVweCLreywz8uLVmhEQmNg-1774829887.3880777-1.0.1.1-OxTNfhBGxpx61PcixDaPdHt59SJP_QMjTKEMqMf142yiUG00XyDzTNhFe.FW81PvBdFt5SKjF7IBN5JcxaG_XElvDY7DbCAGdH5b.EQBubseTnrDTX3fqr4PJRLsU3Pi; HttpOnly; Secure; Path=/; Domain=galabet1063.com; Expires=Mon, 30 Mar 2026 00:48:07 GMT\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fXsGd5NE91OsP3lRjx1clEVntY3S13CUtvnToPaD2Xlo%2Fw686MPSDJjQzoJW2P8%2BLAr5UusOkcXENcC6eUBxe9fmJ4oUlgCMW9WMB9%2BRSjUmiL%2BHqKAjONwtQ40Ww6EdsliBy%2BEpee4%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\netag: W/\"686270d7-223\"\r\ncontent-encoding: br\r\ncf-ray: 9e42ef6c2b67b509-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":547,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"177a1ecefa857471d64fb388cf5125d1","sha1":"726ab602ef7c82c9db251ac2a8dbdd142a28cedd","sha256":"e9bbd35f8b3d2bd962d3811c39e4cf82d2448f40576bf0e2fc495f5231b2cd1b","sha512":"b17c2fbeb47ae4e82b2e4b65e0874d54bfe07636406d4d56c25df1af1ee331f298538b63766cb21fa96cad217f86c61c2a1a3baee117ceb992c194d80ee87513","ssdeep":"","tlshash":"10f0e9e8e0b48a583948712c1b1c28952e3b32330dd18a39306be32e1f1254673cb659","first_seen":"2025-07-08T10:50:27.692829Z","last_seen":"2026-06-08T11:36:24.458862Z","times_seen":1692,"resource_available":false,"data":null}},"time_used":215,"timings":{"blocked":62,"dns":0,"connect":1,"send":0,"wait":82,"receive":0,"ssl":49},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1063.com/svg/GamesOfTheWeek.json","fqdn":"icons.galabet1063.com","domain":"galabet1063.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:07.360Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1063.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:15:23 GMT","end":"Sun, 24 May 2026 11:15:19 GMT"},"fingerprint":{"sha1":"C4:6E:C1:0C:2A:88:F4:C7:0A:FC:21:E6:85:92:C0:68:80:2C:FB:17","sha256":"91:A1:28:71:34:B4:38:04:7E:56:1B:F2:5E:81:57:F5:65:0C:43:12:65:B7:83:86:E2:32:BC:61:62:00:6E:8C"}}},"request":{"raw":"GET /svg/GamesOfTheWeek.json HTTP/1.1\r\nHost: icons.galabet1063.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://gallabet1066.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 30 Mar 2026 00:18:07 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nlast-modified: Mon, 30 Jun 2025 11:09:58 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=lE5vwwMUGTifIOnV848a95TdweNWNLTcOvpXvdOMzVg-1774829887.37556-1.0.1.1-3DaMAfsw7irJ0S4W9FJZFQDI7rE1MKod9S3GB5hYwWmw._ENEbymOYsVG5z_W7LZQVU6Ekz9q84nFbNwfsJ2QRQICrllpY_KbyuKra8nwP5tPSDHc6gwGKiePHl_edu.; HttpOnly; Secure; Path=/; Domain=galabet1063.com; Expires=Mon, 30 Mar 2026 00:48:07 GMT\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jUk2WH%2FCyDocvmnjirN3GWjr2NKvmiQ9%2FSYWJEc%2FnsqH%2FInfEeGCboT0tbRQUHVl8RUtbfxG9dLjxnI8l5tpWNgfNJiQ2%2BHsJplJj8snUYhawmuUgcam2E6KrutbAxZ8HUG4eA1dKHE%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\netag: W/\"68627086-be0\"\r\ncontent-encoding: br\r\ncf-ray: 9e42ef6c1b5cb509-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":3040,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"bd48bcac13b7af9a43338fa39450069c","sha1":"b39e0dce82eec16651566913e7d8a1ae26ee25d8","sha256":"e67476d135f1d3e566d62c017b8a4afa7b3013dc29540a85de3c9f071a11812a","sha512":"39c26cb74b8bea9fd071edc07b5fe1ef144747ebd23593b409aeb8f0e6894daf00a946805f222e2dca66dae48baa4adab0196a4ef71720fd109aeba8f11e1026","ssdeep":"","tlshash":"6951b0d8c5254afa1bcc335e6322542b0cc92fd6f7a35cd8b27c85985b13d062a7e883","first_seen":"2026-02-24T14:23:51.265611Z","last_seen":"2026-05-19T18:11:41.282935Z","times_seen":52,"resource_available":false,"data":null}},"time_used":98,"timings":{"blocked":14,"dns":0,"connect":0,"send":0,"wait":84,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/Tooltip-BkqUYOAI.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.491Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/Tooltip-BkqUYOAI.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/assets/JackpotPoolsWidgetContainer-B5MGOsjJ.js\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"334-mTvSRuiJ4UEZ6IhkQjUfxdpRC3k\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":820,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (819)","md5":"2f6baf68d45f9ded7ae3b615275fe741","sha1":"993bd246e889e14119e8886442351fc5da510b79","sha256":"12037c07ae730bb15ffddf8a3ce9bc8bfbb5fe313e4d9df2f44bda0ee3997bcb","sha512":"faf6f552ecea99ca67488b5b2be331e25f3dfde4e1761ba402fe60fe63238f80df6fc8f2bd64a6591c2ea290cb118636bae4f5465247310e7333c62f0c4dee47","ssdeep":"","tlshash":"5401f646e032fbf4e17754da142d856d71532a6c7e2f58f0a038058f0ee4984d317b8b","first_seen":"2026-03-28T16:05:39.519258Z","last_seen":"2026-03-30T02:15:03.185913Z","times_seen":8,"resource_available":true,"data":null}},"time_used":34,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/FacebookTracking-hUyPiv-j.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:07.827Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/FacebookTracking-hUyPiv-j.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/assets/index-B4qfN096.js\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:07 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"2a8-aANQexLrHUlAHCEF2u6FKxJZnN8\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":680,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (679)","md5":"329b46df00ba81e577a706e48b1ea8b6","sha1":"6803507b12eb1d49401c2105daee852b12599cdf","sha256":"b83ccab6618c28370253e9678c6421f213cdf215b6cfad2058730d6cd2aeddff","sha512":"080bea66c63b2b2aa1116ad04256965e843c9488fc15cbb5d1191fd9a84d18afc2fe86a516b0711f79aa4d2ff78ce54650ab05151b2d9c12470cffaadb26f048","ssdeep":"","tlshash":"3601fe0f2c45b479167c18a8d3bbd81425ba590a258b44a5c6c389b52a2454a80cdb8d","first_seen":"2026-03-28T16:05:39.419123Z","last_seen":"2026-03-30T02:15:03.124178Z","times_seen":8,"resource_available":true,"data":null}},"time_used":42,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":42,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/HorizontalNavigationListItem-D4fpIAXB.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.095Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/HorizontalNavigationListItem-D4fpIAXB.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gallabet1066.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"343-sRyBSMLgqj+ei4SSmtIuNev1e7w\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":835,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (834)","md5":"6b6c589ea06049b9b4c2579de1d2aa6f","sha1":"b11c8148c2e0aa3f9e8b84929ad22e35ebf57bbc","sha256":"aaef91c5ebf80a33c429637fc110ff141a03743e4b1159164c89722e18ed32f3","sha512":"3c199fefc80ac38b2bb02e33cac5808290be539349510f1cd55844bbe3a15f4b84d32551a37b37631d73c17c99c07099629c8564435f007342b17c878b9d0a20","ssdeep":"","tlshash":"f901ce12f004dbbc9a2b48dc9b4e6045b2564affdf382ce1b4f4a0011a384467a47fce","first_seen":"2026-03-28T16:05:39.434356Z","last_seen":"2026-03-30T02:15:03.133318Z","times_seen":8,"resource_available":true,"data":null}},"time_used":42,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":42,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/fonts/default/RobotoBold.woff2?v=366","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:10.030Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /fonts/default/RobotoBold.woff2?v=366 HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/assets/index.B9_sFxRT.css\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:10 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 62032\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"f250-sdZeMF6FDN01JzT3hCzd/TDwjQs\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":62032,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 62032, version 1.0","md5":"5c3f2196f147bbbc3583de1008be7538","sha1":"b1d65e305e850cdd352734f7842cddfd30f08d0b","sha256":"c6213e789895a427306e62a03b1a96ac884f58957b4f14e27f8e4361e32bf382","sha512":"a0a556d7d670c7197f1daf9cc7d84b3872cbaa92f916bd092c3831d3936362ddde3e837e4330895a5d53f0783b761ded7d00d126a0a04feaea84d01d12e62f1d","ssdeep":"1536:+07i808sgDXsqfywKCgqTwnXO09CU+O2G48I5lkEGN2iBYF5cftfplD+2U:+epsGXZfeCgZXd9hAGtI56ZiF523+2U","tlshash":"2f53023e9427274226b1dcca96ece2ee16c278fb700119ddb41075ee9f32f814c83a56","first_seen":"2023-05-07T18:24:32Z","last_seen":"2026-06-08T13:19:39.297237Z","times_seen":2663,"resource_available":false,"data":null}},"time_used":80,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":58,"receive":22,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/___vite-browser-external_commonjs-proxy-C-V_74Qv.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:06.822Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/___vite-browser-external_commonjs-proxy-C-V_74Qv.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gallabet1066.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:06 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"b2-3ZEQmh6X0bibLFQlubxxE0mQ8/Q\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":178,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text","md5":"bcdd2299304276bd8102d55b18afba70","sha1":"dd91109a1e97d1b89b2c5425b9bc71134990f3f4","sha256":"47b3f6446d936b20a76a2f4db59aae540ee5f59c3becac560f5c86b7de445a8b","sha512":"ca7c4e86bf14573c3691da6d053e9c9235191c7f3dd49956f98c200128bb70c1afaf1fc7ce7dde54c658b8c63f8eb691d3ca37dfca2cbcc556cc0296d568d585","ssdeep":"","tlshash":"c5c080491a94dcb052471d8286159403d58c4d6d73f4f5e0fb088d71020558b62b8f57","first_seen":"2026-03-28T16:05:39.52126Z","last_seen":"2026-03-30T02:15:03.147521Z","times_seen":8,"resource_available":true,"data":null}},"time_used":39,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":39,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/pageBuilder/pageBuilderHeaderInfo.json?v=03/24/2026-16:50","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:07.318Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /pageBuilder/pageBuilderHeaderInfo.json?v=03/24/2026-16:50 HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/tr/\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:07 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\netag: W/\"11b-hSFLhM7PHcrTZvhH8p8Hnkf6T2s\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":283,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"a073ab68d03cc285a2ea057683b697bd","sha1":"85214b84cecf1dcad366f847f29f079e47fa4f6b","sha256":"22f8711fa180f3491a16949412c0f771411db6102c183564c592ae3bcc59dac9","sha512":"526285a76199b4a6719d986101a3ebc29b0ba3457af765836b38ce24ec8170528f62c647e3b7acc85f323b23634f3ee1dd05032de06798ec969cd0c7c4dbcc1b","ssdeep":"","tlshash":"26d02b3aac00ed7473d4d413d29067802040a409d744485c9cdd9f6fd3ed3851091b57","first_seen":"2026-03-07T12:53:25.048544Z","last_seen":"2026-06-03T04:20:31.915647Z","times_seen":56,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/__proxy-cms-api/api/public/v1/tur/partners/751/components/header_info/contents?use_webp=1\u0026platform=0\u0026country=TR","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.499Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /__proxy-cms-api/api/public/v1/tur/partners/751/components/header_info/contents?use_webp=1\u0026platform=0\u0026country=TR HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/tr/\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 402\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS\r\naccess-control-allow-headers: X-Requested-With,Content-Type,Origin,Accept,Accept-Encoding,Accept-Response\r\ncf-ray: 9e42ef72fb0cf546-AMS\r\ncontent-encoding: br\r\ncache-control: max-age=600\r\nvary: Accept-Encoding\r\ncf-cache-status: DYNAMIC\r\nset-cookie: __cf_bm=rGqCgMH1zQf8smYDHh19n7Qik43Nf4hVNIP842ONL.A-1774829888-1.0.1.1-Brk_RrSSVauDUnabMgnPTk5_Q8tY.GVJKhxgjFhEqQqI1P34MBb2Lg76w8G8q69U09TzewTj6HtCar6TKC4nnjVwmed1gu26QDXN7evW1ps; path=/; expires=Mon, 30-Mar-26 00:48:08 GMT; domain=.betcoapps.com; HttpOnly; Secure; SameSite=None\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":442,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"1c5c3ea8f071ec2d45e78f06d7ae0a1c","sha1":"76aa927573399d36ef42e75d4ebbc81b464c797f","sha256":"6f466ce02d1f46bfb9be5e381eca484f5d29422fb35cb082ff31d7d19611d7c2","sha512":"1d72e82774441806952fe78b509f419161ecaaf300c29db6c2b311e1cf9451663e77169ca7bb6b2f2175ecb619163e6a640c898c43433258c58d1de7a52cb920","ssdeep":"","tlshash":"54f0dc36972ec52067504290c08f383a185e028cde00ee6c999dc77044e8379a1220a9","first_seen":"2026-03-28T16:05:39.466456Z","last_seen":"2026-03-30T02:15:03.174922Z","times_seen":8,"resource_available":false,"data":null}},"time_used":55,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":54,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1063.com/storage/medias/galabet10/content_751_9d7a3472a72a545588ee02e8633f0a2c.webp","fqdn":"icons.galabet1063.com","domain":"galabet1063.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.968Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1063.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:15:23 GMT","end":"Sun, 24 May 2026 11:15:19 GMT"},"fingerprint":{"sha1":"C4:6E:C1:0C:2A:88:F4:C7:0A:FC:21:E6:85:92:C0:68:80:2C:FB:17","sha256":"91:A1:28:71:34:B4:38:04:7E:56:1B:F2:5E:81:57:F5:65:0C:43:12:65:B7:83:86:E2:32:BC:61:62:00:6E:8C"}}},"request":{"raw":"GET /storage/medias/galabet10/content_751_9d7a3472a72a545588ee02e8633f0a2c.webp HTTP/1.1\r\nHost: icons.galabet1063.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 30 Mar 2026 00:18:09 GMT\r\ncontent-type: image/webp\r\ncontent-length: 24730\r\nserver: cloudflare\r\nlast-modified: Mon, 15 Dec 2025 14:02:23 GMT\r\npriority: u=4,i=?0\r\netag: \"694014ef-609a\"\r\nexpires: Sat, 04 Apr 2026 16:12:10 GMT\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\naccept-ranges: bytes\r\nage: 115558\r\ncf-cache-status: HIT\r\nset-cookie: __cf_bm=YNUZDIxOA2fF9MNwjVecxJL3jIQ2oz_K8gKv_tgVcXM-1774829889.0857563-1.0.1.1-hpc_zuLetcN3YzogGkCTMLCMy4kKdqnY9Co1Q14zHR_qRwznUJ.XxIRPRzAmY45sLEt.qEjPYHs0Hg7KlhQUs1ADFBFJX.F3qRR4fhv29o1Q2AlpQPqO4Fxy5sQLdmN7; HttpOnly; Secure; Path=/; Domain=galabet1063.com; Expires=Mon, 30 Mar 2026 00:48:09 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5iK89c%2FWLot48HGZzAZNwsehwXFoBD3c9aJbhqiyeMkebC3mFWR77kJx2YpFFfCFGZVfO81i6cMvgDj%2F4goX6mUlfcKyGMb4Xo9dGi5oYfMgdcXx%2BwVIyVo2qQKcQTXSNFH%2BjdstqBg%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e42ef76ca3e5687-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":24730,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"1a684d3e1bc93c1bd3a25d9983b83c43","sha1":"716d0144a9feb5a701d5eb48133f155c97a47946","sha256":"8b8e3b62b691c235c3aa5aa0ca6bd0eaea4a188271006aa9b8fdff49c9a06f94","sha512":"b66cfd7a78af400a5375c747bd08f6d230798eca3fb7fb7e623a10694901475ffacc21eb5c6edadbecb1234bb751d2c62f06eadc0192731abcb5422d13d18980","ssdeep":"384:pFhktnLa9HrvO+y3t9oDMTjRsENmQFyUzDm8kNRfxv/xvr5c8JPH+UlX:etLaZ/sPj3NmQ7ToRfx3lr5c8JPH+WX","tlshash":"f1b2f1045efc293755f843d01dfcee680e5441af12980c20814e77f9faa9a3ba81ea5a","first_seen":"2025-12-24T22:39:16.21561Z","last_seen":"2026-06-03T04:20:31.835501Z","times_seen":63,"resource_available":false,"data":null}},"time_used":139,"timings":{"blocked":115,"dns":0,"connect":0,"send":0,"wait":20,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.segment.com/v1/projects/lilPWXhBdHIJK2XkMZqV7SFa8UZQZd0D/settings","fqdn":"cdn.segment.com","domain":"segment.com","tld":"com"},"ip":{"addr":"3.167.6.134","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:11.478Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segment.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 16 Sep 2025 00:00:00 GMT","end":"Thu, 15 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"90:3F:7C:B8:04:2E:CD:A4:E1:F1:8C:5D:DB:17:18:85:E6:C0:E9:98","sha256":"18:9C:5C:43:17:4C:C1:EA:72:5A:8E:DD:37:64:4C:DF:83:99:F4:51:8E:85:20:61:7F:A0:40:01:DC:6F:65:43"}}},"request":{"raw":"GET /v1/projects/lilPWXhBdHIJK2XkMZqV7SFa8UZQZd0D/settings HTTP/1.1\r\nHost: cdn.segment.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gallabet1066.com/\r\nOrigin: https://gallabet1066.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 740\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, HEAD\r\naccess-control-max-age: 3000\r\nx-amz-replication-status: COMPLETED\r\nlast-modified: Wed, 11 Mar 2026 12:57:50 GMT\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: yfbKbHax_b7IMEA1WXjd47PBRdK3ZaCC\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\ndate: Mon, 30 Mar 2026 00:17:31 GMT\r\ncache-control: public, max-age=120\r\netag: \"183e77df6417b705a7c0881bc6eed4ce\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 50a19afbefe1a01ca6a87078a2b119c2.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: R-20a1rFI0BBEkz0-5ct5ga7PPcvtte_tH2FdCZqaFvjLw32BkMKhA==\r\nage: 41\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":740,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"183e77df6417b705a7c0881bc6eed4ce","sha1":"d3ddf81f8b2d425f75fbb248ae561cd60032c28a","sha256":"caf3577f1a9c90c6793784c2e72dde2cac1cb1ae6e454cd01af808ae90b1bbbd","sha512":"b082c0c9f92685517414ab95bd281be3dfd20a6e2e2ddfb48950906dc417c08d2b3321cc5b1029f1973aff44e4bfb87686739ce16860a640f8e0a3dd104382d7","ssdeep":"","tlshash":"eb01c0cc3410b1b78d4ecb23c9193d037ef58879188a653454be5b4c00ba9ad039ada7","first_seen":"2026-03-21T17:26:39.639761Z","last_seen":"2026-04-11T18:43:32.371083Z","times_seen":21,"resource_available":false,"data":null}},"time_used":51,"timings":{"blocked":12,"dns":1,"connect":1,"send":0,"wait":25,"receive":1,"ssl":7},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/__statistics-proxy/images/e/s/4/8217.png","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:14.310Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /__statistics-proxy/images/e/s/4/8217.png HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/tr/\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D; _ga_2CT6DSEQTF=GS2.1.s1774829891$o1$g1$t1774829891$j60$l0$h0; _ga=GA1.1.1980892810.1774829891; ajs_anonymous_id=8a3528ef-ecae-4d6a-918e-6b61b4f3e7d5\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:20 GMT\r\ncontent-type: image/png\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":984,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced","md5":"0b9510547ab6dcd8875eea2b4b4adfb5","sha1":"0ac9a304567b528e3c67308062a3d050d9f38239","sha256":"d9640c543df2c985e0b094ef7ac0504330f303343c7ea435fd6a1d334ef34e5c","sha512":"3cce9cd6a8d194baf358b591ca67ba351fbf2b72e4358d59b5ad4c759aa1cb4aca67051cb614ecf0fe9f3d8c0fb141b13bf6d3557a576db4babcc30701d05715","ssdeep":"","tlshash":"3111c8e14d8cc595dc5e28733e21ec20d12b328e74c1640a257952945cc5d90a991fd0","first_seen":"2024-08-20T06:40:29.305422Z","last_seen":"2026-05-15T13:39:51.764923Z","times_seen":27,"resource_available":false,"data":null}},"time_used":6589,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6589,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/pageBuilder/pageBuilderCssConfig.json?v=1774830000000","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:05.603Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /pageBuilder/pageBuilderCssConfig.json?v=1774830000000 HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:06 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: MISS\r\naccess-control-allow-origin: *\r\netag: W/\"115-/4ZOdO5b3KpOnXEwZOyebX8afDM\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":277,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"b840efc6276e4fd17616273698453549","sha1":"ff864e74ee5bdcaa4e9d713064ec9e6d7f1a7c33","sha256":"01976b4e4832d5fbf632314e6b12424691dce201138109710061a398178dad89","sha512":"35bb7dc6b4e44da9f15700eeebe04d122ddfdf41af0834f0329169c0fd98d3a9de79ca9c879d92f1727985ca07ad519870af961ba75a865a898cdc2d5035fd6c","ssdeep":"","tlshash":"c0d02b119679cf52235a51b2028becc1641bf207118086896485e2bd70c96581993f24","first_seen":"2025-12-24T22:39:16.255341Z","last_seen":"2026-04-04T19:51:35.016652Z","times_seen":24,"resource_available":false,"data":null}},"time_used":634,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":634,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69967ba6a3b/css/min-widget.css","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"172.66.161.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:06.971Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 06 Mar 2026 09:33:33 GMT","end":"Thu, 04 Jun 2026 10:33:27 GMT"},"fingerprint":{"sha1":"F0:6C:DC:32:63:CD:34:E3:15:CD:7F:77:F5:A3:64:E0:9B:36:95:83","sha256":"B6:7F:6E:A3:69:3E:0D:3B:04:3E:8B:65:86:7E:1D:5F:82:84:18:16:8D:AD:72:D5:51:E3:46:BC:BD:CD:BC:38"}}},"request":{"raw":"GET /_s/v4/app/69967ba6a3b/css/min-widget.css HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 30 Mar 2026 00:18:06 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 19 Feb 2026 02:56:34 GMT\r\netag: W/\"af9830eef563b4df395870a483ce549c\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\nage: 402864\r\nvary: accept-encoding\r\ncf-cache-status: HIT\r\npriority: u=2,i=?0\r\nx-content-type-options: nosniff\r\ncf-ray: 9e42ef6988138be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":36092,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (36049)","md5":"af9830eef563b4df395870a483ce549c","sha1":"2c678a245c7b8984569447c9bbfe182583ef7e56","sha256":"5d919993a3fe6ec4c27ec6696b643900c02b95584a4a21a518eb8809edf12531","sha512":"16416617f0c79b40d196c1a7df699f1e01a130e3df75a4f437b4adfc04fa666ac7987d080bbfe759b849bd81860e6bab5b2af02356a8814f0dd1fa9a64b726d4","ssdeep":"384:uTTacuVZNgxYe4fbgL3w23U3xi7vxEbXR+ziLwH0Lg26/tFTiBB6TX3DYC8:yeyna+ziLwH0Lg261F2BBCX3DZ8","tlshash":"47f2bef1f4b700c8b363c122c3d5f67c6459b770ca86ce92f427666c49e16a63581abc","first_seen":"2025-05-21T12:18:34.219676Z","last_seen":"2026-06-08T19:38:41.258102Z","times_seen":43651,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1063.com/svg/VideoBingo.json","fqdn":"icons.galabet1063.com","domain":"galabet1063.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:07.364Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1063.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:15:23 GMT","end":"Sun, 24 May 2026 11:15:19 GMT"},"fingerprint":{"sha1":"C4:6E:C1:0C:2A:88:F4:C7:0A:FC:21:E6:85:92:C0:68:80:2C:FB:17","sha256":"91:A1:28:71:34:B4:38:04:7E:56:1B:F2:5E:81:57:F5:65:0C:43:12:65:B7:83:86:E2:32:BC:61:62:00:6E:8C"}}},"request":{"raw":"GET /svg/VideoBingo.json HTTP/1.1\r\nHost: icons.galabet1063.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://gallabet1066.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 30 Mar 2026 00:18:07 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nlast-modified: Mon, 30 Jun 2025 11:12:41 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=bkhWI6b1pdcxz7RiB8d8GXIQueFYW4FHN.F6t11D54g-1774829887.3761232-1.0.1.1-ssjzE7DKybX0e1Bxn1fPjkcjHseioc2WTLpXbEEUheb8AM2O_oG11atnc8Vgww2mGmxa1_OjVYGwY6rd1GY8Y64yMLKDsEZBYLJaYgmQbwVErD4wSfjlqeAMZKyUPxO9; HttpOnly; Secure; Path=/; Domain=galabet1063.com; Expires=Mon, 30 Mar 2026 00:48:07 GMT\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vodokaJaOYoAQMl5QZJ4Q8RkVW9EMvxsjeQKSIje4NMRh4cG8YvrwjYTw0L0FHC01KgScDUFLErdCc%2BASrD3GLQYEwqzAG%2B4OFXko24MSUPylSm6cXAhBenQz7%2Fhw7VNoP1ZDXBaRAk%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\netag: W/\"68627129-7c7\"\r\ncontent-encoding: br\r\ncf-ray: 9e42ef6c1b5fb509-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1991,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"cbae8aa582bac1aa011b5159e475a38f","sha1":"0d140fc00b303fd23250218e03c28ccf986a39c7","sha256":"dcd44096973914fc9f8fdeb79a3dc5379403c3d1411854e634ab7fe444578271","sha512":"05e2c75c337a1fad9f895fa0b1635725d1681e774084ed34084444508df8dc8501c01644b19ab4f9a948c1e5b6621fd67df4fec41eaaeaf187d1a9e90c58244b","ssdeep":"","tlshash":"e24133d5e7b0a6ac2ccca59d6f2148d7350ae0bf6db36a5ce22edc580b53e1c0611c99","first_seen":"2025-09-19T18:19:26.310809Z","last_seen":"2026-06-08T11:36:24.299552Z","times_seen":76,"resource_available":false,"data":null}},"time_used":97,"timings":{"blocked":10,"dns":0,"connect":0,"send":0,"wait":87,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/FastTrackTracking-sSvnyG2s.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:07.610Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/FastTrackTracking-sSvnyG2s.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gallabet1066.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:07 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"52a-bKkI8Ery79ZT24i+dLBWxElm5co\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":1322,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (1321)","md5":"e9270e8ad7d9ea7366da998ab93ec1dd","sha1":"6ca908f04af2efd653db88be74b056c44966e5ca","sha256":"e4b2bc99d3a76fd43d49399a1eb7aa909ba62d7092203f95c0ca06444107205b","sha512":"7eac93d0925219e4b626f1dab4918692c02c76d318b327572473ca8c11b7bbedba9179b68e71f8593fa316fe179555e690c896e11a27cccd2a35794f2d0c5011","ssdeep":"","tlshash":"3921534e50d543a478804e8da3d7a261a57e5971711ec4e1f0770bbd2e0ca6983dac97","first_seen":"2026-03-28T16:05:39.606783Z","last_seen":"2026-03-30T02:15:03.265615Z","times_seen":8,"resource_available":true,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/userJWE-CvawXlgF.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:07.626Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/userJWE-CvawXlgF.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gallabet1066.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:07 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"c1-rbQRPC/rvvmzqaqXML1fxZbueQg\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":193,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text","md5":"7a4eecb04a9e0fc7776ee56f4a05d7cc","sha1":"adb4113c2febbef9b3a9aa9730bd5fc596ee7908","sha256":"cd3736d732f8431de955d36348ab83aa520e212b54b62c7feb1471a9cb00e95d","sha512":"1555ae9fe9e71a92ead50dcdeabacc62d763744cddae2b2260db151c6c16ca8d1f5b1c3133be8c9ca72c784b22f67b4d03c2e42f4ab52e1423a1f797fdcd2a1f","ssdeep":"","tlshash":"3ec0c0db0cc411f7c5582c40100adc1392303d1463d9d341af1883fa7e5100ff20cb20","first_seen":"2026-03-28T16:05:39.46777Z","last_seen":"2026-03-30T02:15:03.141885Z","times_seen":8,"resource_available":true,"data":null}},"time_used":44,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":44,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/useOpenLiveChat-ouw1dXXi.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:07.717Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/useOpenLiveChat-ouw1dXXi.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gallabet1066.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:07 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"247-mdNPj0OZrRw2WcUgjZVT60W0FiM\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":583,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (582)","md5":"5ed14b0ee49217c54464d186f0ee1dcd","sha1":"99d34f8f4399ad1c3659c5208d9553eb45b41623","sha256":"4946c8527ecfafc0f5fb9252c65cbc03495e63453e4d83d763d0519727253ef9","sha512":"c99c121d3adf186d95e8a1bd515548c3f5b65a33b34be9203f3bd377e2ce3a756490597a98781cfc9096813ac19f25c3e768a7701367e7752e188cf43a606647","ssdeep":"","tlshash":"bef0e1db42948e7cc1c0cfc1515fe5f46b381aa4700dd841b83f2cd95824c0443bada7","first_seen":"2026-03-28T16:05:39.420314Z","last_seen":"2026-03-30T02:15:03.163796Z","times_seen":8,"resource_available":true,"data":null}},"time_used":46,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":46,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/LiveChatInc-BKOBRr3D.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:07.847Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/LiveChatInc-BKOBRr3D.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/assets/index-B4qfN096.js\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:07 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"b68-mHawEjW/j0drh3nSIpQtc+ENbfA\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":2920,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (2919)","md5":"b756d4d1f92e579f1317bf579d849632","sha1":"9876b01235bf8f476b8779d222942d73e10d6df0","sha256":"2509fd9b431b75989acc83f49124dddde3690706feb30f2d747f446832919e1b","sha512":"9ab55631d639d1e6304b524665aa04838e15174e3accb35d92a4273327cfc92e158e97c3e0562338280fa52de60b3cc69c64616caec229e811057bf695bf7387","ssdeep":"","tlshash":"b25133eec43cb4b092ae67d1323f7b5f711a571a94008d31656c4b1af62e4cbc463aca","first_seen":"2026-03-28T16:05:39.498935Z","last_seen":"2026-03-30T02:15:03.209908Z","times_seen":8,"resource_available":true,"data":null}},"time_used":45,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":45,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1063.com/storage/medias/galabet10/content_751_3f96ba40c0c8a9eba21d312f9bf76bfb.webp","fqdn":"icons.galabet1063.com","domain":"galabet1063.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.287Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1063.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:15:23 GMT","end":"Sun, 24 May 2026 11:15:19 GMT"},"fingerprint":{"sha1":"C4:6E:C1:0C:2A:88:F4:C7:0A:FC:21:E6:85:92:C0:68:80:2C:FB:17","sha256":"91:A1:28:71:34:B4:38:04:7E:56:1B:F2:5E:81:57:F5:65:0C:43:12:65:B7:83:86:E2:32:BC:61:62:00:6E:8C"}}},"request":{"raw":"GET /storage/medias/galabet10/content_751_3f96ba40c0c8a9eba21d312f9bf76bfb.webp HTTP/1.1\r\nHost: icons.galabet1063.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: image/webp\r\ncontent-length: 198084\r\nserver: cloudflare\r\nlast-modified: Wed, 04 Mar 2026 11:25:33 GMT\r\npriority: u=4,i=?0\r\netag: \"69a816ad-305c4\"\r\nexpires: Mon, 06 Apr 2026 00:16:46 GMT\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\naccept-ranges: bytes\r\nage: 82\r\ncf-cache-status: HIT\r\nset-cookie: __cf_bm=uRI03m4eYxWsvHxoJtDraI7lIZ10IGrkkpm5VPBFhBs-1774829888.287143-1.0.1.1-AHcio3EO86mQC3vmW9SU7ngBCpiIvvlWL7c5g3fEzyzOMla3zemF5zIKEKZZGltBAHSbFs_0qzZwpBkcPDElXZjL4XujLCKytaP80gnprjlRrXZpi_EyBFtv9GUx3YaR; HttpOnly; Secure; Path=/; Domain=galabet1063.com; Expires=Mon, 30 Mar 2026 00:48:08 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ULM9C0JcX0cPmiDQKg%2B95nRRy0bS38H5wtWg%2FL9fLSEDAXnfPgOaoIevQjggV6e5vfsaeE%2BKqBuqM8gM3FGoZ9pmLv0enj661FbYI2rpKNLi8ZEOXUFRViJsbWxsv54E1RF5EIyASsw%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e42ef71c83d5687-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":198084,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 2600x662, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"534226ba130483daee968d59d4a0cab2","sha1":"98e56035c07c10c0a16d2f0f807f9be449f37411","sha256":"a595a85601ecadaefebd666ed59c0dc32e3ecfa62d58d29062a14d3005dc118d","sha512":"e1be1e5ec69e241db8b6cccf940bd534490d308720f9bb603da9dc7a5460f8ad36a1788293ace6601f1b770be1b9aeca3d450bdbd3c948ea3828c65e8ba73946","ssdeep":"3072:1zvqXom3kjjTCO63n72UbIzrWHQAYbab05u6Dbv9pVed1tZpYEglW7kb:1zvZPC3atnQQ97NDL9XYYLVb","tlshash":"fb142366e2a013f25e7137393e18d3f3951aa77dfc23b748184152f0a61b1e6b691cb8","first_seen":"2026-03-28T16:05:39.425768Z","last_seen":"2026-03-30T02:15:03.126323Z","times_seen":8,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1063.com/storage/medias/galabet10/content_751_c2798e3c84b9cdb7f38468addd0d2cf3.webp","fqdn":"icons.galabet1063.com","domain":"galabet1063.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.503Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1063.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:15:23 GMT","end":"Sun, 24 May 2026 11:15:19 GMT"},"fingerprint":{"sha1":"C4:6E:C1:0C:2A:88:F4:C7:0A:FC:21:E6:85:92:C0:68:80:2C:FB:17","sha256":"91:A1:28:71:34:B4:38:04:7E:56:1B:F2:5E:81:57:F5:65:0C:43:12:65:B7:83:86:E2:32:BC:61:62:00:6E:8C"}}},"request":{"raw":"GET /storage/medias/galabet10/content_751_c2798e3c84b9cdb7f38468addd0d2cf3.webp HTTP/1.1\r\nHost: icons.galabet1063.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: image/webp\r\ncontent-length: 41468\r\nserver: cloudflare\r\nlast-modified: Tue, 30 Sep 2025 10:15:35 GMT\r\npriority: u=4,i=?0\r\netag: \"68dbadc7-a1fc\"\r\nexpires: Mon, 06 Apr 2026 00:16:46 GMT\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\naccept-ranges: bytes\r\nage: 82\r\ncf-cache-status: HIT\r\nset-cookie: __cf_bm=qhGnxfj0iCCsMb_kd52bpMal_IAGYre5mtTTP8aAs3c-1774829888.4698734-1.0.1.1-vtfzT8WtcKIxCXn3wZ1ZaqAyw7.x9gvIrXe2y0UAdeEiidB4ka6F4HLzKbYwoP4kX87y8320dGBMcFTxyxTu.d7K1iqX8jPi8VCMu5d5vJV_3Sc.E.MTv7LKR.29IrHd; HttpOnly; Secure; Path=/; Domain=galabet1063.com; Expires=Mon, 30 Mar 2026 00:48:08 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mUu8ziCjPGOuYFqj2w0p9ZpzzZrss%2Fgglexo9wkMgdEJEbkbC6bz%2BeB4n77T4WkaYz6Ht%2Fy7o0en93hakq2RJh30Cg%2Fao7SjmKVOPC6O07g71qbff9fQn6ptvo3OXH0HBB2YR1c8BUk%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e42ef72e8935687-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":41468,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1600x160, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"73cc0bbb436e26b9b598c9e48ec14826","sha1":"9fa3cc5ab9ac1a70c8c28e384ce695bd2904fada","sha256":"fa1c9533908deb22f89990a240a1c0ac2aa61a5a33e8faffc1dc0475e33c639e","sha512":"195f91ab33d65511b31e95308c95b79a5c097f78a0bbe4a99e081a5704085fe8fcc601ae0d0adcb0a439b0a9bc326f597d62e31c26eb359a610f474a41aaf2f8","ssdeep":"768:EeFn2FhdX/7CJjYdDHjp/VvUlF9791MUC2Fon7y+sHuwQn2iCP2TqbyTu:i/ajqTv8lF95+fTou7CEWF","tlshash":"5013011dde495ba80772339c878fee86d0924aaede24852b18ff112997047ec43af594","first_seen":"2026-02-24T14:23:51.089025Z","last_seen":"2026-06-06T23:43:56.054142Z","times_seen":53,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/DisabledMarketEvent-PQcjEpks.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.515Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/DisabledMarketEvent-PQcjEpks.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/assets/FeaturedGames-DfIwIlXg.js\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"a9d-zzKVtecGiFVZtGyjA1kTtjJEAnE\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":2717,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (2716)","md5":"b245926e1ff60383c327a303aea22c89","sha1":"cf3295b5e706885559b46ca3035913b632440271","sha256":"238373733a1f30665cef616522170ef379b7211d953a8ea2a3a4e498729de4c1","sha512":"9c418152bc8d65bd49c3edd01dd4083d260d591c8bc653f61417ac683256f509abac0ab31262eff233e8b97cce1235a5bb61e8d309daa67efa879f5cecdb5699","ssdeep":"","tlshash":"e451736db290fa3c993604dcd27f1f1b701916a1da660592e0be4d38154c09e35aefea","first_seen":"2026-03-28T16:05:39.552659Z","last_seen":"2026-03-30T02:15:03.141193Z","times_seen":8,"resource_available":true,"data":null}},"time_used":31,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":31,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/index-BPfjku9q.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.771Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/index-BPfjku9q.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/assets/index-B4qfN096.js\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"b6b-kncpGZZTmgFvJf6LY3WBYRCk3m8\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2923,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (2922)","md5":"398568143e29b91d01a39cb130b59bf4","sha1":"9277291996539a016f25fe8b6375816110a4de6f","sha256":"1ebb7de2c487c9cac381d172e2f976282ffee405357432cb4d33c82ced2c3a86","sha512":"a233095558707aac2418e3d7b692523b8bb9af5e7c480c1f0c72d425bf41abcc9a8b676af86cb605977e92ff9a00cd0c28c6755d0de0d9a1928a5266c13c2125","ssdeep":"","tlshash":"d55151c7a042e7f4bfe708e6429b10b074374d5cfe1b44a092be58964958752e35bf4d","first_seen":"2026-03-28T16:05:39.532641Z","last_seen":"2026-03-30T02:15:03.14624Z","times_seen":8,"resource_available":true,"data":null}},"time_used":32,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":32,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/td?id=GTM-WL4QZ2GQ\u0026v=3\u0026t=t\u0026pid=2010539405\u0026gtm=45He63p1v9206923954za200zd9206923954\u0026seq=1\u0026exp=0~115938465~115938469~116991817~117384405~117484252\u0026dl=gallabet1066.com%2Ftr%2F\u0026tdp=GTM-WL4QZ2GQ;206923954;0;0;0\u0026frm=0\u0026bt=0\u0026ct=3\u0026jsp=1\u0026z=0","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.251.143.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:11.197Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 09 Mar 2026 08:36:15 GMT","end":"Mon, 01 Jun 2026 08:36:14 GMT"},"fingerprint":{"sha1":"58:CB:88:A1:C4:55:4E:E5:46:DC:A0:9C:B3:54:25:79:20:1E:E8:09","sha256":"0B:B5:96:A2:57:57:EC:BA:63:14:8A:AF:4C:C2:32:63:18:8B:75:80:8F:78:1D:1F:5B:00:B7:B3:7E:C9:B7:18"}}},"request":{"raw":"GET /td?id=GTM-WL4QZ2GQ\u0026v=3\u0026t=t\u0026pid=2010539405\u0026gtm=45He63p1v9206923954za200zd9206923954\u0026seq=1\u0026exp=0~115938465~115938469~116991817~117384405~117484252\u0026dl=gallabet1066.com%2Ftr%2F\u0026tdp=GTM-WL4QZ2GQ;206923954;0;0;0\u0026frm=0\u0026bt=0\u0026ct=3\u0026jsp=1\u0026z=0 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 204 No Content\r\ndate: Mon, 30 Mar 2026 00:18:11 GMT\r\npragma: no-cache\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\ncache-control: no-cache, no-store, must-revalidate\r\ncontent-type: text/plain\r\ncross-origin-resource-policy: cross-origin\r\ncontent-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgtc:46:0\r\ncross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsgtc:46:0\r\nreport-to: {\"group\":\"ascnsrsgtc:46:0\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgtc:46:0\"}],}\r\nserver: Golfe2\r\ncontent-length: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T19:34:27.179619Z","times_seen":16247994,"resource_available":true,"data":null}},"time_used":18,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":18,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/WagmiConf-B3PbL1Lw.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:06.816Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/WagmiConf-B3PbL1Lw.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gallabet1066.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:06 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"18a72-ACSPkA2lfvWJkHCVTUjvyICqh+w\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":100978,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (48214)","md5":"2a80458f958682aaf13b3101ac1521ca","sha1":"00248f900da57ef5899070954d48efc880aa87ec","sha256":"eb45d373608b9d08974cbf6d1056e66864cbd70882223b92dfec7bc972b58e0d","sha512":"0e07286342d917656ce8febc219f324b9161cb99c0a203d6f3c1ab17f419b876cb03745cc42803f43bb10a0a68b665c986231cc266b7c6777757d1c5b9aace37","ssdeep":"1536:h2Caz/SCdwD7ZajZlO7jMMDWOx6uxG7k8UhVxSuS7XUF3waGBfGYBgEytq2bPGAV:YCaSlx5xG7NU+WEy1bPJv1K/XGd","tlshash":"fba34ad07196b46103a74ae008bf440bf239ac34200e565cf269ecde79b96e99277f7d","first_seen":"2026-03-28T16:05:39.390509Z","last_seen":"2026-03-30T02:15:03.158668Z","times_seen":8,"resource_available":true,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/index-DNnDxRHk.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:06.948Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/index-DNnDxRHk.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/assets/WagmiConf-B3PbL1Lw.js\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:06 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"35fd8-kIKr0gSwKViFyq3q0SVk32sWDfM\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":221144,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (37523)","md5":"36ac1b2ed92a19d8c1c2d0229d27d42f","sha1":"9082abd204b0295885caadead12564df6b160df3","sha256":"8a37d1f12dd355f610202541aa0339600aef47c849708387f23f4082d54cf345","sha512":"5ee404802d19854b1131a6b7748908176321997ec472619560be9c1e9ebc12a93ed2a7e90d547b26a221fca5552e91c47abdbe5dfd0c6e4a21e1dff828266db3","ssdeep":"6144:MfeL9y0h4R78o8e4YfIALoh6wj9Sd51jjVvFazIRcDGRD6On:MmJy0h4R78o8e4YQ/j9e5xazIFROQ","tlshash":"f3240ac4b274b0b556e59494502b1201f1347c56b00d80e8b6bd9dff7faa88d92eef3a","first_seen":"2026-03-28T16:05:39.497603Z","last_seen":"2026-03-30T02:15:03.214085Z","times_seen":8,"resource_available":true,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/___vite-browser-external_commonjs-proxy-C-V_74Qv.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:06.949Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/___vite-browser-external_commonjs-proxy-C-V_74Qv.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/assets/WagmiConf-B3PbL1Lw.js\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:06 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"b2-3ZEQmh6X0bibLFQlubxxE0mQ8/Q\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":178,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text","md5":"bcdd2299304276bd8102d55b18afba70","sha1":"dd91109a1e97d1b89b2c5425b9bc71134990f3f4","sha256":"47b3f6446d936b20a76a2f4db59aae540ee5f59c3becac560f5c86b7de445a8b","sha512":"ca7c4e86bf14573c3691da6d053e9c9235191c7f3dd49956f98c200128bb70c1afaf1fc7ce7dde54c658b8c63f8eb691d3ca37dfca2cbcc556cc0296d568d585","ssdeep":"","tlshash":"c5c080491a94dcb052471d8286159403d58c4d6d73f4f5e0fb088d71020558b62b8f57","first_seen":"2026-03-28T16:05:39.52126Z","last_seen":"2026-03-30T02:15:03.147521Z","times_seen":8,"resource_available":true,"data":null}},"time_used":36,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":36,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/GoogleAnalyticsTracking-XfS-t3v-.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:07.684Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/GoogleAnalyticsTracking-XfS-t3v-.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gallabet1066.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:07 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"3588-mo66QpwFUMNkl/O+ZfXUO/GYR5Q\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":13704,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (10208)","md5":"6778172e064a8f5e326ca0e9470a5158","sha1":"9a8eba429c0550c36497f3be65f5d43bf1984794","sha256":"1f1614773c7d90ad19e37324462180bd8efe2952be950c3f5d62ca68c9067e39","sha512":"8db856e9fff27df937c2d60cd22d95f3cb98ad2fa89976c297ffdce075647b52c06d32d98273ee35ee63033387343d06acce4a069972974827eefdc2e44cab25","ssdeep":"192:HWYceR0SE+m/CTb3bHXCT76hoxGE0VK7D6L7kBNrnPWh52Lz2PM7mBE:2YcoE/CzCIEP3Byy2PdBE","tlshash":"3852b55c32adb0b682df6054487f720bf1755910a458f480a265edf46ef8caf02abf36","first_seen":"2026-03-28T16:05:39.414374Z","last_seen":"2026-03-30T02:15:03.148843Z","times_seen":8,"resource_available":true,"data":null}},"time_used":45,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":45,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/DepositCountTracking-BPbMtZMQ.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:07.713Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/DepositCountTracking-BPbMtZMQ.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gallabet1066.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:07 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"285-MLPq6THnKJanTseRWfOFZ69fqL0\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":645,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (644)","md5":"4f72be59fee316e116a7779e14bedef0","sha1":"30b3eae931e72896a74ec79159f38567af5fa8bd","sha256":"94c6db9a68566789952d6cf2d49611c60e2d357b6cd92631d910a4c02c1c0630","sha512":"6800e85fd482a755881dca2d86fe733dbc0f3ce9dd994c50ab54c3670284bd1090e1a2748bb6bf314ff4bf1f952d9bb3efb6b10acd681231b83a20b28b562769","ssdeep":"","tlshash":"c4f0029728b8d2f589493a8072c7a8f373f1791cb907c4c785bd4d56020d406e5cce2b","first_seen":"2026-03-28T16:05:39.535611Z","last_seen":"2026-03-30T02:15:03.186913Z","times_seen":8,"resource_available":true,"data":null}},"time_used":46,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":46,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/DataspotTracking-C_baP2Ds.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.058Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/DataspotTracking-C_baP2Ds.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/assets/index-B4qfN096.js\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"1fe6-OUlbe7X1+bfv8XMEyCr073G7Xjk\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":8166,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (8165)","md5":"75a1c183e0f0a28fd5c2cb66023a8eb2","sha1":"39495b7bb5f5f9b7eff17304c82af4ef71bb5e39","sha256":"b41c2e5c60e2c45827134e035c32cdc98b14af5a4d50251dc7e16d0cc811b739","sha512":"81cec4eeb68b02640a94e2d002400ed517caf7f83efbf755f6aaaad0b539a2f683aed0c1285a490307991192b1db274b7382f4cec1c8923291244e2c6eccc358","ssdeep":"192:0DwuqOQcaXEibcCOi1Kb0cHHnBxCHynNvuvXvqvxuhqVeDt8V7uS:ARqOQcaXEinAxCHyn5Q/0gh8k8xuS","tlshash":"8cf10655641e68bc7033c6ad0d5721a244387051e2329de076aacf6a9e3d9c28ff77cb","first_seen":"2026-03-28T16:05:39.491245Z","last_seen":"2026-03-30T02:15:03.149918Z","times_seen":8,"resource_available":true,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/jackpot-jNbP6Duk.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.483Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/jackpot-jNbP6Duk.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/assets/JackpotPoolsWidgetContainer-B5MGOsjJ.js\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"178-HTAHDn0O0IONuuIsgcQUMPs9DUU\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":376,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (375)","md5":"c4e89512f1192d8bdeb452c2cce992bc","sha1":"1d30070e7d0ed0838dbae22c81c41430fb3d0d45","sha256":"4a7f2a8747580d38cb522b361b5cc73a8ebcdb6690f3f8d92d7dded5be8a36fd","sha512":"b548c62816c00d3df156b43a8e608d5d7de55931f121ecfda4e7296e5cd65208ffaf60871ba3b035cd43b5e2aae82b0965329a8c9b5a0821de5a23fbdbc12626","ssdeep":"","tlshash":"00e068eed8c08dfb967007552bb018840e2416ca101ec9e4be2672611800b8828f8239","first_seen":"2026-02-24T14:23:51.255604Z","last_seen":"2026-06-07T06:35:51.65736Z","times_seen":99,"resource_available":true,"data":null}},"time_used":36,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":36,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/CasinoJackpotPools-CM3pNZyw.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.490Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/CasinoJackpotPools-CM3pNZyw.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/assets/JackpotPoolsWidgetContainer-B5MGOsjJ.js\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"371-oxzlyBSKGaVyggS0QS467i1Ygvw\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":881,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (880)","md5":"b8be1bcea05cdd8b8f974b23d61fc755","sha1":"a31ce5c8148a19a5728204b4412e3aee2d5882fc","sha256":"992e4328c4dd3f32373bd921d575e92f793590a3d9e16d532ed5f4cd92b97f4c","sha512":"13566cb8c8d9623cc0bc14b7d32fe3b60da33b7acf45688af2e0ff9a32c1f20bf8cfd4ed506d76a94d1c8cfdd53716e4864f449813e3a5bcdcd77a09e3f5564e","ssdeep":"","tlshash":"ab11c08bb02af3f4d88c5ce140a5555b073e2f65f72181c4986c57785b2685af5a87c2","first_seen":"2026-03-28T16:05:39.481039Z","last_seen":"2026-03-30T02:15:03.191923Z","times_seen":8,"resource_available":true,"data":null}},"time_used":35,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":35,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69967ba6a3b/js/twk-main.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"172.66.161.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:05.612Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 06 Mar 2026 09:33:33 GMT","end":"Thu, 04 Jun 2026 10:33:27 GMT"},"fingerprint":{"sha1":"F0:6C:DC:32:63:CD:34:E3:15:CD:7F:77:F5:A3:64:E0:9B:36:95:83","sha256":"B6:7F:6E:A3:69:3E:0D:3B:04:3E:8B:65:86:7E:1D:5F:82:84:18:16:8D:AD:72:D5:51:E3:46:BC:BD:CD:BC:38"}}},"request":{"raw":"GET /_s/v4/app/69967ba6a3b/js/twk-main.js HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://gallabet1066.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 30 Mar 2026 00:18:05 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Thu, 19 Feb 2026 02:56:35 GMT\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\nage: 82\r\nx-content-type-options: nosniff\r\ncf-cache-status: HIT\r\netag: W/\"da5bb1dc647470204df0e49f5afac2de\"\r\ncontent-encoding: br\r\ncf-ray: 9e42ef6119653181-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":121,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with no line terminators","md5":"da5bb1dc647470204df0e49f5afac2de","sha1":"f5cbf596ca5e4fe208e4c55af6e45b71f9febbe8","sha256":"705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c","sha512":"d9c0eda8c93df421f8147960ff4b00f8eacd8791b8386b020f04d0478c6b7a4328767a82b52b8cfbb7c3a44cb55cec488c2d1008670bee709d67d8bdbd887c39","ssdeep":"","tlshash":"d4b09b6c1057f86955e8064ed3b7f65d1d961050811104301658a1753321143c61c55b","first_seen":"2023-03-07T01:02:45Z","last_seen":"2026-06-08T19:38:41.30349Z","times_seen":85467,"resource_available":true,"data":null}},"time_used":9,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1063.com/svg/JackpotMania.json","fqdn":"icons.galabet1063.com","domain":"galabet1063.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:07.343Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1063.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:15:23 GMT","end":"Sun, 24 May 2026 11:15:19 GMT"},"fingerprint":{"sha1":"C4:6E:C1:0C:2A:88:F4:C7:0A:FC:21:E6:85:92:C0:68:80:2C:FB:17","sha256":"91:A1:28:71:34:B4:38:04:7E:56:1B:F2:5E:81:57:F5:65:0C:43:12:65:B7:83:86:E2:32:BC:61:62:00:6E:8C"}}},"request":{"raw":"GET /svg/JackpotMania.json HTTP/1.1\r\nHost: icons.galabet1063.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://gallabet1066.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 30 Mar 2026 00:18:07 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nlast-modified: Mon, 30 Jun 2025 11:10:26 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=rwN5g3UZzwMfv707VOWpK.reztRp69VrnafDnmBTSYA-1774829887.4031522-1.0.1.1-9POAXXGOYAzw4uY.RevNSdx1eeQpu4bJ1pgk8u5fFSIm7EVGkaRFpKLA8llGrNihiQJNUUkckdu5kBAP_w63ZGnGid4M4GmiiiuJq5fNzge6D5jkbYsTzORUBFmirzxF; HttpOnly; Secure; Path=/; Domain=galabet1063.com; Expires=Mon, 30 Mar 2026 00:48:07 GMT\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0lUc5uVWnAEBDJjZrpEJI3HL%2B52DAl6RHGZMR2w534lfPLc%2F3962WSQZBPDde9B1bPHJjmoX0MGA%2FQqwSz4qvDrg7cP%2BBlUwh4RiZ%2B7hRprGWHn1oI8wpUjOx1BD0IwASqyXOFbaumg%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\netag: W/\"686270a2-1796\"\r\ncontent-encoding: br\r\ncf-ray: 9e42ef6c4b7ab509-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6038,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"829680ca0f2f9d1f5faae192e8e40d75","sha1":"cb4c7ee7795a21eddbe36de36ff6c2e16e5f87cc","sha256":"05bca82b332ce5b8d3ab2c1e26331babd5f33d3ba924bf3e2b63b7fe44f8ed79","sha512":"173fad7120aeaf6cb2f7fb730a95b9af4587cb8804d09fd8a506e5eda8eeaa02d828a05e4c4e34bcc56f542e68abe6443792c891cfc8f2eebea59e21388b7a90","ssdeep":"96:NqjNrGLUu6fBaLQk9p0ZG7mi47U8/UA+5pRxq8uK/DUUt2TEojLdK7HiBe4I4erG:YprGYdqQkQE7mAQUv5p3q+DUU0Xqio3a","tlshash":"aec145fafb75a0f96ec753cadf223e3d79495d3d9e618794512e9a8907439c803018d0","first_seen":"2025-10-24T05:32:28.41634Z","last_seen":"2026-06-08T11:36:24.209341Z","times_seen":49,"resource_available":false,"data":null}},"time_used":207,"timings":{"blocked":60,"dns":5,"connect":6,"send":0,"wait":81,"receive":0,"ssl":47},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1063.com/storage/medias/galabet10/content_751_0f3607b9dd42e47b163229d4d39edb89.webp","fqdn":"icons.galabet1063.com","domain":"galabet1063.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.501Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1063.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:15:23 GMT","end":"Sun, 24 May 2026 11:15:19 GMT"},"fingerprint":{"sha1":"C4:6E:C1:0C:2A:88:F4:C7:0A:FC:21:E6:85:92:C0:68:80:2C:FB:17","sha256":"91:A1:28:71:34:B4:38:04:7E:56:1B:F2:5E:81:57:F5:65:0C:43:12:65:B7:83:86:E2:32:BC:61:62:00:6E:8C"}}},"request":{"raw":"GET /storage/medias/galabet10/content_751_0f3607b9dd42e47b163229d4d39edb89.webp HTTP/1.1\r\nHost: icons.galabet1063.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: image/webp\r\ncontent-length: 152802\r\nserver: cloudflare\r\nlast-modified: Sat, 28 Mar 2026 12:13:50 GMT\r\npriority: u=4,i=?0\r\netag: \"69c7c5fe-254e2\"\r\nexpires: Mon, 06 Apr 2026 00:16:46 GMT\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\naccept-ranges: bytes\r\nage: 82\r\ncf-cache-status: HIT\r\nset-cookie: __cf_bm=G4v74a61EGqkFeWjx_tkKIxYpmFkESRMVxXGoGWh96g-1774829888.4698818-1.0.1.1-HzO2bs.mrpr1ay0wldu9KJBmCXvSp3fntKFgAKPhWzwJkoO6HVyxtS0noYJioY1yk2I.UQ0NY2iFopXMx1Bn9HBm7rs9v2I2iOaX7P2OcC5GT.8t0lP9Si4oBT1QvV.I; HttpOnly; Secure; Path=/; Domain=galabet1063.com; Expires=Mon, 30 Mar 2026 00:48:08 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7R1ZX78RucVDfq2IlO52V8Ha5UM8wnRIhbFn1idich9j%2B9qwVf%2FDnES5cd2MBDiOuNpS%2BALHrBbW2eH0k1YS%2F84lm2E1%2Bm3c6smhi3w%2Fk5VX23xCnICA%2FS0jJeQEd2T5ejT%2F5gnez%2Bc%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e42ef72e8915687-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":152802,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 2600x662, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"395a4bd46ba06dda5e48e887d1c05181","sha1":"94031c5830bdf8a2c1f5b6b369ee437835a7d268","sha256":"28d8184b763f698eb1d83167bff73c7569e334197459e6779f014e2be3c1317c","sha512":"143a1c26c66d2f5257110510426fa4e9b91956ab714579698fac6076f103c486f4ddfd80a43d2e7d984c09f1805843cab4d8eca268a99f33304f8e49f9044d66","ssdeep":"3072:sAF4GMBBLorxlsXFyOYbOyHu/fingajpJwoHBSaRj:sAy2xlJd2inFXwCBrj","tlshash":"33e323c39e9b829bd406fd3df8928b525d407a16d7510948080b7fa12708eb68bff5cb","first_seen":"2026-03-28T16:05:39.533766Z","last_seen":"2026-03-30T02:15:03.242053Z","times_seen":8,"resource_available":false,"data":null}},"time_used":32,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":29,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1063.com/content/images/casino/icon3/b5d9410aab1bc4cd08124ec47c700cbf_casinoGameIcon3.gif","fqdn":"icons.galabet1063.com","domain":"galabet1063.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.521Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1063.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:15:23 GMT","end":"Sun, 24 May 2026 11:15:19 GMT"},"fingerprint":{"sha1":"C4:6E:C1:0C:2A:88:F4:C7:0A:FC:21:E6:85:92:C0:68:80:2C:FB:17","sha256":"91:A1:28:71:34:B4:38:04:7E:56:1B:F2:5E:81:57:F5:65:0C:43:12:65:B7:83:86:E2:32:BC:61:62:00:6E:8C"}}},"request":{"raw":"GET /content/images/casino/icon3/b5d9410aab1bc4cd08124ec47c700cbf_casinoGameIcon3.gif HTTP/1.1\r\nHost: icons.galabet1063.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: image/gif\r\ncontent-length: 1162819\r\nserver: cloudflare\r\nlast-modified: Fri, 06 Sep 2024 11:50:41 GMT\r\npriority: u=4,i=?0\r\netag: \"66daec91-11be43\"\r\nexpires: Mon, 06 Apr 2026 00:18:08 GMT\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nset-cookie: __cf_bm=OS0.rC9az.KnII1FflUitJGzLmRnmJRIusPIMlcXUTw-1774829888.496062-1.0.1.1-eeKH.WroIO18gsTG22wC8j0YUbJN2xkuLMf7XH70SI8iBygkvIpk5wT2VX7PghkSsUE_EwOdmjzS_bInmI660AgDPigIyLu9sFixRtalt7Y85iBh7nRCZSwc88JHebCg; HttpOnly; Secure; Path=/; Domain=galabet1063.com; Expires=Mon, 30 Mar 2026 00:48:08 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hdy7PcJZfsOdGIXvrKKTwshKC%2FKqCYF9J0JiPuBb7M%2BwBmJ3BW7bJ59mxrD95cucQn%2BUWhRFer7ehNBx7KHzDa8ndO1VPx3FHwkdZQ7PLgBcFhSh4d3mS%2FByOA8X79yQQp%2FgYJQNnPQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e42ef7318aa5687-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":1162819,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 440 x 310","md5":"4aed298e38b979019623495b22ceed2f","sha1":"b42b731382f6b1cffdf8d7630e0bbc13669e6c5b","sha256":"b97b23aa74273aa169294d24ea142f6bfa8e8c5688e7de9aebaf4b00606bf663","sha512":"be3dc4fd96cddc7b5182640b227b71a18bd86e4687e3562514fd9184514749ea206b4c4432951bf8c580ca6680db3c88add9dad601beee016a0c0fd2dd7e3094","ssdeep":"24576:ddj96l4AIk6BjhbleHGa4dewklh3eVECKbt7slqHpiFydf:df66AI8v4dewklpeVkbtD7f","tlshash":"aa25232b9f265c391fe244b879131da85a5e5f1d04c30171bb633af3b009b74b68a9bd","first_seen":"2025-12-24T22:39:16.33874Z","last_seen":"2026-06-06T23:43:56.089489Z","times_seen":22,"resource_available":false,"data":null}},"time_used":445,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":84,"receive":361,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"explorer-api.walletconnect.com/w3m/v1/getAssetImage/692ed6ba-e569-459a-556a-776476829e00?projectId=45f4062f4f6427f9e6eab952d2452b3c\u0026sdkType=w3m\u0026sdkVersion=js-2.7.1","fqdn":"explorer-api.walletconnect.com","domain":"walletconnect.com","tld":"com"},"ip":{"addr":"104.20.35.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.759Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"walletconnect.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 05 Feb 2026 12:00:46 GMT","end":"Wed, 06 May 2026 13:00:31 GMT"},"fingerprint":{"sha1":"0B:75:F6:C4:1F:5C:D6:FA:A0:CD:3E:89:69:B2:43:70:98:34:EB:71","sha256":"A7:6F:DB:DB:DF:40:40:BC:E0:FA:21:6A:0A:3B:17:05:37:B7:17:6E:6E:BC:B2:89:3D:F4:E2:7C:EB:48:E6:5E"}}},"request":{"raw":"GET /w3m/v1/getAssetImage/692ed6ba-e569-459a-556a-776476829e00?projectId=45f4062f4f6427f9e6eab952d2452b3c\u0026sdkType=w3m\u0026sdkVersion=js-2.7.1 HTTP/1.1\r\nHost: explorer-api.walletconnect.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://gallabet1066.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: image/webp\r\ncontent-length: 628\r\ncf-ray: 9e42ef74ab735ebd-OSL\r\ncf-cache-status: HIT\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=86400\r\netag: \"cfaRKjj98wG78-Q94g8ciN3whHfmDcyauXnchu_YTSDQ\"\r\nserver: cloudflare\r\nvary: Accept\r\nx-wc-r2-status: HIT\r\ncf-bgj: imgq:86,h2pri\r\ncf-images: internal=ok/- q=0 n=1019+1 c=0+1 v=2025.6.1 l=628 f=false c2=0\r\ncontent-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'\r\nx-content-type-options: nosniff\r\nx-robots-tag: noindex\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":628,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 120x120, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"07a8ca43077147f4b93899efbe31ed8d","sha1":"bb87180866adc635991e4867c8222fc4387331ba","sha256":"b22b238c613c9bfcf13e8340213b734fea3bd0b9b2fe67648e3ba6decc104e89","sha512":"6d9a2235c65c224e78bd78025eacb630cca9bc9c4a838fd540de031cca2e8c442460eae186359cb98dcb1f1eb867414c6b5b77c78a2f3e1be6f6f36b254111c4","ssdeep":"","tlshash":"90f062be0d21c29ae04842881a0c6c5da472a9b9fb4424c4eaa5f7a67c0319433a54b0","first_seen":"2024-06-15T18:00:08Z","last_seen":"2026-06-08T18:05:25.252562Z","times_seen":2280,"resource_available":false,"data":null}},"time_used":338,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":338,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/__statistics-proxy/images/e/s/131/262537.png","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:14.293Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /__statistics-proxy/images/e/s/131/262537.png HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/tr/\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D; _ga_2CT6DSEQTF=GS2.1.s1774829891$o1$g1$t1774829891$j60$l0$h0; _ga=GA1.1.1980892810.1774829891; ajs_anonymous_id=8a3528ef-ecae-4d6a-918e-6b61b4f3e7d5\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:14 GMT\r\ncontent-type: image/png\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":947,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced","md5":"17c8d42183a98fbe6b587c30341d4e7c","sha1":"82ecff5793dde73cc190801d9eb52ba4cc8af3da","sha256":"abc5782bac0f494c517a7513e0b0b6cda572896ed6fb38bea6688213d9567250","sha512":"e8b261523d3b2fe0d3f57e84193b46e4b62d921907cfa5c7fab7cb4889b53b5649975bec9746e21471936a5db0959ce0e69a84ef9da7e159a3c6efd7fc7ccb37","ssdeep":"","tlshash":"6f11c877a90b5edefae4036d14c1bf4003757ae913d0bcb4f51288e507a9c94a1ae940","first_seen":"2026-03-28T16:05:39.476321Z","last_seen":"2026-04-29T13:47:02.881548Z","times_seen":13,"resource_available":false,"data":null}},"time_used":310,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":310,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/favicon.ico?version=1774356635818","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:06.661Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /favicon.ico?version=1774356635818 HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nCookie: TawkConnectionTime=1774829886481; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:06 GMT\r\nx-powered-by: Express\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/x-icon","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T19:34:27.179619Z","times_seen":16247994,"resource_available":true,"data":null}},"time_used":24,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"explorer-api.walletconnect.com/w3m/v1/getInjectedListings?projectId=45f4062f4f6427f9e6eab952d2452b3c\u0026sdkType=w3m\u0026sdkVersion=js-2.7.1","fqdn":"explorer-api.walletconnect.com","domain":"walletconnect.com","tld":"com"},"ip":{"addr":"104.20.35.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.247Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"walletconnect.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 05 Feb 2026 12:00:46 GMT","end":"Wed, 06 May 2026 13:00:31 GMT"},"fingerprint":{"sha1":"0B:75:F6:C4:1F:5C:D6:FA:A0:CD:3E:89:69:B2:43:70:98:34:EB:71","sha256":"A7:6F:DB:DB:DF:40:40:BC:E0:FA:21:6A:0A:3B:17:05:37:B7:17:6E:6E:BC:B2:89:3D:F4:E2:7C:EB:48:E6:5E"}}},"request":{"raw":"GET /w3m/v1/getInjectedListings?projectId=45f4062f4f6427f9e6eab952d2452b3c\u0026sdkType=w3m\u0026sdkVersion=js-2.7.1 HTTP/1.1\r\nHost: explorer-api.walletconnect.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gallabet1066.com/\r\nOrigin: https://gallabet1066.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncf-ray: 9e42ef7198285ebd-OSL\r\ncf-cache-status: HIT\r\naccess-control-allow-origin: *\r\nage: 82\r\ncache-control: public, max-age=2592000, s-maxage=86400\r\nlast-modified: Mon, 30 Mar 2026 00:16:46 GMT\r\nserver: cloudflare\r\nx-robots-tag: noindex\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":441667,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"71184e0f485ada18e6155d202ef001d9","sha1":"9052f2ccc97ed673320d908eb63defd380087a2a","sha256":"1b289dddb3a449627f12e07d37d45d63eef442a63d972c3388770752b4214c79","sha512":"567e9d4f92062eac3eefcca2f0dccbddd5bbbae42856769a3d0c7f50af52aa057f563182e24d09572868724e0425382f3405a985fa3d43d80b75a7c99e562be6","ssdeep":"3072:bnRMpaIBoZbVITZZYA5drAdZ7GlAMIDl3g4Wcmvu7IHkGOQkDWgkV:LSrBGVIL74WHu7WOQVV","tlshash":"359444bb8f848f5b1b280bc9212d3d6c999e298bcbc55df6f1c0cf1844f4ab92315566","first_seen":"2026-03-24T22:09:39.296391Z","last_seen":"2026-03-31T18:10:24.454576Z","times_seen":23,"resource_available":false,"data":null}},"time_used":95,"timings":{"blocked":9,"dns":1,"connect":1,"send":0,"wait":61,"receive":0,"ssl":18},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/__config.js?v=1774829636362","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:04.972Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /__config.js?v=1774829636362 HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:04 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\ncache-control: no-cache, no-store\r\netag: W/\"118-QpqG5SHj6Nj3G15pDZzCh4XcvGE\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":280,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text","md5":"f2297f3087c45c5a7f4f6cf3b39ec5b5","sha1":"429a86e521e3e8d8f71b5e690d9cc28785dcbc61","sha256":"bc682e1d5fd213f2c047447eb35ad4d7b08df65d95f98e85eecafa59b255935d","sha512":"bbe09e6da8dc8b67d9ff376309990f31c5058aa7bf5278cf4d8014da22ac86964c60dd7c84cb186842652514910a56078e028373d4462d5ec6bbe8c4fb6a03b4","ssdeep":"","tlshash":"30d0c220e95408b60329251a54061603751ac0cf095dbd1632d0086cdf4972f4ef39ba","first_seen":"2026-03-30T00:17:55.425516Z","last_seen":"2026-04-14T17:04:19.93023Z","times_seen":9,"resource_available":true,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/WagmiConf-B3PbL1Lw.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:06.828Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/WagmiConf-B3PbL1Lw.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/assets/index-B4qfN096.js\r\nCookie: TawkConnectionTime=1774829886763; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:06 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"18a72-ACSPkA2lfvWJkHCVTUjvyICqh+w\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":100978,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (48214)","md5":"2a80458f958682aaf13b3101ac1521ca","sha1":"00248f900da57ef5899070954d48efc880aa87ec","sha256":"eb45d373608b9d08974cbf6d1056e66864cbd70882223b92dfec7bc972b58e0d","sha512":"0e07286342d917656ce8febc219f324b9161cb99c0a203d6f3c1ab17f419b876cb03745cc42803f43bb10a0a68b665c986231cc266b7c6777757d1c5b9aace37","ssdeep":"1536:h2Caz/SCdwD7ZajZlO7jMMDWOx6uxG7k8UhVxSuS7XUF3waGBfGYBgEytq2bPGAV:YCaSlx5xG7NU+WEy1bPJv1K/XGd","tlshash":"fba34ad07196b46103a74ae008bf440bf239ac34200e565cf269ecde79b96e99277f7d","first_seen":"2026-03-28T16:05:39.390509Z","last_seen":"2026-03-30T02:15:03.158668Z","times_seen":8,"resource_available":true,"data":null}},"time_used":45,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":45,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"galabet.winwingames.io/","fqdn":"galabet.winwingames.io","domain":"winwingames.io","tld":"io"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:07.292Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"winwingames.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 08 Feb 2026 19:47:04 GMT","end":"Sat, 09 May 2026 20:45:41 GMT"},"fingerprint":{"sha1":"5F:A1:45:1D:4B:B7:61:A8:B4:5F:25:27:8B:2E:35:9F:B2:AE:4E:72","sha256":"80:69:5A:6E:C6:E7:5E:F3:BF:B1:27:9B:EC:BD:81:46:6D:C9:B0:59:00:CC:90:C4:6D:BC:45:CE:D4:38:E5:01"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: galabet.winwingames.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 30 Mar 2026 00:18:07 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2Fdysl%2F4VWHKF1AGwoVdhg1QOGVAil0PSHphCT32eE1G8HVtnnSnFMdXxvisT2DmQhlLxZzmzqpNgkZJmxuPMqXmNhW0yaX%2BaH0rcGp541P8asC2fZ9kv6hOMDYhoNjq%2B2ahGDaLp3kc%2B\"}]}\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 9e42ef6bb894b518-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2821,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"ed84599d293d187c97aa6f88754332ce","sha1":"f950f5294b5fa13bd1c3950e5cb28b1a2ee241fc","sha256":"599500c94c302ac02594dd87a6652eb51a9f45042f0fc5fc2bd2f3935f8fab81","sha512":"d94fbe4938b707b2595582d942cfd27ada4874b5be459851f77dc5371f705af81eada3ddc170697813c2657a8404f1303b8777279f716eef4ebe08fdce284cd7","ssdeep":"","tlshash":"71514f3646b21421436710683babf31ab23ad2433689e9447edd93005f85f68d9b3bde","first_seen":"2026-02-24T14:23:51.260409Z","last_seen":"2026-06-03T04:20:31.871571Z","times_seen":60,"resource_available":false,"data":null}},"time_used":110,"timings":{"blocked":20,"dns":1,"connect":1,"send":0,"wait":67,"receive":0,"ssl":19},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/ButtonWithAction-Bt3bVpTR.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:07.493Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/ButtonWithAction-Bt3bVpTR.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gallabet1066.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:07 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"10b-n9SH5XGXzfPxdhJVis12VnQv5Mw\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":267,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text","md5":"7006a69511abcd67d8bd4d8fcd8c5ee4","sha1":"9fd487e57197cdf3f17612558acd7656742fe4cc","sha256":"f9d6b3b2bf48775f8aca0fe5b06e1701518e6257d9bcf41a9cfa9fc708153c2a","sha512":"6faa14f50166468de40c9c94ad65e0ff29640421114bd6366528c52795306cb71b18efa0cd4a1d604bbf5a9b5db9435fb609e761afcbf218d5c07b3cc356004b","ssdeep":"","tlshash":"52d0958f1441d2f603c5aa90511b811239255d60e7948451c04815b03f35d5dc15e737","first_seen":"2026-03-28T16:05:39.486745Z","last_seen":"2026-03-30T02:15:03.121373Z","times_seen":8,"resource_available":true,"data":null}},"time_used":30,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":30,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/HorizontalSportsList-BPz81vbO.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.094Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/HorizontalSportsList-BPz81vbO.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gallabet1066.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"1a6-BUomaKgriysRO6xgpel2KhhweM4\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":422,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (421)","md5":"1f88a219cf0ebc5b46874e3a383aa7b2","sha1":"054a2668a82b8b2b113bac60a5e9762a187078ce","sha256":"e6f7b2217e27a9951b16e1fa5f46ba8901f4c7c35a071960756151442c5747f5","sha512":"b1a49bf38ce729459fa7180f26c0bcac1e91aed1f1eb7d20454f2161e828b6b1e28c6ff2d7b8861f13c4f4558172edebbe2f9ea6be44908c71cfb150e1ca81f8","ssdeep":"","tlshash":"2fe02bc198629ef46a1a88efa95c24847162087cef176660e29492581f7408bf76914e","first_seen":"2026-03-28T16:05:39.424659Z","last_seen":"2026-03-30T02:15:03.179737Z","times_seen":8,"resource_available":true,"data":null}},"time_used":43,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":43,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/DisabledMarketEvent-PQcjEpks.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.096Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/DisabledMarketEvent-PQcjEpks.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gallabet1066.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"a9d-zzKVtecGiFVZtGyjA1kTtjJEAnE\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":2717,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (2716)","md5":"b245926e1ff60383c327a303aea22c89","sha1":"cf3295b5e706885559b46ca3035913b632440271","sha256":"238373733a1f30665cef616522170ef379b7211d953a8ea2a3a4e498729de4c1","sha512":"9c418152bc8d65bd49c3edd01dd4083d260d591c8bc653f61417ac683256f509abac0ab31262eff233e8b97cce1235a5bb61e8d309daa67efa879f5cecdb5699","ssdeep":"","tlshash":"e451736db290fa3c993604dcd27f1f1b701916a1da660592e0be4d38154c09e35aefea","first_seen":"2026-03-28T16:05:39.552659Z","last_seen":"2026-03-30T02:15:03.141193Z","times_seen":8,"resource_available":true,"data":null}},"time_used":41,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":41,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1063.com/storage/medias/galabet10/content_751_3f96ba40c0c8a9eba21d312f9bf76bfb.webp","fqdn":"icons.galabet1063.com","domain":"galabet1063.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.262Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1063.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:15:23 GMT","end":"Sun, 24 May 2026 11:15:19 GMT"},"fingerprint":{"sha1":"C4:6E:C1:0C:2A:88:F4:C7:0A:FC:21:E6:85:92:C0:68:80:2C:FB:17","sha256":"91:A1:28:71:34:B4:38:04:7E:56:1B:F2:5E:81:57:F5:65:0C:43:12:65:B7:83:86:E2:32:BC:61:62:00:6E:8C"}}},"request":{"raw":"GET /storage/medias/galabet10/content_751_3f96ba40c0c8a9eba21d312f9bf76bfb.webp HTTP/1.1\r\nHost: icons.galabet1063.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: image/webp\r\ncontent-length: 198084\r\nserver: cloudflare\r\nlast-modified: Wed, 04 Mar 2026 11:25:33 GMT\r\npriority: u=4,i=?0\r\netag: \"69a816ad-305c4\"\r\nexpires: Mon, 06 Apr 2026 00:16:46 GMT\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\naccept-ranges: bytes\r\nage: 82\r\ncf-cache-status: HIT\r\nset-cookie: __cf_bm=iO5Z2wqqPpqXWQKe2TAvSuZR1XHjKja3EvEpgbRU2i0-1774829888.261434-1.0.1.1-AEJvPJA7s3aJ7uTfkqSpQTUgiWZ.vHd3nXTeykfjuFl7Aq9PHnACobQEocgCGdARMpmv0ggU53fKJ3nXkKmTblHFfL7m2J_goXt8AQqz4rR0nMkA1FGkpGyPrCPmfU9Q; HttpOnly; Secure; Path=/; Domain=galabet1063.com; Expires=Mon, 30 Mar 2026 00:48:08 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=js%2Bw81RNFTvouzcrzKWtRLxwZQUbjftSXZXbf2%2FGbZQBmpvz3jlprXJUj%2BJWSYnPsezoHZlV4J7Ah6QzoiYh%2BHI7B00sb1jC%2FRVOLERJnyRj55hJKeaUOAGdU%2FZPQorPxGnlWgNOesI%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e42ef71a8335687-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":195099,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 2600x662, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"c94509cfd2c0baa999aefda22f4b2cee","sha1":"9e93280257e683c6a59cf0130de37c0b781b1773","sha256":"5bed67961f632f009d2ba538300203d669a05b651357a318eeb1fa0fddf93095","sha512":"1e5003943209b6227e570f3f791f3252d131d49bcf931de3d73a0897cc487730617bb5af521a89bc5396d7965ae392c9d3a5fb45a2ff8e9cb66c5c7b0f8529bb","ssdeep":"3072:1zvqXom3kjjTCO63n72UbIzrWHQAYbab05u6Dbv9pVed1tZpYEglWW:1zvZPC3atnQQ97NDL9XYYLD","tlshash":"8a142366e69013f25f31373a3a1cd3f3951a937df813f748184552b0a61b1a6b6a2cb8","first_seen":"2026-03-30T00:19:06.679672Z","last_seen":"2026-03-30T00:19:06.679672Z","times_seen":1,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1063.com/svg/player-info.json","fqdn":"icons.galabet1063.com","domain":"galabet1063.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:14.333Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1063.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:15:23 GMT","end":"Sun, 24 May 2026 11:15:19 GMT"},"fingerprint":{"sha1":"C4:6E:C1:0C:2A:88:F4:C7:0A:FC:21:E6:85:92:C0:68:80:2C:FB:17","sha256":"91:A1:28:71:34:B4:38:04:7E:56:1B:F2:5E:81:57:F5:65:0C:43:12:65:B7:83:86:E2:32:BC:61:62:00:6E:8C"}}},"request":{"raw":"GET /svg/player-info.json HTTP/1.1\r\nHost: icons.galabet1063.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://gallabet1066.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 30 Mar 2026 00:18:14 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nlast-modified: Mon, 30 Jun 2025 11:11:30 GMT\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\ncf-cache-status: DYNAMIC\r\nset-cookie: __cf_bm=I4_nM9QpDXy76CNqsFgF00xinz6grlzj6qPM.6UzQ8k-1774829894.3108954-1.0.1.1-W4crwv_zt7rJqHmn0pJAE57Ei7ABIxI.RLixTOAPs0waKs4206oT9g5QBzgh1YwP.wHYQrcnYFqygg9ceSRJ6CvoXDXuPTUhdlYuFS8UFJQRWoYR1NcDAetN2HZdhiYl; HttpOnly; Secure; Path=/; Domain=galabet1063.com; Expires=Mon, 30 Mar 2026 00:48:14 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vJgHdLuWoOUaEUTnWkVms4xP7OtU6z3Ir%2Frc1qYEtBdcTF5fI2yS2zYXYb2ETH1MVznGZbAwirdz2VBXVGhnH4O%2B7a54Xn1vd%2BHBh4qHTVMyINaVf9HcsVSiM7QS%2B5wnsiNbXIaG%2Fc0%3D\"}]}\r\netag: W/\"686270e2-fc\"\r\ncontent-encoding: br\r\ncf-ray: 9e42ef977d8e5687-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":252,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"00c69a837dbf2437f1615a82b60d316f","sha1":"1b4bd1e192f12ce5981e7d205064a206bb9483fa","sha256":"8e094d84efd592ef377cf45fffc17cf592725e3df6ed2063350c8cfb71815011","sha512":"a066e0d2c2d7be38f57fcdb8f0124105119891282197a1a28fa5f4fff1f9a75398096b323afd25502ca0e603132b3c38e21ff84b18871674f5d4a1dd1f80578f","ssdeep":"","tlshash":"0bd05e29a070382c1eae186c853885f2910509ba06b00b35f54dab8e8b4b2282154c5c","first_seen":"2025-12-04T10:26:29.969581Z","last_seen":"2026-06-08T11:36:24.28411Z","times_seen":199,"resource_available":false,"data":null}},"time_used":41,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":41,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/FavoriteGamesContent-CiuAoX4I.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.549Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/FavoriteGamesContent-CiuAoX4I.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/assets/index-B4qfN096.js\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"ae1-xQmdx1+JqNMqNQ2+ER86QmnfWoM\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":2785,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (1707)","md5":"1c1fbe960c6af46770f31f974364c95a","sha1":"c5099dc75f89a8d32a350dbe111f3a4269df5a83","sha256":"2106b9535d3a8639be04578a9c8ebb498a3f07c848a834aacd58e411dddc981d","sha512":"97b1e193c606c567b7c99ca10a8600edd40d5314fd766e54ce54aae5486ef758b4fdd3290ed2ce58f10127c1bf9fcb3aab01c42b90a952b05cbb41d59a6cf75c","ssdeep":"","tlshash":"d751a50051415ff9bb8f9ed66e17d0a419b6074ca246c17da8785e3d341da007237ffa","first_seen":"2026-03-28T16:05:39.427402Z","last_seen":"2026-03-30T02:15:03.138643Z","times_seen":8,"resource_available":true,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1063.com/storage/medias/galabet10/content_751_d74a4ebe29a311acd768d7a041714545.webp","fqdn":"icons.galabet1063.com","domain":"galabet1063.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.951Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1063.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:15:23 GMT","end":"Sun, 24 May 2026 11:15:19 GMT"},"fingerprint":{"sha1":"C4:6E:C1:0C:2A:88:F4:C7:0A:FC:21:E6:85:92:C0:68:80:2C:FB:17","sha256":"91:A1:28:71:34:B4:38:04:7E:56:1B:F2:5E:81:57:F5:65:0C:43:12:65:B7:83:86:E2:32:BC:61:62:00:6E:8C"}}},"request":{"raw":"GET /storage/medias/galabet10/content_751_d74a4ebe29a311acd768d7a041714545.webp HTTP/1.1\r\nHost: icons.galabet1063.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 30 Mar 2026 00:18:09 GMT\r\ncontent-type: image/webp\r\ncontent-length: 30648\r\nserver: cloudflare\r\nlast-modified: Mon, 15 Dec 2025 14:01:17 GMT\r\npriority: u=4,i=?0\r\netag: \"694014ad-77b8\"\r\nexpires: Sat, 04 Apr 2026 16:12:10 GMT\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\naccept-ranges: bytes\r\nage: 115558\r\ncf-cache-status: HIT\r\nset-cookie: __cf_bm=DR3Zkit.PfS9AE416PR7RHk3Y_eYoWNq2CdPiUXg3_o-1774829889.0851495-1.0.1.1-nQsalFkWGJDGRd0fbiqbVF_lb0WtCSk1vif8SnV_lAnZgXBQ4azqqmTMjwYYMxN0gp3bplNPk2bnOP7GGCjM2lL_Q0pPwty6raMVQUFEPmiAfLzUDVs0JfoNt655DKDS; HttpOnly; Secure; Path=/; Domain=galabet1063.com; Expires=Mon, 30 Mar 2026 00:48:09 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rrzJxmbOEeVWnNEmtfypdxazuL%2B1%2B9ZM20i5RrW7TABWWrcEPpPFWMbQFW4uRn9VwU2oN4Bn%2FKyz1c2O45lkOZhXrANTDak%2Bnn6SVNy5z2uIYtjlAu%2BEPeYtrfG1JlQxoraQc81Wn7s%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e42ef76ca3b5687-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":30648,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"7e44c769c8b50867b3c5a5f351efe25c","sha1":"13946ee2cd8c9ff6b74ce804ffc950b06d3b096e","sha256":"ba8112aeb4f696d5320c61972a04ed6a623bcab169a49bf3e4c15309c1b8e013","sha512":"26c9ce08f0b8b8059777d5dd806b09613006bc84cedc0ff3ee4b8c01e3e1b07f3a5e06a698ba2674a46128901ae5dfff43ba656124bb8a6ce9b135d6008fb378","ssdeep":"768:wj3t8z10BKltBMdANvhvUsEDcb4f92KK4cduloRN1YfSh2+:wjY10oVymvU9Dcb4fkN1Yfy2+","tlshash":"0dd2f1f45e14f4d273822d3b6783643b64a7c0ff2e9b5db1279a007d9e36859540e28e","first_seen":"2025-12-24T22:39:16.17862Z","last_seen":"2026-06-03T04:20:31.99561Z","times_seen":58,"resource_available":false,"data":null}},"time_used":153,"timings":{"blocked":133,"dns":0,"connect":0,"send":0,"wait":19,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/firebase-messaging-sw.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:04.982Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /firebase-messaging-sw.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:05 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"465-gZ9gYVYk8CXRJW78QI2OV2qQnHs\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1125,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text","md5":"44b92a7d10cb0970ced5798c2eb1b8ac","sha1":"819f60615624f025d1256efc408d8e576a909c7b","sha256":"a87215bfd90d96fb55335ce2b2411f38074588149c9e896505cb10b250e17e1e","sha512":"75c55da9e8afbd96b6219292c91fb88e01c15d20bafc974028763227220aa042f4b761895d44b0394baae53c225e9b0c109d2eca333aad6b382951a60448e8fe","ssdeep":"","tlshash":"5121cb124be2f8231e4104c7679f32186e290d2507b0f1de61bf56b86b0a57b206bbc5","first_seen":"2025-12-24T22:39:16.149326Z","last_seen":"2026-06-03T04:20:31.962446Z","times_seen":77,"resource_available":true,"data":null}},"time_used":89,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":89,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/LiveChatAdviser-CdPTlBD4.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:07.818Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/LiveChatAdviser-CdPTlBD4.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/assets/index-B4qfN096.js\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:07 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"35e-reFE5QIg/I6GcyqIhRY1PIvOT5U\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":862,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (861)","md5":"72dd7751d5241be75f878b8c2b8aed80","sha1":"ade144e50220fc8e86732a888516353c8bce4f95","sha256":"ee6723aededa76aafd64e561d0a2eb63a9bebe33b909815e5a36aceaf44da3c4","sha512":"87c9153c186438336b5718602a0ab46103346b48a12fecb6b04d25b7206307cc87ad41a8b893f27fa11fa021e23b5f1b4ece55199066db3cf96fd267225a33bc","ssdeep":"","tlshash":"29112fd6b0c2a3fd6667148dd79a6043300a4fa4c22d0dba807b15a01a2ce09a34efd4","first_seen":"2026-03-28T16:05:39.554024Z","last_seen":"2026-03-30T02:15:03.185401Z","times_seen":8,"resource_available":true,"data":null}},"time_used":44,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":44,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/useNotificationsProvider-MUlWkG-w.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.093Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/useNotificationsProvider-MUlWkG-w.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gallabet1066.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"5c-GQdVWN0YNlpRf3dTYZi7yuvr/1E\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":92,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text","md5":"eb992915ad7eb98f91d9d97accb0d0e2","sha1":"19075558dd18365a517f77536198bbcaebebff51","sha256":"c3e7a828f7f806e9743f7f728b72d6404c06e0106d2ef38b118102ee26fa13f7","sha512":"62e575156c52d9151978f1a3d3faffde78050f3feb1e3f175787572c823751a49cd95094bcf81e5b86d4782edce9fd847059a2f0d74456630c1984b4d8022649","ssdeep":"","tlshash":"04b01213044013f0210108dc11194c290e340c3c33428aa06030029815e4089c30ea12","first_seen":"2026-03-28T16:05:39.387326Z","last_seen":"2026-03-30T02:15:03.178022Z","times_seen":8,"resource_available":true,"data":null}},"time_used":43,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":43,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/__statistics-proxy/images/e/s/1/2652.png","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:14.308Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /__statistics-proxy/images/e/s/1/2652.png HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/tr/\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D; _ga_2CT6DSEQTF=GS2.1.s1774829891$o1$g1$t1774829891$j60$l0$h0; _ga=GA1.1.1980892810.1774829891; ajs_anonymous_id=8a3528ef-ecae-4d6a-918e-6b61b4f3e7d5\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:21 GMT\r\ncontent-type: image/png\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1175,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced","md5":"10f10075eb7695a5c2668f372855da07","sha1":"5cc1ba1359dab63a774fde1def42c78a964caf09","sha256":"c65cf1eedbe828c762bdd4fcb14708ee36777d39ec086169ddf9d524312a6158","sha512":"9e2a5a6c0d69f089a5b73c9836632f876d24f863188f040c50b8e507d881f0840ff5c1865c991d9f0a9cb6c9227ab57f450aff512c045c5fc3d511c1c34229bf","ssdeep":"","tlshash":"2121072b3b885dc4db4426777c44c89021bb16fb2b40a2484239ca3c9d84b0c48ab8b5","first_seen":"2025-10-05T16:25:05.988023Z","last_seen":"2026-03-31T03:30:25.524051Z","times_seen":9,"resource_available":false,"data":null}},"time_used":7045,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7045,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/index-B4qfN096.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:07.076Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/index-B4qfN096.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gallabet1066.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:07 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"11442b-6gq8DvX4RWase/WrLSDHl/hgdVg\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":1131563,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (25102)","md5":"d743a7cfff362640fcd65a7646bf2c13","sha1":"a8249e493177449f7d994b6c628ab5260e3b3df1","sha256":"bb5ea860befacd0f6454a5edb43859549bf5acb237c28034217a185547612636","sha512":"a9429c0eeb9775fc483fb61194c57f0e936b2db4976dd9a94088fb55af790749bb9b67e7adb51b9c3cee7f5a5c8f676b82d51899a875f2ec854ae0749b59b5fe","ssdeep":"24576:OyOgWT+GeNs1/FQpkdUDk2YePx6K2GVvbj+PZYv+kfV:OyOgWTzeNs1/FQpkdUDk2YePx6K2GVvT","tlshash":"2a257d85b055b97997b709e560af0006b2391e00f44dc860f57cedad39bd809a2bbfbd","first_seen":"2026-03-28T16:05:39.389233Z","last_seen":"2026-03-30T02:15:03.17371Z","times_seen":8,"resource_available":false,"data":null}},"time_used":35,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":35,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/GameSuggestedEventsWidget.B3VqF5zK.css","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:07.266Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/GameSuggestedEventsWidget.B3VqF5zK.css HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:07 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"1ee-X27EksX9+CXe1JEPOARmuyOlAzI\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":494,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (493)","md5":"3d3f0fe9e1a11530bcc5b93d9a483aa6","sha1":"5f6ec492c5fdf825ded4910f380466bb23a50332","sha256":"bee73c23ba614c70cddd4a90715357b4e5247e83db72e74289f80e59f6349fc9","sha512":"3fe221c3be766eda2e1f32ce4d86509e3766421cde94b5098cce1e9a4dd253c550901190f197e517d10e96322ac66e357e727e78382480d92bad2d1efd53d670","ssdeep":"","tlshash":"a0f0e9218f34ed35a4ac03ed2a77005a5760e195bc5039f86fe1bf158a087e61ce82cf","first_seen":"2025-08-13T22:32:23.57413Z","last_seen":"2026-04-29T13:47:02.73876Z","times_seen":41,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/GoogleTagManagerTracking-RoemoByL.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:07.829Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/GoogleTagManagerTracking-RoemoByL.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/assets/index-B4qfN096.js\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:07 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"4e04-6+P//YxlnqNotoZ2/sr1SkKaE6o\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":19972,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (18674)","md5":"5fb25ba20ae4131564a868996f7359c5","sha1":"ebe3fffd8c659ea368b68676fecaf54a429a13aa","sha256":"31af8004759616dbecd6205c067386976eb69cfdb2e7a940139aad09210c183a","sha512":"e0913be626432beecdfc4dca91d3dca5ce080663bb64fb8a8346dd2c20974371a7fcece00643a3b2e31a6aec55c09dab66223bdb66cdabc4151f35ea26f47673","ssdeep":"384:IUQbKxoHovyaM6xGBYgoxNuN15pK75Q4Fr1xQkbRgywBJsJF+Fa/BmhsRboAki7O:IUIKxoHsYyNuN1zgviimywfkMF2mhQo/","tlshash":"d692a8cbf96508a0a6bc1fe81b93424738f1ba5ef49144747c6e7c0c223cd0ef2a5969","first_seen":"2026-03-28T16:05:39.4776Z","last_seen":"2026-03-30T02:15:03.175461Z","times_seen":8,"resource_available":true,"data":null}},"time_used":44,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":44,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/CasinoJackpot.C7UxSYfT.css","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.080Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/CasinoJackpot.C7UxSYfT.css HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/tr/\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"350b-fWOoevV6SBeQLf9wKMXrZ6fLOrU\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":13579,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (13578)","md5":"f4b765a9546788982525c8a3553e89a0","sha1":"7d63a87af57a4817902dff7028c5eb67a7cb3ab5","sha256":"40d650a4d6aec8a7b5d75907a552768f2df82848d3309a378029fc86accd4517","sha512":"7774259bc01f672c99b7ed40a3ae4f3f8ee403355d9f71b955cac3c215c23235852eb216fafd128b92396d4e3d27b41ad34f15a30c21e238112d176f3150e7a5","ssdeep":"192:5aKQrrxX/YyrspdNl3qLq/1R9z7g6mbftDxzNfDFDfhf3fOfNf5flt/1ttTptVFg:9UVwVELPh+EDaLDRdng","tlshash":"3752ee07656f33b829ef653726f0f7cc9a3c4879c7126564a8d2a2194b8f9b006717ec","first_seen":"2026-03-02T15:10:58.211677Z","last_seen":"2026-05-17T19:17:53.627904Z","times_seen":47,"resource_available":false,"data":null}},"time_used":31,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":31,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/useOpenLiveChat-ouw1dXXi.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.148Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/useOpenLiveChat-ouw1dXXi.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/assets/LiveChatInc-BKOBRr3D.js\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"247-mdNPj0OZrRw2WcUgjZVT60W0FiM\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":583,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (582)","md5":"5ed14b0ee49217c54464d186f0ee1dcd","sha1":"99d34f8f4399ad1c3659c5208d9553eb45b41623","sha256":"4946c8527ecfafc0f5fb9252c65cbc03495e63453e4d83d763d0519727253ef9","sha512":"c99c121d3adf186d95e8a1bd515548c3f5b65a33b34be9203f3bd377e2ce3a756490597a98781cfc9096813ac19f25c3e768a7701367e7752e188cf43a606647","ssdeep":"","tlshash":"bef0e1db42948e7cc1c0cfc1515fe5f46b381aa4700dd841b83f2cd95824c0443bada7","first_seen":"2026-03-28T16:05:39.420314Z","last_seen":"2026-03-30T02:15:03.163796Z","times_seen":8,"resource_available":true,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"events.eu1.segmentapis.com/v1/p","fqdn":"events.eu1.segmentapis.com","domain":"segmentapis.com","tld":"com"},"ip":{"addr":"99.80.126.176","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:11.566Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"events.eu1.segmentapis.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Fri, 09 May 2025 00:00:00 GMT","end":"Sun, 07 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"6E:BE:8C:EC:AA:F0:8A:50:90:0A:E6:C9:91:BD:26:DE:D2:1F:39:C7","sha256":"F9:2D:36:7B:E1:0F:B9:06:71:4E:07:2E:BF:99:BD:75:4E:49:9F:E6:06:C2:E7:98:EB:1F:A5:83:10:CB:27:41"}}},"request":{"raw":"POST /v1/p HTTP/1.1\r\nHost: events.eu1.segmentapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gallabet1066.com/\r\nContent-Type: text/plain\r\nContent-Length: 840\r\nOrigin: https://gallabet1066.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 30 Mar 2026 00:18:11 GMT\r\ncontent-type: application/json\r\ncontent-length: 21\r\naccess-control-allow-origin: https://gallabet1066.com\r\nstrict-transport-security: max-age=31536000\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":21,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"90749a50019a27e1f32cebdbaa7a1bc1","sha1":"8329e3339f928f8591024bb0f938dab99c0ad4b8","sha256":"12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254","sha512":"b3959e671f729eda8aba59886df18c60ed5a768a3357dc09b29069b0da9c9fad7073d0072dc47f3ecfdc945351fe82ad3b653dd5d79d01096e5ae8bb42af2bcc","ssdeep":"","tlshash":"b8700022000000b200a0b0020028a802a8a08c0880820028c00a000a8a022802082008","first_seen":"2023-04-06T01:58:03Z","last_seen":"2026-06-08T20:06:20.102436Z","times_seen":6929,"resource_available":false,"data":null}},"time_used":374,"timings":{"blocked":169,"dns":16,"connect":34,"send":0,"wait":35,"receive":0,"ssl":116},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/__statistics-proxy/images/e/s/1/2061.png","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:14.286Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /__statistics-proxy/images/e/s/1/2061.png HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/tr/\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D; _ga_2CT6DSEQTF=GS2.1.s1774829891$o1$g1$t1774829891$j60$l0$h0; _ga=GA1.1.1980892810.1774829891; ajs_anonymous_id=8a3528ef-ecae-4d6a-918e-6b61b4f3e7d5\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:14 GMT\r\ncontent-type: image/png\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":1401,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced","md5":"807e99c06d110251c79d32bcd974f497","sha1":"654ac35881e603089e2eb13eee6f5b708989e338","sha256":"c4647ead44b5c39b3a87ccb7eea825c2b4af5dafbf3afc7c17b3f6c0c91677fc","sha512":"6e50b10de2cf44f8d9f67831292917756d6394ae72d1eae02d5738f5a6ab59e50ecba1d497f816c868c463cdf7a11809d97937012c0ac8602e450e2745e72650","ssdeep":"","tlshash":"4121b68d79944ae8919b511f5d3b999020d377a82461bd7ab9808032facc7cd3ec29e8","first_seen":"2025-03-18T10:52:19.823723Z","last_seen":"2026-04-29T13:47:02.75948Z","times_seen":11,"resource_available":false,"data":null}},"time_used":144,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":144,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/tr-D5SL2RUn.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:06.708Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/tr-D5SL2RUn.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/assets/index-B4qfN096.js\r\nCookie: TawkConnectionTime=1774829886481; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:06 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"5b3-1BS9IG8drTpzwbmWttBJnvMYgO0\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":1459,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (1438)","md5":"3abf0a5430cab7aa01adf0e7c0166bff","sha1":"d414bd206f1dad3a73c1b996b6d0499ef31880ed","sha256":"4848b14db52c1881d2ab6dcd2da96487bf4cb8a0efcac7cce0985707b1510586","sha512":"ae6956e4640909e6186e53a223a9b897c16190ef91601521f9207accb33f3408fe6e8708aab120f63462a4d89619b52e9f0f9eac879b1b96dc627114598f5aa3","ssdeep":"","tlshash":"a431a44c2946eab287015987882f1f04f81d2b087036f1649ba0c561bab09ed807eb3e","first_seen":"2026-03-28T16:05:39.464196Z","last_seen":"2026-03-30T02:15:03.222285Z","times_seen":8,"resource_available":true,"data":null}},"time_used":41,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":41,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69967ba6a3b/js/twk-chunk-2d0c8092.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"172.66.161.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:06.928Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 06 Mar 2026 09:33:33 GMT","end":"Thu, 04 Jun 2026 10:33:27 GMT"},"fingerprint":{"sha1":"F0:6C:DC:32:63:CD:34:E3:15:CD:7F:77:F5:A3:64:E0:9B:36:95:83","sha256":"B6:7F:6E:A3:69:3E:0D:3B:04:3E:8B:65:86:7E:1D:5F:82:84:18:16:8D:AD:72:D5:51:E3:46:BC:BD:CD:BC:38"}}},"request":{"raw":"GET /_s/v4/app/69967ba6a3b/js/twk-chunk-2d0c8092.js HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 30 Mar 2026 00:18:06 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 19 Feb 2026 02:56:35 GMT\r\netag: \"77424425bd755d02077922d40a96c207\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\nage: 1547573\r\nvary: accept-encoding\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nx-content-type-options: nosniff\r\ncf-ray: 9e42ef69380d8be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5261,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (5261), with no line terminators","md5":"77424425bd755d02077922d40a96c207","sha1":"9702eba70ac4506031d55a8c9cf6732a66853b2b","sha256":"1128f463d0038310bb65c71ee2bd50f52e40dd9dfc0489e127f3912a1aa728ce","sha512":"2ac723d6ab08dc1cf45141cc44966d9b0f01c892511f40148d785de61ac084e014799555bb3b574f6f8b78e9410df8c112fd437eafe0aa747babdc52b451d1a7","ssdeep":"96:zNC9Hqt7pEma7hY/rcKaJBPDRIv6hJQ7i16p3n4vkjvxQcsD:zKHhNYcLRIvgx43nVY","tlshash":"13b1859ef247b456c156225150ef3b1df33a281ca61ccdc8a66565f218784cba077b39","first_seen":"2026-02-19T03:13:10.646706Z","last_seen":"2026-04-15T01:21:42.571941Z","times_seen":8490,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/menus/footer_menu_751_tur.json","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:07.094Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /menus/footer_menu_751_tur.json HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:07 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\netag: W/\"2170-5YkIaEW1VPWbGxGytJjt0PCdLFA\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":8560,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"cb7c741a547fc4a891e36f03de2f52fb","sha1":"e589086845b554f59b1b11b2b498edd0f09d2c50","sha256":"e1f2743754b756e617ee3307f8ac72f50f94263f3009f9aa90aec03edac6be73","sha512":"2d3da210a4cece77d8c2c5a21e57119c60f5010e02e3e86a8e7d3b1df68174b55f59be99ed140bf5760974abf623b8eaa24d96f0808498dffaae7723bf944482","ssdeep":"192:XSk0zkRSkukOkWkEkRSk36kphkpGkTSkEAkMlkk73kKUkwHknu4kQSkvIkWbkCOY:XvTNrLz5Rvn8xTvewIYfQQvVdqO3y/XV","tlshash":"c7024612f00d5576e7087e00bcc7ad0b84ce609dac5d49519d4d8bcecbda5af8ac62eb","first_seen":"2025-12-24T22:39:16.150949Z","last_seen":"2026-05-14T23:49:57.318125Z","times_seen":57,"resource_available":false,"data":null}},"time_used":65,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":65,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/DepositCountTracking-BPbMtZMQ.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:07.831Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/DepositCountTracking-BPbMtZMQ.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/assets/index-B4qfN096.js\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:07 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"285-MLPq6THnKJanTseRWfOFZ69fqL0\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":645,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (644)","md5":"4f72be59fee316e116a7779e14bedef0","sha1":"30b3eae931e72896a74ec79159f38567af5fa8bd","sha256":"94c6db9a68566789952d6cf2d49611c60e2d357b6cd92631d910a4c02c1c0630","sha512":"6800e85fd482a755881dca2d86fe733dbc0f3ce9dd994c50ab54c3670284bd1090e1a2748bb6bf314ff4bf1f952d9bb3efb6b10acd681231b83a20b28b562769","ssdeep":"","tlshash":"c4f0029728b8d2f589493a8072c7a8f373f1791cb907c4c785bd4d56020d406e5cce2b","first_seen":"2026-03-28T16:05:39.535611Z","last_seen":"2026-03-30T02:15:03.186913Z","times_seen":8,"resource_available":true,"data":null}},"time_used":44,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":44,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/localConf.json?v=1774830000000","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:05.595Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /localConf.json?v=1774830000000 HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:05 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: MISS\r\naccess-control-allow-origin: *\r\netag: W/\"1177-VN35mVLPmw+r2CmSgSUCavRXJAw\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":4471,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"b406e9c7fcaf80e5ab91f27ea0f0294c","sha1":"54ddf99952cf9b0fabd829928125026af457240c","sha256":"a327cfe81199467e7773a331449db596ff5a5da012ace64d4ae1889c757bdf15","sha512":"50bb2149cb4177578ffd52d275d2f399922cf5dc4fe93ec9e32b840532d1dc7cbf148a136fc965a7e353fab249d5849f33dba3146a47b9f8053a574661b71f4d","ssdeep":"48:YuTyTbGhzyQnA8qA+9nIok/we+NPhwxbwPAjgCfk/wWp3Copi279lMFDQJSLhHan:xu2ByQA8qAHTwAsAjgCuE56szUn","tlshash":"7391cc9d31458cfec75eeac3788b679f3042811387982c06c27cef4c5676f19650a2ab","first_seen":"2025-12-24T22:39:16.189594Z","last_seen":"2026-06-03T04:20:31.881043Z","times_seen":82,"resource_available":false,"data":null}},"time_used":353,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":353,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/InternalDataspotTracking-MyZPPxux.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:07.715Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/InternalDataspotTracking-MyZPPxux.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gallabet1066.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:07 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"ff9-xVoHNVpaJXGeQDmbDKWgmJmGyO8\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4089,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (4088)","md5":"ed14a2790ee1c276644b889ed243b8d4","sha1":"c55a07355a5a25719e40399b0ca5a0989986c8ef","sha256":"8ad6149846eceeb7f576f4ebb7f81b99a23a686d8f161adb23b9f5211ebb03b3","sha512":"00b2511fa9650848035436540fa8026ebb90b8515ca3f3b8e310380ebe46a9260e92016708ad775944764e64c588e196f8076c29ec107a41dd957c8185d21f69","ssdeep":"","tlshash":"1b81851fd83c0471706489ce5877a9a7c5ad3c8951c0c8f060379eaa661ee05d6f5ed7","first_seen":"2026-03-28T16:05:39.570301Z","last_seen":"2026-03-30T02:15:03.184301Z","times_seen":8,"resource_available":true,"data":null}},"time_used":46,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":46,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/Tooltip-BkqUYOAI.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.089Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/Tooltip-BkqUYOAI.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gallabet1066.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"334-mTvSRuiJ4UEZ6IhkQjUfxdpRC3k\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":820,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (819)","md5":"2f6baf68d45f9ded7ae3b615275fe741","sha1":"993bd246e889e14119e8886442351fc5da510b79","sha256":"12037c07ae730bb15ffddf8a3ce9bc8bfbb5fe313e4d9df2f44bda0ee3997bcb","sha512":"faf6f552ecea99ca67488b5b2be331e25f3dfde4e1761ba402fe60fe63238f80df6fc8f2bd64a6591c2ea290cb118636bae4f5465247310e7333c62f0c4dee47","ssdeep":"","tlshash":"5401f646e032fbf4e17754da142d856d71532a6c7e2f58f0a038058f0ee4984d317b8b","first_seen":"2026-03-28T16:05:39.519258Z","last_seen":"2026-03-30T02:15:03.185913Z","times_seen":8,"resource_available":true,"data":null}},"time_used":42,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":42,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/usePriceChange-BUWblRaB.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.097Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/usePriceChange-BUWblRaB.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gallabet1066.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"1d6-CZoHa3fJ8KcWe/yW2F0SiEIdFgo\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":470,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (469)","md5":"6c60da2f36cbb5113e240c4511901263","sha1":"099a076b77c9f0a7167bfc96d85d1288421d160a","sha256":"7ce97772d8642a6c697a506574df8b8e8a7d5901e7426c0dbbf4b8bc4ab51514","sha512":"c0e39a25d56ffe6f51d20ad2f19a0eb5b1bd486eaf25f50c05d3c60d9ad40d89cdf64f675e0a650adf78a3b5efa62772dba7f96105ce56a9c61b0a8a550c1912","ssdeep":"","tlshash":"ccf05cbd14901823545f0cc4c26485572fe52ad56bbec31eb230882d37589af06aef66","first_seen":"2026-03-28T16:05:39.423122Z","last_seen":"2026-03-30T02:15:03.22844Z","times_seen":8,"resource_available":true,"data":null}},"time_used":41,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":41,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"crm-lib.fasttrack-solutions.com/loader/fasttrack-crm.js","fqdn":"crm-lib.fasttrack-solutions.com","domain":"fasttrack-solutions.com","tld":"com"},"ip":{"addr":"104.26.5.72","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.500Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fasttrack-solutions.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 25 Mar 2026 06:34:08 GMT","end":"Tue, 23 Jun 2026 07:34:07 GMT"},"fingerprint":{"sha1":"6A:FF:CB:88:7D:2C:21:DB:DF:9C:CE:23:37:4F:33:97:B2:66:83:F9","sha256":"D6:89:30:57:7F:09:DC:DF:2F:F6:56:BD:C5:FA:DD:99:4A:6D:A6:D6:C0:95:94:F2:71:EA:ED:8B:67:DB:6D:46"}}},"request":{"raw":"GET /loader/fasttrack-crm.js HTTP/1.1\r\nHost: crm-lib.fasttrack-solutions.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: text/javascript\r\nlast-modified: Wed, 11 Feb 2026 13:55:13 GMT\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: X9ovE_PVlm7QTMnZs7pgGdxk3XrTsm57\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=17%2B42Hk4CqJiKHo9ufURRTGaIKWBfRRSvq8dCVQMmORs8lgG%2B%2FwaXb1%2BmfGSQal0CUnn0SQ1ndTXB0jxqEzZXj%2BU7B1lXReHfqkn5yTJliP1LLgOo1AjX9107I90bEe91g0Agnggdp1k9mgCDN0usyQ%3D\"}]}\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-cache: RefreshHit from cloudfront\r\nvia: 1.1 652549e0dcae9775148cb207792b2a40.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: dQ8YH9VCSN7g8gNdg2CwEEf5ShyajLEOVbFZq4heowUQ9qEfbGM5rg==\r\nage: 2172\r\ncache-control: max-age=31536000\r\ncf-cache-status: HIT\r\netag: W/\"0e62b669f80928b5dac9ece193256095\"\r\ncontent-encoding: br\r\ncf-ray: 9e42ef732e32b4f4-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":6791,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text","md5":"0e62b669f80928b5dac9ece193256095","sha1":"a04e0c32df6e15dd5621258cdab16ca08361d27a","sha256":"cd306f0e4ea334dc0a9ab35e3e6c3c73a34876b8d8be27330916196042a1437d","sha512":"930f28be027cbe059bedfe820c6920d8668380c8aef844a15c140de8e907d2be6c5eb38470f0809709bf8d2d0cffd411c61a92a1fb1592503d59e24ff8350cc0","ssdeep":"192:/XKuPlMK5EbbbCUuUD7Z4ac2tMOx5YemndU25i5ObHwxaf6pedviiA:vKEiw8nbxDt4atx5Ye4ymr//A","tlshash":"e5e10e5c29f394610a93351f033be125f3b6e533221eec41b9dc8968af54667caa7d88","first_seen":"2026-02-12T21:09:52.600201Z","last_seen":"2026-04-14T09:08:05.84184Z","times_seen":66,"resource_available":true,"data":null}},"time_used":66,"timings":{"blocked":8,"dns":0,"connect":1,"send":0,"wait":13,"receive":0,"ssl":41},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/__statistics-proxy/images/e/s/1/2058.png","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:14.287Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /__statistics-proxy/images/e/s/1/2058.png HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/tr/\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D; _ga_2CT6DSEQTF=GS2.1.s1774829891$o1$g1$t1774829891$j60$l0$h0; _ga=GA1.1.1980892810.1774829891; ajs_anonymous_id=8a3528ef-ecae-4d6a-918e-6b61b4f3e7d5\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:14 GMT\r\ncontent-type: image/png\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":1742,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced","md5":"9d775347250560ec50a53ed24a2b8c91","sha1":"b2b0d764e920b31d6387f62d2ac9e82f07c5a3d6","sha256":"3631960d8dcdc6e166716efae80df7fe0555dd2af90a56d8e476c55c412df680","sha512":"332740aadbea1caa03b7c840ac42e7cd39419ea193f341a430e802e2951ee245a994091541c134a4781ddfbffe943c84c66c3399e06eccd02ea0ad32c725d230","ssdeep":"","tlshash":"02310de1da82f3afd59742a5f90a4c95ed4f7079a59a707c2317d0c3013cc4c749056e","first_seen":"2025-03-18T10:52:19.874764Z","last_seen":"2026-04-29T13:47:02.797633Z","times_seen":6,"resource_available":false,"data":null}},"time_used":162,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":162,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1063.com/storage/medias/galabet10/content_751_dd37a279c43f0ccbb760be731379303b.webp","fqdn":"icons.galabet1063.com","domain":"galabet1063.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:19.018Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1063.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:15:23 GMT","end":"Sun, 24 May 2026 11:15:19 GMT"},"fingerprint":{"sha1":"C4:6E:C1:0C:2A:88:F4:C7:0A:FC:21:E6:85:92:C0:68:80:2C:FB:17","sha256":"91:A1:28:71:34:B4:38:04:7E:56:1B:F2:5E:81:57:F5:65:0C:43:12:65:B7:83:86:E2:32:BC:61:62:00:6E:8C"}}},"request":{"raw":"GET /storage/medias/galabet10/content_751_dd37a279c43f0ccbb760be731379303b.webp HTTP/1.1\r\nHost: icons.galabet1063.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 30 Mar 2026 00:18:19 GMT\r\ncontent-type: image/webp\r\ncontent-length: 141024\r\nserver: cloudflare\r\nlast-modified: Thu, 04 Jan 2024 11:52:54 GMT\r\npriority: u=4,i=?0\r\netag: \"65969c16-226e0\"\r\nexpires: Mon, 06 Apr 2026 00:16:56 GMT\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\naccept-ranges: bytes\r\nage: 82\r\ncf-cache-status: HIT\r\nset-cookie: __cf_bm=kr7WmTkOVnlJHMUN8XWf3si9ygFMxn1EPjFCDGmqFd0-1774829899.0193384-1.0.1.1-8sLNPqKofXHzlp8HzYOoTMm_BHB0MWPALDsRlGnl.c8Tv4Yd3qbD7GqaVoQD2GE4RK7prJZTpzTb3Pnzix2CPI9O18Hi3n9BV_z8LTxacKjNKFBv_.bEGmtoKMAmjVVR; HttpOnly; Secure; Path=/; Domain=galabet1063.com; Expires=Mon, 30 Mar 2026 00:48:19 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4kp2AzFBoh4%2FGP1dL7KQr%2FtAOKfGcDoDqx%2BZ7dVksRsl97BoHqyLO7DB92HnxlD2Zc7TBJQvYLctB%2BD2vbmXBhgOOKAGb8UngQHnPC69A0f3zZiw7oaZhnALRTX8ou8uqKrH%2BMrvk7o%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e42efb4d8bb5687-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":141024,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 2600x662, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"f1908ce8016950b6f3f5cee3256d491b","sha1":"80ec67cfa39f67fcd9c9ab6addbafeac07d052d6","sha256":"03cf5790335927a6e35c79f28653f6460e05145a1df56534eab746b55d13139f","sha512":"cc26ac01f7f591007f2c398c608dcf25c0ce6258bd13d202237a891a6792d4a9e2899fc44baeabfff9a4a7becbe8fc1859086852b64cfbce3e39555db2f4c5e3","ssdeep":"3072:Jue4D7v00XU3boz/OEjj7laE4webThg7TF6/+lqGQ8f:JHI7M0kr2DlPeuPF6e1f","tlshash":"acd31261ac51709522cfeec209d32b69713237d0553c29b4a49ae4625ed3ac2da33f5e","first_seen":"2026-02-24T14:23:50.909304Z","last_seen":"2026-06-06T23:43:56.093565Z","times_seen":14,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":7,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/FastTrackTracking-sSvnyG2s.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:07.826Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/FastTrackTracking-sSvnyG2s.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/assets/index-B4qfN096.js\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:07 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"52a-bKkI8Ery79ZT24i+dLBWxElm5co\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":1322,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (1321)","md5":"e9270e8ad7d9ea7366da998ab93ec1dd","sha1":"6ca908f04af2efd653db88be74b056c44966e5ca","sha256":"e4b2bc99d3a76fd43d49399a1eb7aa909ba62d7092203f95c0ca06444107205b","sha512":"7eac93d0925219e4b626f1dab4918692c02c76d318b327572473ca8c11b7bbedba9179b68e71f8593fa316fe179555e690c896e11a27cccd2a35794f2d0c5011","ssdeep":"","tlshash":"3921534e50d543a478804e8da3d7a261a57e5971711ec4e1f0770bbd2e0ca6983dac97","first_seen":"2026-03-28T16:05:39.606783Z","last_seen":"2026-03-30T02:15:03.265615Z","times_seen":8,"resource_available":true,"data":null}},"time_used":42,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":42,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dataspot-int-bucket.gallabet1066.com/configs/928de3c284a560a4ec2990544700741b.js","fqdn":"dataspot-int-bucket.gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.163Z","timestamp":0,"http_version":"","security_state":"broken","security_info":null,"request":{"raw":"GET /configs/928de3c284a560a4ec2990544700741b.js HTTP/1.1\r\nHost: dataspot-int-bucket.gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nCookie: twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T19:34:27.179619Z","times_seen":16247994,"resource_available":true,"data":null}},"time_used":9,"timings":{"blocked":9,"dns":0,"connect":24,"send":0,"wait":0,"receive":0,"ssl":37},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"dataspot-int-bucket.gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"dataspot-int-bucket.gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"dataspot-int-bucket.gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/__statistics-proxy/images/e/s/1/2056.png","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:14.176Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /__statistics-proxy/images/e/s/1/2056.png HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/tr/\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D; _ga_2CT6DSEQTF=GS2.1.s1774829891$o1$g1$t1774829891$j60$l0$h0; _ga=GA1.1.1980892810.1774829891; ajs_anonymous_id=8a3528ef-ecae-4d6a-918e-6b61b4f3e7d5\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T19:34:27.179619Z","times_seen":16247994,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/__statistics-proxy/images/e/s/1/2020.png","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:14.302Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /__statistics-proxy/images/e/s/1/2020.png HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/tr/\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D; _ga_2CT6DSEQTF=GS2.1.s1774829891$o1$g1$t1774829891$j60$l0$h0; _ga=GA1.1.1980892810.1774829891; ajs_anonymous_id=8a3528ef-ecae-4d6a-918e-6b61b4f3e7d5\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:14 GMT\r\ncontent-type: image/png\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":1330,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced","md5":"67c7f426e0ce2f0aa99fbbb3baf3b1c7","sha1":"e0fff87eeab2822d53ce1d9216ded3005e552032","sha256":"7a9d1d5b09ab83856eca4cafcf4b024a56cc9148b133296f01bc408cc75422ed","sha512":"0a148242d3dc472c7c579bca20f4ddc88524eaea182b9bb657f0324523be1670c5643e817e05c5a653f612d998bfb6850c9e8f49f273e2c0d7eec81895d82db1","ssdeep":"","tlshash":"0e2105929481c42de2618cacc2cb14be1e1fbc9b2c2c792ef090c437438502de4eded1","first_seen":"2023-12-02T01:31:50Z","last_seen":"2026-04-29T13:47:02.763142Z","times_seen":11,"resource_available":false,"data":null}},"time_used":431,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":431,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/__proxy-geoapi/?type=json","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:06.774Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /__proxy-geoapi/?type=json HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gallabet1066.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: TawkConnectionTime=1774829886763; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:06 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nx-powered-by: PHP/7.3.33\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: Content-Type\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding, Accept-Encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=tm8ttAuuiZPLswYnl9Ycqh3xgCOqT4uFvXZWK5o8NmwIgCFhMjG%2FQynylgQJcwsPRsuqVbdT34xQnFwNx4U%2BoaSOmve3tFfgS5bzDvVchVimGKbNj7hol36aet%2FUa2UOWY4SMMjUI5vSz2s%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\nset-cookie: __cf_bm=b78rw7tkY0zgFxKkJb59rER32_aTS6wS1Om_4.Co0JQ-1774829886.8337522-1.0.1.1-h_jL8_4iHqfQ9BUPCTO2gysbg7h7CvWZumFnCVbCsIp6H09bLd.WR9ztBhJq0BtLicaCNJzPVFbtGLIZq0V4P9oGtdAJBYdBjxGL2RixYXYeYLfXMcKGiD1ROfZ88vZh; HttpOnly; Secure; Path=/; Domain=19btcoservice.com; Expires=Mon, 30 Mar 2026 00:48:06 GMT\r\ncf-ray: 9e42ef68b84c92cc-IST\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"PHP:7.3.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":205,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"JSON text data","md5":"e7896ab748ec49fbcd3a58b1c12a1f86","sha1":"971f12df6efe748c6a5f9311e134c0735db343a4","sha256":"b90983ad317016aa94601c3bd3a17e33c4df80a026f54cf8aa7a737320029e83","sha512":"f3dc47274b1450e9b98131c77fb7fed3ae6a9a0b0f98fb737545f93aa9707533428b7079a9e3e7de9d1e2c575c54154114a2d8e74cd0cb084c550ce0b840d5e2","ssdeep":"","tlshash":"70d022cc2808fd2fae310948388fba662ab914ec42c56580424e9c6182c4ae5d38e202","first_seen":"2026-03-30T00:17:55.389156Z","last_seen":"2026-03-30T00:19:06.70861Z","times_seen":2,"resource_available":false,"data":null}},"time_used":201,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":201,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/menus/app_menu_751_tur.json","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:07.093Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /menus/app_menu_751_tur.json HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:07 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\netag: W/\"1adb-+yKa0jJVZnzTcf8DMZgTqQ32Wws\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":6875,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"a341d5884944ed085b5648556ea79ceb","sha1":"fb229ad23255667cd371ff03319813a90df65b0b","sha256":"ea9221c063848a89fb47875ec7199458219f38919fd74c2e91b42886d6ef2edb","sha512":"164600a6c059e90a004a8793720b36b327e16b22de1b1ac1c2d859ba1e5932229f80e5478a7653c51c3ed8739b5e900683d2bb0c6fcc46854046988819474c72","ssdeep":"192:SSkcUlkiU+kuSkAUdkuUQkZUckTk2UUkoekIU1kvkq/UKkJUdkpaUAkvSkGUlkM4:Svuxuvi7iwbCCMjHxvv8MvQqzaKTi","tlshash":"ade10702f01d5976d30c3e00bcc76d5b888e50996c9d19419e4d8acecbd649fdacb6db","first_seen":"2026-03-21T17:26:39.654441Z","last_seen":"2026-04-04T19:51:35.181576Z","times_seen":15,"resource_available":false,"data":null}},"time_used":66,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":66,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/logo.png?v=1773142319","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:07.187Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /logo.png?v=1773142319 HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:07 GMT\r\ncontent-type: image/png\r\ncontent-length: 7738\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"1e3a-oAktx4C5wV8jQh3t9nBGIljkv+o\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":7738,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 360 x 120, 8-bit/color RGBA, non-interlaced","md5":"60c432b2e1f44042e6831b308a2fcd28","sha1":"a0092dc780b9c15f23421dedf670462258e4bfea","sha256":"45f7ccf0315aa2e44a658598ba76a0993ffdb4ea7dbfbb569ddba207929a7461","sha512":"f4a8c1c80e4cb91a70a4801ca5e7efcc5e4cc742f4939f805cb65969d34a896b1bf2f82c5f2bc2869b8e6be0439157f84b1365dfc3c76584ff2cd983e97d5eba","ssdeep":"192:yLexi5CqFsyyyjU7Bmu3n/0Hw+mvTZHOpoNI2kAZKqn:yyUVmoCVFvTBhIGZKqn","tlshash":"69f19fa70753e811ad00922f841e0285bfc412e5f36bafce13b3df19862515475a96e1","first_seen":"2026-03-21T17:26:39.532964Z","last_seen":"2026-06-03T04:20:31.943261Z","times_seen":48,"resource_available":false,"data":null}},"time_used":35,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":32,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/CasinoJackpotPools-CM3pNZyw.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.091Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/CasinoJackpotPools-CM3pNZyw.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gallabet1066.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"371-oxzlyBSKGaVyggS0QS467i1Ygvw\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":881,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (880)","md5":"b8be1bcea05cdd8b8f974b23d61fc755","sha1":"a31ce5c8148a19a5728204b4412e3aee2d5882fc","sha256":"992e4328c4dd3f32373bd921d575e92f793590a3d9e16d532ed5f4cd92b97f4c","sha512":"13566cb8c8d9623cc0bc14b7d32fe3b60da33b7acf45688af2e0ff9a32c1f20bf8cfd4ed506d76a94d1c8cfdd53716e4864f449813e3a5bcdcd77a09e3f5564e","ssdeep":"","tlshash":"ab11c08bb02af3f4d88c5ce140a5555b073e2f65f72181c4986c57785b2685af5a87c2","first_seen":"2026-03-28T16:05:39.481039Z","last_seen":"2026-03-30T02:15:03.191923Z","times_seen":8,"resource_available":true,"data":null}},"time_used":42,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":42,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/SmartMarketEvent-DYGb6D4W.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.516Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/SmartMarketEvent-DYGb6D4W.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/assets/FeaturedGames-DfIwIlXg.js\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"393-0vm/FSDlJB64WSQKg4+MGPdUz54\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":915,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (914)","md5":"9a0359779601302b3cc85b6a76bc78ef","sha1":"d2f9bf1520e5241eb859240a838f8c18f754cf9e","sha256":"abb6c03f0cf5385e809cdbc4991cdaf65ff7457d045f6d70593e95ac3b577e4b","sha512":"24bb729c19af36356788e935eb026bf89fc7132b9e962dd6d5928484f9632e9d789a8433176c8677e714bd073565c22fe50da288c99e334acf3309827791f293","ssdeep":"","tlshash":"5311e3d6d581323a0632c8bdd1109f42429c02d7cb210359e58b86f173ad4fda34de59","first_seen":"2026-03-28T16:05:39.528898Z","last_seen":"2026-03-30T02:15:03.167529Z","times_seen":8,"resource_available":true,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/HorizontalNavigationListItem-D4fpIAXB.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.517Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/HorizontalNavigationListItem-D4fpIAXB.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/assets/FeaturedGames-DfIwIlXg.js\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"343-sRyBSMLgqj+ei4SSmtIuNev1e7w\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":835,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (834)","md5":"6b6c589ea06049b9b4c2579de1d2aa6f","sha1":"b11c8148c2e0aa3f9e8b84929ad22e35ebf57bbc","sha256":"aaef91c5ebf80a33c429637fc110ff141a03743e4b1159164c89722e18ed32f3","sha512":"3c199fefc80ac38b2bb02e33cac5808290be539349510f1cd55844bbe3a15f4b84d32551a37b37631d73c17c99c07099629c8564435f007342b17c878b9d0a20","ssdeep":"","tlshash":"f901ce12f004dbbc9a2b48dc9b4e6045b2564affdf382ce1b4f4a0011a384467a47fce","first_seen":"2026-03-28T16:05:39.434356Z","last_seen":"2026-03-30T02:15:03.133318Z","times_seen":8,"resource_available":true,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69967ba6a3b/js/twk-chunk-2d224aff.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"172.66.161.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:06.901Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 06 Mar 2026 09:33:33 GMT","end":"Thu, 04 Jun 2026 10:33:27 GMT"},"fingerprint":{"sha1":"F0:6C:DC:32:63:CD:34:E3:15:CD:7F:77:F5:A3:64:E0:9B:36:95:83","sha256":"B6:7F:6E:A3:69:3E:0D:3B:04:3E:8B:65:86:7E:1D:5F:82:84:18:16:8D:AD:72:D5:51:E3:46:BC:BD:CD:BC:38"}}},"request":{"raw":"GET /_s/v4/app/69967ba6a3b/js/twk-chunk-2d224aff.js HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 30 Mar 2026 00:18:06 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 19 Feb 2026 02:56:35 GMT\r\netag: W/\"87f83aeea14051d9edd97ec3dd41fa0e\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\nage: 402865\r\nvary: accept-encoding\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nx-content-type-options: nosniff\r\ncf-ray: 9e42ef6918048be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":18392,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (18392), with no line terminators","md5":"87f83aeea14051d9edd97ec3dd41fa0e","sha1":"8649c359a630d1c55eb268ff051d5a284ef7587e","sha256":"38a072ee28e39fadd2153244a3f0a48df473ce7d8dfe16e2f2fcbe5d9cd0bc6f","sha512":"c56e03220951ba738fa2f29bec6d02b1de5ca769f1f41c39ff3f12334b16d0a82db78487c4e4cfcd8fdfaddf4af6b923c725af335346028224efa849bc140eca","ssdeep":"384:jqiSR0nIa0kIrCQl2kL3kCrGN//h6LiJq:SzP2DZSLi8","tlshash":"37822ba6f149311bc925c750605f2228b33b19a9fa1ece7df2745cf245a8cc2906af3d","first_seen":"2026-02-19T03:13:10.613764Z","last_seen":"2026-04-15T01:21:42.807167Z","times_seen":8478,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/__inject.js?v=1774829636362","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:04.975Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /__inject.js?v=1774829636362 HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:04 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\ncache-control: no-cache, no-store\r\netag: W/\"12513-3m48CYgtYpiWmB5UI89cLHQfgn4\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":75027,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"947f072fdf604c0d61ed77fa7932c765","sha1":"9bcab1be38b498c7dc213174606cf8b1c89275fa","sha256":"56e606eb900514d4c134bbdb17e6585ec187ddcd949d8747159874b8078e6ce1","sha512":"659e5233ce8b0661a91ec76127779a3a4ce7f894ea10bf70f8adad58ea14902bac674fc9fd8221e49d6834771d2019269eec04a6704bd9eb68f681b9513b6147","ssdeep":"1536:oQtg8nVFTFcFuFZruVNZQrwGvP/0RriCU0xA:oHtbACS","tlshash":"c773a7487ef261b2577ba2ae278bb240753240031006ee517fec87146fc6a6dc576bde","first_seen":"2026-03-30T00:17:55.484698Z","last_seen":"2026-03-30T02:15:03.151694Z","times_seen":3,"resource_available":true,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/custom.css","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:04.978Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /custom.css HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:04 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"446d-MEsK5pkdmBBJYYP7yJsPFVyWjbM\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":17517,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text","md5":"19292ad5a71e53d0ad3cc06062cad1ca","sha1":"f90e8a59fd2c671e5c5520cf3d350d956810ae54","sha256":"84f1e291157eaead21d0ef29de63609383aacfb43d073a46826514316227b670","sha512":"1d14422efa05a9b9f6ac04382e7630193a4cad5cde5f4bfae738b83a715bee6a92434bf10e0e1c044e757f68baa486c116b851ac4d3bef2de9d3cf7ec41eb0fb","ssdeep":"192:52SyYVVLN2Ns2hamJqKbEiExkouE20j62UYx6lY9qywNKVh4P02pHnN6X9VnICiP:wYUrhaJEW6jLpHT5p","tlshash":"7472a553fee31989716a8198566bb3fc7e7d404397099d787ba4b3748f837e28031a48","first_seen":"2026-03-28T16:05:39.468737Z","last_seen":"2026-03-30T02:15:03.268731Z","times_seen":8,"resource_available":false,"data":null}},"time_used":47,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":47,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69967ba6a3b/js/twk-chunk-3ea2c7ce.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"172.66.161.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:06.903Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 06 Mar 2026 09:33:33 GMT","end":"Thu, 04 Jun 2026 10:33:27 GMT"},"fingerprint":{"sha1":"F0:6C:DC:32:63:CD:34:E3:15:CD:7F:77:F5:A3:64:E0:9B:36:95:83","sha256":"B6:7F:6E:A3:69:3E:0D:3B:04:3E:8B:65:86:7E:1D:5F:82:84:18:16:8D:AD:72:D5:51:E3:46:BC:BD:CD:BC:38"}}},"request":{"raw":"GET /_s/v4/app/69967ba6a3b/js/twk-chunk-3ea2c7ce.js HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 30 Mar 2026 00:18:06 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 19 Feb 2026 02:56:35 GMT\r\netag: W/\"52698c6dc96b5f2bd13e8f921334e398\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\nage: 402865\r\nvary: accept-encoding\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nx-content-type-options: nosniff\r\ncf-ray: 9e42ef6928058be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5504,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (5496), with no line terminators","md5":"52698c6dc96b5f2bd13e8f921334e398","sha1":"eb0adbc44ebc73775c5cca0a3851e8a6510d360c","sha256":"37527b07ac54a4567d7e23bde1edfde8ed74c4f30402c96fb56f4c0020c6af42","sha512":"032e41ececcfc651f34c235d15953baacb81e7cfaf492dd919c7fca2a7c49d507ae4a60710064c5419df70eb581254058dffbf1d0d4c53ef47d87bce4e036524","ssdeep":"96:60WlCWYW5rugkENQdx0hZUASzpqrcHZ73abT3Qlgjm6i5cCEsK7oGuyGwDf/2/5N:XBTW5qgNQdAR7c573abF8cCEsK72/5N","tlshash":"b5b11982b251b4668ab5380045cf6f07b07baf4f5d09cd50d783e4a3b230c5a9667e8c","first_seen":"2025-11-13T12:40:48.559139Z","last_seen":"2026-06-08T19:38:41.225388Z","times_seen":36113,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/FavoriteGamesButton-BN7ZNTW1.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:07.786Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/FavoriteGamesButton-BN7ZNTW1.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/assets/index-B4qfN096.js\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:07 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"1ab-acWugRX3UDa8tJLzLZ/O6L/jglM\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":427,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (426)","md5":"ee070841bdc59fe58ba681e48c775f40","sha1":"69c5ae8115f75036bcb492f32d9fcee8bfe38253","sha256":"0db2eb58ebe873397c13f9600cc61bc72eaeac3c761f67e7627247817e8d5c17","sha512":"8f34ba99cbdb74c3b9bf99376385de93bfffa3b15b158b2a34be897822f5409b3399ac89c815dff374813c95d0cd93733f521b8ff42f486b32b149edeae3f7b1","ssdeep":"","tlshash":"2be0a34b9089d2fa2b425a901107c4253536a87cd759d050409915703e75456c54eb7f","first_seen":"2026-03-28T16:05:39.51566Z","last_seen":"2026-03-30T02:15:03.120672Z","times_seen":8,"resource_available":true,"data":null}},"time_used":44,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":44,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/AppSettingsButton-CfXkhn6v.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:07.815Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/AppSettingsButton-CfXkhn6v.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/assets/index-B4qfN096.js\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:07 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"181-5+a+rG2X9tdjIGO0m8cCOFCdsEw\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":385,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (384)","md5":"653a6c78a5c695035a2fa54b981e56ec","sha1":"e7e6beac6d97f6d7632063b49bc70238509db04c","sha256":"236c29c32028da8a9e87ecd43072b572d2ea5aeafa32f4e008589050bc36234e","sha512":"5bffa0e360b9609096c590a377a40479341d6eb039c8910fb5ac184474300aa5611cda1722fcfe3907d47acb3298301fee34846d60710184601296f0d23e7034","ssdeep":"","tlshash":"4ae068cb5092d2fa07911ad2c10b820639566c78c345951180b865b13bb8586828e77b","first_seen":"2026-03-28T16:05:39.457303Z","last_seen":"2026-03-30T02:15:03.318917Z","times_seen":8,"resource_available":true,"data":null}},"time_used":44,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":44,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1063.com/storage/medias/galabet10/content_751_ce21d61aecbdde7a2793374d23ba2279.webp","fqdn":"icons.galabet1063.com","domain":"galabet1063.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.441Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1063.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:15:23 GMT","end":"Sun, 24 May 2026 11:15:19 GMT"},"fingerprint":{"sha1":"C4:6E:C1:0C:2A:88:F4:C7:0A:FC:21:E6:85:92:C0:68:80:2C:FB:17","sha256":"91:A1:28:71:34:B4:38:04:7E:56:1B:F2:5E:81:57:F5:65:0C:43:12:65:B7:83:86:E2:32:BC:61:62:00:6E:8C"}}},"request":{"raw":"GET /storage/medias/galabet10/content_751_ce21d61aecbdde7a2793374d23ba2279.webp HTTP/1.1\r\nHost: icons.galabet1063.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: image/webp\r\ncontent-length: 39580\r\nserver: cloudflare\r\nlast-modified: Sat, 21 Mar 2026 08:27:49 GMT\r\npriority: u=4,i=?0\r\netag: \"69be5685-9a9c\"\r\nexpires: Mon, 06 Apr 2026 00:16:46 GMT\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\naccept-ranges: bytes\r\nage: 82\r\ncf-cache-status: HIT\r\nset-cookie: __cf_bm=AQo76cX6TQEvf4dwklgYwv7.nkbpbu7yrkIvIJOlDYo-1774829888.4143991-1.0.1.1-TX6lPDL7o4TVrQlIP6hqjNkK9Um3PUDQITolRfxgsLI60hw.MqaETtvXyxhuDSr2kxn2kRbtipkFEcaxHjjbymg1LZluzm6RL3mY1FeVsSrOcxxXsjaMTtRPYi6kDooj; HttpOnly; Secure; Path=/; Domain=galabet1063.com; Expires=Mon, 30 Mar 2026 00:48:08 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=09u7n%2FDDFMOHVIUvm4G1dreMzfYH7uYJ6YhJ%2BNG%2BEmMHYnabW8U77WUi6V4OGV7U2O5qGeCQCSi88rhCCO%2FXc1Uw3dIG8ocOhhhyROBhzBJ1%2FnQbAY2baz%2Bj4Pa51fh5mjjPT%2Blx9Do%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e42ef72987a5687-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":39580,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1600x160, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"07e6802410c00e36a91fd6c2c6098a54","sha1":"a05d8f1775b62763fa1fe66087ef33e1502e7ecd","sha256":"9359cf01f04e5beb9f3da92598952e0c9ea789c4a8c6eb2672f204612f9a6f00","sha512":"6f7247bb2a4f43195818690e972e562fae483bbe34ab1f29dd9c095f9edf158e147682a9c65f8713039e20f1fc5f0294c9eefd4ed9a148246c2eca239b770d72","ssdeep":"768:XANciDPtKdffShNyjiSisPI2+zeTA83AmbcLKsp:SVMdnu2ig5lk83AarU","tlshash":"cf0302d5d08dd8aa2f1e333395d8f8c25be6c4528394558a6fee28071537416efc9437","first_seen":"2026-03-21T23:21:16.87342Z","last_seen":"2026-03-30T02:15:03.266276Z","times_seen":11,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/Odometer-CVaM43ag.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.485Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/Odometer-CVaM43ag.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/assets/JackpotPoolsWidgetContainer-B5MGOsjJ.js\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"3d08-lFkApsI68G0Q7p7pezUyx9NGA74\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":15624,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (15623)","md5":"7ce0493e80abab5b502971adf63e2c5e","sha1":"945900a6c23af06d10ee9ee97b3532c7d34603be","sha256":"1f330e0f505666aeda740fec841089b5efb4cba906b2c8c6e5875e4a7bc7fb02","sha512":"ba03da5413f32a34f119078a3a4d1c30367cf37abb950fb8cbace215ac90ced02f7a8f939c5155cf02b5c92f099d8ca9650dfd09019b33d8f94f57e4d574e6d8","ssdeep":"192:Hd7+NJtQaM1S0KCL529Xskmkjm6H/I7kauLPH7BNeSYpkYxSBrC7TlFa4PFD:kVQaM19K0khm6m6H/LPyFtUhkNPZ","tlshash":"3d622a897922723443a3b2a055bb4609773f5d6a3809405db67caeda7e32c09d12bff1","first_seen":"2026-03-28T16:05:39.445042Z","last_seen":"2026-03-30T02:15:03.137514Z","times_seen":8,"resource_available":true,"data":null}},"time_used":36,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":36,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1063.com/storage/medias/galabet10/content_751_e17e2bd68c4902720215ccdc250ea7cf.webp","fqdn":"icons.galabet1063.com","domain":"galabet1063.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.956Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1063.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:15:23 GMT","end":"Sun, 24 May 2026 11:15:19 GMT"},"fingerprint":{"sha1":"C4:6E:C1:0C:2A:88:F4:C7:0A:FC:21:E6:85:92:C0:68:80:2C:FB:17","sha256":"91:A1:28:71:34:B4:38:04:7E:56:1B:F2:5E:81:57:F5:65:0C:43:12:65:B7:83:86:E2:32:BC:61:62:00:6E:8C"}}},"request":{"raw":"GET /storage/medias/galabet10/content_751_e17e2bd68c4902720215ccdc250ea7cf.webp HTTP/1.1\r\nHost: icons.galabet1063.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 30 Mar 2026 00:18:09 GMT\r\ncontent-type: image/webp\r\ncontent-length: 30858\r\nserver: cloudflare\r\nlast-modified: Mon, 15 Dec 2025 14:02:13 GMT\r\npriority: u=4,i=?0\r\netag: \"694014e5-788a\"\r\nexpires: Mon, 06 Apr 2026 00:16:47 GMT\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\naccept-ranges: bytes\r\nage: 81\r\ncf-cache-status: HIT\r\nset-cookie: __cf_bm=9GVDqsGssxtgKzo7NI328V8M.pboDbVtxIq7qn7bU1M-1774829889.0854576-1.0.1.1-UvtQyDR0dHi0HYFhI3jU4yRZjsscNmcs07FwseJFns52efuHsokPtUCeZik3kF_w2c44Gcd30YqyfhsoJDtWNIR.wD5UNQIBPbyKAyUhHGmNx0wGo78IClzqlkAv30Q.; HttpOnly; Secure; Path=/; Domain=galabet1063.com; Expires=Mon, 30 Mar 2026 00:48:09 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6Zr9UB%2Fc15t7QOSeHIomNoxtN5zH8BHIBtGM%2BCL%2BWOFxfIXoROgH9VQxUE5qQCa%2B%2FCzeDAdUWwrAkiYHNOFihTSsHnyUhczowkt%2Bf4ckBlaEFTkejpuBh6YII%2FNyuZZ8TN7xgls2DO8%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e42ef76ca3d5687-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":30858,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"f3a657bf250f0501b6684593c6d3449f","sha1":"3ae10ca24e1ed4fd7f3ee97a04029f84edb29c60","sha256":"4df91740f4d1d34398bcde4b0e71127587fe51241c3283f3e7a3bcffefdfc21e","sha512":"c70376beec80f90f2b6f42daa10038112bca9eb928f50f6dfbbb4b8e9054ecfde0afd7aba72fa826bd64ab0615dae03db9d608d7f63e06af394bcd5b669a2ec5","ssdeep":"768:X2NTeq/6/zzgNTdJxlOo7U+QcbTMcipzeGy3sB1I0:4Kq/6/0O0UOOzeKBS0","tlshash":"22d2e1a0782165c72e6e25483195487b904f5bec73687de5b9ac03b3ed0e2f24f69339","first_seen":"2025-12-24T22:39:16.142316Z","last_seen":"2026-06-03T04:20:31.9141Z","times_seen":62,"resource_available":false,"data":null}},"time_used":156,"timings":{"blocked":128,"dns":0,"connect":0,"send":0,"wait":27,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gstatic.com/recaptcha/api2/logo_48.png","fqdn":"www.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.67","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.recaptcha.net/recaptcha/api2/anchor?ar=1\u0026k=6LcKXcgUAAAAABnErUWDwYMpRiWUfgDhsWTkyPIJ\u0026co=aHR0cHM6Ly9nYWxsYWJldDEwNjYuY29tOjQ0Mw..\u0026hl=en\u0026v=79clEdOi5xQbrrpL2L8kGmK3\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=30000\u0026cb=d0lzo1o10o6f","date":"2026-03-30T00:18:15.165Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 09 Mar 2026 08:37:46 GMT","end":"Mon, 01 Jun 2026 08:37:45 GMT"},"fingerprint":{"sha1":"CE:A8:F5:0E:2D:25:9E:74:0C:47:4D:6C:AD:DF:7B:FC:CE:E6:41:7D","sha256":"E1:06:81:F7:22:E3:29:2F:2A:B9:4C:3F:37:46:25:24:5B:C8:B5:7F:9C:3E:54:A2:D2:DD:E0:54:C0:09:12:C1"}}},"request":{"raw":"GET /recaptcha/api2/logo_48.png HTTP/1.1\r\nHost: www.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.gstatic.com/recaptcha/releases/79clEdOi5xQbrrpL2L8kGmK3/styles__ltr.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha-scs\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"recaptcha-scs\"\r\nreport-to: {\"group\":\"recaptcha-scs\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/recaptcha-scs\"}]}\r\ncontent-length: 2228\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 26 Mar 2026 02:29:47 GMT\r\nexpires: Thu, 02 Apr 2026 02:29:47 GMT\r\ncache-control: public, max-age=604800\r\nlast-modified: Tue, 03 Mar 2020 20:15:00 GMT\r\ncontent-type: image/png\r\nage: 337708\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2228,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced","md5":"ef9941290c50cd3866e2ba6b793f010d","sha1":"4736508c795667dcea21f8d864233031223b7832","sha256":"1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a","sha512":"a0c69c70117c5713caf8b12f3b6e8bbb9cdaf72768e5db9db5831a3c37541b87613c6b020dd2f9b8760064a8c7337f175e7234bfe776eee5e3588dc5662419d9","ssdeep":"","tlshash":"c34149bb68287f1be14b501d319001e4b5bb891327c8f24180bf974e4662eaad10f118","first_seen":"2023-04-05T07:17:57Z","last_seen":"2026-06-08T19:36:28.258033Z","times_seen":649024,"resource_available":false,"data":null}},"time_used":29,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":29,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/lodash-mq4f_UMN.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:05.511Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/lodash-mq4f_UMN.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gallabet1066.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:05 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"285a8-YqlzwbytGs6OflkUA4HDxYzmiEw\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":165288,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (35300)","md5":"f8720f0f29964a56710f60e77afd1621","sha1":"62a973c1bcad1ace8e7e59140381c3c58ce6884c","sha256":"e2edd84139ebd5db6d21a8b18f1235348ed9cf7c046c87f1aab29826cacf02f4","sha512":"9e98a629a56bb137444cb533005b46482afda1668df60a44ddee9a038a9af57677cbba38e2c6413a089ce14ed9459814b5c7705dd5ec25704c0e8be0bd23f3a9","ssdeep":"1536:Tit6Yc+cPLTG4Z/e1tR8LWqpx7E6GyT1SCeES3n1dPdy0D5zKKif78dqHQ3DKmLo:TAcqwWq6yT1EedNHYDKmRfKMa","tlshash":"76f3a0c835d7f4a183a7287440bf084ff23dad65a84cc550e1aae0dd7db89298277e6d","first_seen":"2026-03-28T16:05:39.430528Z","last_seen":"2026-03-30T02:15:03.204731Z","times_seen":8,"resource_available":true,"data":null}},"time_used":25,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1063.com/svg/TvGames.json","fqdn":"icons.galabet1063.com","domain":"galabet1063.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:07.368Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1063.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:15:23 GMT","end":"Sun, 24 May 2026 11:15:19 GMT"},"fingerprint":{"sha1":"C4:6E:C1:0C:2A:88:F4:C7:0A:FC:21:E6:85:92:C0:68:80:2C:FB:17","sha256":"91:A1:28:71:34:B4:38:04:7E:56:1B:F2:5E:81:57:F5:65:0C:43:12:65:B7:83:86:E2:32:BC:61:62:00:6E:8C"}}},"request":{"raw":"GET /svg/TvGames.json HTTP/1.1\r\nHost: icons.galabet1063.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://gallabet1066.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 30 Mar 2026 00:18:07 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nlast-modified: Mon, 30 Jun 2025 11:10:31 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=FWO8fn7erWRxgD7bxHtnd7OW1YsOS_ew6iHE7xwxpGk-1774829887.382025-1.0.1.1-LBxsg9PGMUnz8F.Ujn6bXba3c4wtEJA6WDCCQ_KGy43gjRG9aPphd7YI8OWevxGaVDY6QpeftTzoUcveT3AcnIoP.Y5hjwmMb6fFX2N5Nz7lx8SAy6hXm3YKsPggfVj_; HttpOnly; Secure; Path=/; Domain=galabet1063.com; Expires=Mon, 30 Mar 2026 00:48:07 GMT\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BP%2FlqmntjLNTpSSYRpDHmgiv8qGEds6%2BpyrNcjqQ6bt20t%2BG0lqyl7QT9P374ktxIxAik2hoBI7NqG4q1UFWGH8otQvw67XvoIvlfTIrQCFy5xdhzyHNiwYGi2YaMjbPf4nGWe4PGEM%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\netag: W/\"686270a7-c81\"\r\ncontent-encoding: br\r\ncf-ray: 9e42ef6c2b62b509-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":3201,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"8cb4d739571507bd6cd3b25a15163537","sha1":"f8061ea6ba5d599b463f5f146b407b0f6fbe4bfe","sha256":"3b2f15bcef3e58ac040feea4d073d42f18e48bb6f399c4f9f89845931f87085c","sha512":"38862ca5d9bb144dfa4b9c0568f05439e788848d45f8891fe508570322d34200ecb0e3f70dd9f1e8ae5659ae3333fe154d439e797c556ee94fbf88f47ddc3cb3","ssdeep":"","tlshash":"41619c87ff3089e04a7c5f99af6840d76689c05dcf731118b23c643e5af7d5884ac9a9","first_seen":"2025-07-08T10:50:27.694177Z","last_seen":"2026-06-08T11:36:24.492839Z","times_seen":498,"resource_available":false,"data":null}},"time_used":98,"timings":{"blocked":14,"dns":0,"connect":0,"send":0,"wait":84,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/JackpotPoolsWidgetContainer.C5xbwG7T.css","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.081Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/JackpotPoolsWidgetContainer.C5xbwG7T.css HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/tr/\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"1e9f-X8f0bU2nb7KkLFIAc5HSF5fWBsE\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":7839,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (7838)","md5":"e5810a6dc4d39ef75c921489cfd463c7","sha1":"5fc7f46d4da76fb2a42c52007391d21797d606c1","sha256":"152eaf9db05e66e0b7e8ad6961a68ed2bacc25204acec7a0cc81547e002b278e","sha512":"07eb19ac6e96b910645b4e77b14840bc99ed3c4be03c78a7d8af8449906dff08791eb2701c710245c329b38281b118d422921cb1a3272c97fa5ea1d1de06bcbb","ssdeep":"96:Xnxo6ZIBmmohvoDxTTFQPHf9bzsV/bV/YgV/FxV/QV/OV/tV/IV/EVSVqV0VOVB2:XnX1Xx3erZg+L8Pyw","tlshash":"bbf1651352ab33ac6eee6937a170e31c7b7c083dc7131559adaf124a4e9aef1061971c","first_seen":"2026-03-17T07:58:07.338795Z","last_seen":"2026-06-07T06:35:51.59834Z","times_seen":68,"resource_available":false,"data":null}},"time_used":45,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":45,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/tracking.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.179","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.501Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"livechat.com","organization":"LIVECHAT, INC."},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 11 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"66:A3:6F:A0:92:9E:A2:01:91:16:68:AA:27:A9:41:28:FC:25:27:68","sha256":"03:FC:5A:F6:F7:06:15:5B:0F:31:DB:6C:4E:D7:E4:1B:69:80:1F:C3:5A:E3:85:5A:FF:8D:22:81:92:ED:25:2F"}}},"request":{"raw":"GET /tracking.js HTTP/1.1\r\nHost: cdn.livechatinc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-guploader-uploadid: AMNfjG3udTuXHi4sO-MP-n406YyyrlO479LpMjeEZDHF31Ex4ZGRuHQRi2LnIWPdY19y78TObLivZw\r\nlast-modified: Thu, 26 Mar 2026 10:08:33 GMT\r\nx-goog-generation: 1774519713309479\r\nx-goog-metageneration: 1\r\nx-goog-stored-content-encoding: identity\r\nx-goog-stored-content-length: 102724\r\nx-goog-hash: crc32c=MQD5XA==, md5=3VELS5LEVlh26roJIr4xwQ==\r\nx-goog-storage-class: STANDARD\r\naccept-ranges: bytes\r\naccess-control-expose-headers: *\r\nserver: UploadServer\r\ncontent-encoding: br\r\ncontent-length: 33196\r\ncache-control: public, max-age=28800\r\nexpires: Mon, 30 Mar 2026 08:18:08 GMT\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]}],"data":{"size":102724,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"data","md5":"dd510b4b92c4565876eaba0922be31c1","sha1":"d5cb474672f30fb40b2890b9997489ccc4959ede","sha256":"4867e627df680a89fbfb6f12e0d0d7954c66892b4ed298ea00ff6edf9458e233","sha512":"11cd053e8cd60076b70d6cbc0135fd555b6c7066cbcb380b11c61ffb5b99737d202de4706d734de5aef57bfc8758ed55d810a813d7b045bcb5f906fc4d5c6468","ssdeep":"1536:E5yeuRri7fZnapIckNteu4RbyitiBwpDwLmkojkvRX2L/e:E4euRu7BLqu45yw3kvULW","tlshash":"d5a328d67282b03493f785e7a17fa216b33a191c740d8410f17cec6a396a9879177f2e","first_seen":"2026-03-26T10:47:24.35031Z","last_seen":"2026-03-30T09:59:39.353304Z","times_seen":338,"resource_available":true,"data":null}},"time_used":78,"timings":{"blocked":26,"dns":25,"connect":4,"send":0,"wait":2,"receive":2,"ssl":16},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/HorizontalSportsList-BPz81vbO.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.513Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/HorizontalSportsList-BPz81vbO.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/assets/FeaturedGames-DfIwIlXg.js\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"1a6-BUomaKgriysRO6xgpel2KhhweM4\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":422,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (421)","md5":"1f88a219cf0ebc5b46874e3a383aa7b2","sha1":"054a2668a82b8b2b113bac60a5e9762a187078ce","sha256":"e6f7b2217e27a9951b16e1fa5f46ba8901f4c7c35a071960756151442c5747f5","sha512":"b1a49bf38ce729459fa7180f26c0bcac1e91aed1f1eb7d20454f2161e828b6b1e28c6ff2d7b8861f13c4f4558172edebbe2f9ea6be44908c71cfb150e1ca81f8","ssdeep":"","tlshash":"2fe02bc198629ef46a1a88efa95c24847162087cef176660e29492581f7408bf76914e","first_seen":"2026-03-28T16:05:39.424659Z","last_seen":"2026-03-30T02:15:03.179737Z","times_seen":8,"resource_available":true,"data":null}},"time_used":32,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":32,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1063.com/content/images/casino/icon3/4b264f82dff0a2449eff3dd18895eac9_casinoGameIcon3.webp","fqdn":"icons.galabet1063.com","domain":"galabet1063.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.521Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1063.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:15:23 GMT","end":"Sun, 24 May 2026 11:15:19 GMT"},"fingerprint":{"sha1":"C4:6E:C1:0C:2A:88:F4:C7:0A:FC:21:E6:85:92:C0:68:80:2C:FB:17","sha256":"91:A1:28:71:34:B4:38:04:7E:56:1B:F2:5E:81:57:F5:65:0C:43:12:65:B7:83:86:E2:32:BC:61:62:00:6E:8C"}}},"request":{"raw":"GET /content/images/casino/icon3/4b264f82dff0a2449eff3dd18895eac9_casinoGameIcon3.webp HTTP/1.1\r\nHost: icons.galabet1063.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: image/webp\r\ncontent-length: 28746\r\nserver: cloudflare\r\nlast-modified: Fri, 24 May 2024 12:55:27 GMT\r\npriority: u=4,i=?0\r\netag: \"66508e3f-704a\"\r\nexpires: Mon, 06 Apr 2026 00:18:08 GMT\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nset-cookie: __cf_bm=DjyngaStEK2mHo_lm80Td7LtGfDLwQNUZyYXW9OY_UI-1774829888.495662-1.0.1.1-Z5cCMpW6nweww8CaMuA_D9GqnrDS2ZQBWLSTmh1L987tUZu_oBfoFQj10R7mnVpYx4PPo.D1iNAy0cuaMQvnHOlkbHMotQqyn4a5AJgW2VFtvf7dvrWqFsqSuFbL1Bum; HttpOnly; Secure; Path=/; Domain=galabet1063.com; Expires=Mon, 30 Mar 2026 00:48:08 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=sV%2BlEBWbnNzN8TTs0Hq%2FTyxptk9kGLOT0u73ZFoAlzCZFZwKgY2xZgAsB%2FcQsd3yG6sbd09zhdgBkSyFUS8uw6dOYm9Dcf%2FPtehg3WmL4F1RrA4ZV60yeWn%2FJEi8hYu02tk66jVzSro%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e42ef7318a95687-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":28746,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 440x310, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"d625311757b22ef12d6f6c9baca4c599","sha1":"178252135a6968c4e9a5149b06503c365d09ca08","sha256":"563d7d2acf42d671c309e9a9d4a438505bdb43f531e5d38181664221a084fee2","sha512":"a02af144c06face2d13ff6dd319a08c3eb11ee2e08cbb0ac5000c8179fd13d797dde66ba07363af6f80f782dfbf9b2eb47fa0f050f436bf7f6d3624ef2a5d490","ssdeep":"768:VyZjkTYIqhDWIuiIAgz8LKpeq1O6I18QKd4fiyuxgomGK:Vy9kUDDWPiIB8LKplBIGQKd4faWomp","tlshash":"01d2e193df9e064ed93f8f4339ac6bda72a63a648105b3658c1d9701fd7beb406c0909","first_seen":"2026-02-24T14:23:51.406196Z","last_seen":"2026-06-06T23:43:56.07954Z","times_seen":27,"resource_available":false,"data":null}},"time_used":122,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":87,"receive":35,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/__statistics-proxy/images/e/s/0/1040.png","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:14.283Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /__statistics-proxy/images/e/s/0/1040.png HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/tr/\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D; _ga_2CT6DSEQTF=GS2.1.s1774829891$o1$g1$t1774829891$j60$l0$h0; _ga=GA1.1.1980892810.1774829891; ajs_anonymous_id=8a3528ef-ecae-4d6a-918e-6b61b4f3e7d5\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:14 GMT\r\ncontent-type: image/png\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":1232,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced","md5":"07b2db701eee37dd6c9fcc592afa6c4e","sha1":"2524b56967ea4f4b44c165d782d0e07eccc60778","sha256":"cef7fb02285c24a6dc08d928c94dbdd951ac919ae9b1fbba72a5a3ae4aedc6e7","sha512":"b7f66d146f1d9f12dd2639b6ae024e5a05c4699549b64998f8bf0de16a3815f2e7f5879fdbbb8002af646572a56ff1a1e62337d3e74e1cfb8de953775f9f9b08","ssdeep":"","tlshash":"4021b77bea75f0d74f0b710c619b1a826f73a69110c922011f38c7895a245080af2398","first_seen":"2025-03-30T08:45:23.131859Z","last_seen":"2026-04-29T13:47:02.920317Z","times_seen":10,"resource_available":false,"data":null}},"time_used":314,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":314,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/index-B4qfN096.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:04.979Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/index-B4qfN096.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:04 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"11442b-6gq8DvX4RWase/WrLSDHl/hgdVg\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":1131563,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (25102)","md5":"d743a7cfff362640fcd65a7646bf2c13","sha1":"a8249e493177449f7d994b6c628ab5260e3b3df1","sha256":"bb5ea860befacd0f6454a5edb43859549bf5acb237c28034217a185547612636","sha512":"a9429c0eeb9775fc483fb61194c57f0e936b2db4976dd9a94088fb55af790749bb9b67e7adb51b9c3cee7f5a5c8f676b82d51899a875f2ec854ae0749b59b5fe","ssdeep":"24576:OyOgWT+GeNs1/FQpkdUDk2YePx6K2GVvbj+PZYv+kfV:OyOgWTzeNs1/FQpkdUDk2YePx6K2GVvT","tlshash":"2a257d85b055b97997b709e560af0006b2391e00f44dc860f57cedad39bd809a2bbfbd","first_seen":"2026-03-28T16:05:39.389233Z","last_seen":"2026-03-30T02:15:03.17371Z","times_seen":8,"resource_available":false,"data":null}},"time_used":49,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":49,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69967ba6a3b/languages/en_dev.json","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"172.66.161.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:05.819Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 06 Mar 2026 09:33:33 GMT","end":"Thu, 04 Jun 2026 10:33:27 GMT"},"fingerprint":{"sha1":"F0:6C:DC:32:63:CD:34:E3:15:CD:7F:77:F5:A3:64:E0:9B:36:95:83","sha256":"B6:7F:6E:A3:69:3E:0D:3B:04:3E:8B:65:86:7E:1D:5F:82:84:18:16:8D:AD:72:D5:51:E3:46:BC:BD:CD:BC:38"}}},"request":{"raw":"GET /_s/v4/app/69967ba6a3b/languages/en_dev.json HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gallabet1066.com/\r\nOrigin: https://gallabet1066.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 30 Mar 2026 00:18:05 GMT\r\ncontent-type: application/json\r\nlast-modified: Thu, 19 Feb 2026 02:56:35 GMT\r\netag: W/\"73eea1de9215521cb137b51419ba55a9\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\nage: 81\r\nvary: accept-encoding\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nx-content-type-options: nosniff\r\ncf-ray: 9e42ef625bf7dfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":10839,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"73eea1de9215521cb137b51419ba55a9","sha1":"a8876b573146cd5450adc92a5450febea8d33f22","sha256":"df1d970dbd95be40780e8c006102fa7892bfe26bc989ee0c9222b089038542ee","sha512":"277849fa8a9d59430663b5c1aac29a198436731ab59bc5968ed9fcfb839f00a31e6e278c3c78547f6e1c20d94847963375de011be6493af268a7bac25cd15257","ssdeep":"192:ImwHq/LrnzPLEgIE1iN+xiDgGOy+HpVHnKWyay8V1K5Av+cE:s6LrnzCE1iN+xkDOy+Hp8/5Avy","tlshash":"c7224269ce504ea702c29647399f35437624429b1f54382eb78891ac0f8ec6f71f779e","first_seen":"2026-02-18T09:54:55.751197Z","last_seen":"2026-06-08T19:38:41.229656Z","times_seen":21476,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69967ba6a3b/js/twk-chunk-2d0da3af.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"172.66.161.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:06.910Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 06 Mar 2026 09:33:33 GMT","end":"Thu, 04 Jun 2026 10:33:27 GMT"},"fingerprint":{"sha1":"F0:6C:DC:32:63:CD:34:E3:15:CD:7F:77:F5:A3:64:E0:9B:36:95:83","sha256":"B6:7F:6E:A3:69:3E:0D:3B:04:3E:8B:65:86:7E:1D:5F:82:84:18:16:8D:AD:72:D5:51:E3:46:BC:BD:CD:BC:38"}}},"request":{"raw":"GET /_s/v4/app/69967ba6a3b/js/twk-chunk-2d0da3af.js HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 30 Mar 2026 00:18:06 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 19 Feb 2026 02:56:35 GMT\r\netag: W/\"6ac4b41bfa3079e73da08ba512cca2e3\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\nage: 402865\r\nvary: accept-encoding\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nx-content-type-options: nosniff\r\ncf-ray: 9e42ef6928078be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":14213,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (14213), with no line terminators","md5":"6ac4b41bfa3079e73da08ba512cca2e3","sha1":"28236a6e21a500f8eb1fc0804ed1553f4b7fdcae","sha256":"b6ca684b4ef298f79d931ea40f8c3b597bd7e8d892a21e7cfc756cb3215792eb","sha512":"8fc4f8a4242748771f8a9220744ad1a1b501fa381ccbea978dc7062afee4c8788f2ad79a74572020146ce13610abcdba43f005cc36a2a455eb2d6a226a689f24","ssdeep":"384:UJw/U5YK8Hx9KJsThWazJbUZDkM0kWEYPk6F+UtKM5eH:6+9KJsThWazJbUZDkM0kWEYPk6F+92eH","tlshash":"9052c6a7b2a4782d42379712308f3205f33b7d45b215da19f36edcea4aa84c16056f3e","first_seen":"2026-02-19T03:13:10.683375Z","last_seen":"2026-04-15T01:21:42.644883Z","times_seen":7903,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/__proxy-cms-media/storage/medias/galabet10/media_751_d9ae3c894307358d99e0d666e91a8018.png","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.068Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /__proxy-cms-media/storage/medias/galabet10/media_751_d9ae3c894307358d99e0d666e91a8018.png HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/tr/\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: image/png\r\ncontent-length: 3192\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: Content-Type\r\ncache-control: public, max-age=315360000\r\ncf-ray: 9e42ef709c68bdf3-AMS\r\nlast-modified: Wed, 23 Aug 2023 05:40:31 GMT\r\netag: \"64e59bcf-c78\"\r\nexpires: Thu, 27 Mar 2036 00:18:08 GMT\r\naccept-ranges: bytes\r\nage: 48224\r\ncf-cache-status: HIT\r\nset-cookie: __cf_bm=m0nZJi3LgvaIbIDFMDhxCcRPo5W30sbaeA0y26dDfa0-1774829888-1.0.1.1-1PRm2rfti3IeEREfwDGUeRIQF.mN5wpcT9ARkiQtYdVrvFPyMPgSlRgmISMpoTCPnE2fFTL8JVR61POofd.t5MZWCY2E3Zbj2lz4elf.rYU; path=/; expires=Mon, 30-Mar-26 00:48:08 GMT; domain=.betcoapps.com; HttpOnly; Secure; SameSite=None\r\nvary: Accept-Encoding\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3192,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced","md5":"7abcec36faa73c3c894b361fd966fcf6","sha1":"46f3c98f019e59da6263dc8278edd18eeb5e36eb","sha256":"1084b9e09a8774b738e99814bf9869be91b3c154d88bde64c9eac5e399153b19","sha512":"bbe0c85875f870eafc2ecc05b3c21d5a8c0022f1fe92224e65d3fb3f11d68f5793947b810d00c612361e96bd113a510f2329aab9437de415f5be3e1551800cb0","ssdeep":"","tlshash":"ca616df43548b234e081f076129690e50436be4e219eee17b597737cbf2515cd0c7149","first_seen":"2025-12-24T22:39:16.116509Z","last_seen":"2026-06-06T23:43:56.103943Z","times_seen":54,"resource_available":false,"data":null}},"time_used":97,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":97,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/__statistics-proxy/images/e/s/9/19158.png","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:14.189Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /__statistics-proxy/images/e/s/9/19158.png HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/tr/\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D; _ga_2CT6DSEQTF=GS2.1.s1774829891$o1$g1$t1774829891$j60$l0$h0; _ga=GA1.1.1980892810.1774829891; ajs_anonymous_id=8a3528ef-ecae-4d6a-918e-6b61b4f3e7d5\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T19:34:27.179619Z","times_seen":16247994,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1063.com/svg/TvGames2.json","fqdn":"icons.galabet1063.com","domain":"galabet1063.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:07.365Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1063.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:15:23 GMT","end":"Sun, 24 May 2026 11:15:19 GMT"},"fingerprint":{"sha1":"C4:6E:C1:0C:2A:88:F4:C7:0A:FC:21:E6:85:92:C0:68:80:2C:FB:17","sha256":"91:A1:28:71:34:B4:38:04:7E:56:1B:F2:5E:81:57:F5:65:0C:43:12:65:B7:83:86:E2:32:BC:61:62:00:6E:8C"}}},"request":{"raw":"GET /svg/TvGames2.json HTTP/1.1\r\nHost: icons.galabet1063.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://gallabet1066.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 30 Mar 2026 00:18:07 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nlast-modified: Thu, 03 Jul 2025 10:31:07 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=QlDFtdarHN7cp1N25t4DCGQ012I8cYRC_EkK.UhdSSo-1774829887.3785713-1.0.1.1-HZEWywrCckSM037MqFbMtinkeeS46ULn1oz2PlAKZEik7K34.ftQIWbIrZgSYPNCuj6QgN6S5zCAxdKeqnlYv2VYeyUsDSC9KXLQekLwycsy3ri4recfp9yYnMpnEvz2; HttpOnly; Secure; Path=/; Domain=galabet1063.com; Expires=Mon, 30 Mar 2026 00:48:07 GMT\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lFVhuLyf1vdAVoVBT86WOyE%2BJWhJ0e2yQ%2BUMSn%2FiZNv0vyVBiNuxIjA2ME1wm29RbFDvTzhlKUT6eiOIZZcnK31C3AC48taxBGkACN4g%2FCF3hME3M1WhLEAmk%2B%2BJkhcWa4nqR1yYfu0%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\netag: W/\"68665beb-8dc\"\r\ncontent-encoding: br\r\ncf-ray: 9e42ef6c1b60b509-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":2268,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"60d24e57914ca41e702277a9ce44e813","sha1":"bfb08c8dce26d91b1fdaa008ffdea07bc100e0c7","sha256":"144a8bd1616f38a95bc6e7f59283e462f358a2dcf79e10cd7bd256d49e6e4134","sha512":"43503c3df559cc8b5fab3dcd299f5dbfc8d5a6f9dbd458781c53a409d859ed730ffc24420d462b914b4ef96f1d63d9bb508ef733bad33edadc5a2d12b22e4eb5","ssdeep":"","tlshash":"7f4165f9efb091f46dd94fa9ef324cec750e68fd9f220a84812c861c66a3d94d644410","first_seen":"2025-10-09T13:22:28.980997Z","last_seen":"2026-06-06T21:30:11.472171Z","times_seen":73,"resource_available":false,"data":null}},"time_used":95,"timings":{"blocked":13,"dns":0,"connect":0,"send":0,"wait":82,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/homepage.json?v=03/24/2026-16:50","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:07.371Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /homepage.json?v=03/24/2026-16:50 HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/tr/\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:07 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\netag: W/\"938-QlkLW346b2vIVRB346mLDK+Fnkg\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2360,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"675b507b70f39e07be8925f75058608a","sha1":"42590b5b7e3a6f6bc8551077e3a98b0caf859e48","sha256":"947b6764624290fda0991b5e06f0cc8ec17f469fa6ea3abd374cebd9a25fdf93","sha512":"a11bbe53280dbad32c58212b454a474a02a254a4704964cda44d191e82e32cf6dbf79afb0329eb54200f9b07a4d89a5342b62c726bbe3aa8fb0888cfccfdadaa","ssdeep":"","tlshash":"39415d3d6c10deb8b3a08a23d28267c16546d968c7d44c5c1cedea6ad3ed29d1484fbf","first_seen":"2025-12-24T22:39:16.115426Z","last_seen":"2026-04-30T14:34:08.174115Z","times_seen":30,"resource_available":false,"data":null}},"time_used":29,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":29,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/events-iw1xtyOD.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.075Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/events-iw1xtyOD.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/assets/index.es-Bpw37RR6.js\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"17fd-RuAxuCUB7S0ljPIyUndEfktgU6k\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":6141,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (6140)","md5":"bd3f1fd12c3c34313631fb65d0efa876","sha1":"46e031b82501ed2d258cf2325277447e4b6053a9","sha256":"64889c65b6786afa069c8fddebc1703aa0d53a80c284cbbc7bb20e5061e33599","sha512":"38e3ec4a3d2164f9516ec56556ac4ca1b231b8e0c25ed030097a7c4cc38b6129c989ab4b5015c35ee6b9da912a2015a50b4c94a0d4428816dc18bf2155f0f10e","ssdeep":"96:4d9bkM29yWHs9qYfoJCOoRLRlqSpbDq6v3WZHbK3hMSNPaVqsVqH:43IM2sWMtBq6n3PzH","tlshash":"14c144ccb38574b013e7d3abb07f520bf135a598740c5108b61aecf9696bd9e4126b78","first_seen":"2026-03-28T16:05:39.523388Z","last_seen":"2026-03-30T02:15:03.162556Z","times_seen":8,"resource_available":true,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/AiPromotedGamesWidget-Cb_R6mvW.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.255Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/AiPromotedGamesWidget-Cb_R6mvW.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/assets/index-B4qfN096.js\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"803-AVKH1EaY7vjmwZc8RzY1ziJbRJI\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2051,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (2050)","md5":"35044149492f3c3abdc71d6907e863c7","sha1":"015287d44698eef8e6c1973c473635ce225b4492","sha256":"4e8f0db79c7336cafddaefda0cd64290e9aa4fb7b7ac2c430ecbd857b8d01965","sha512":"f37f242eadbb8f64af1f8123243a99234d4155fdc20530f945700bb310fd993f702c80dc739d1c5f0b6d7739c0a16df5599fe2cab89a65bd4b69f77551e2b4b5","ssdeep":"","tlshash":"9b41632b700dca7cf3ac06a49294f34165113b7dd755a0e8baee1901732809d63bdf80","first_seen":"2026-03-28T16:05:39.538557Z","last_seen":"2026-03-30T02:15:03.205962Z","times_seen":8,"resource_available":true,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1063.com/content/images/casino/icon3/4c4a0ca001587da5897edaf8b417ce5b_casinoGameIcon3.gif","fqdn":"icons.galabet1063.com","domain":"galabet1063.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.520Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1063.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:15:23 GMT","end":"Sun, 24 May 2026 11:15:19 GMT"},"fingerprint":{"sha1":"C4:6E:C1:0C:2A:88:F4:C7:0A:FC:21:E6:85:92:C0:68:80:2C:FB:17","sha256":"91:A1:28:71:34:B4:38:04:7E:56:1B:F2:5E:81:57:F5:65:0C:43:12:65:B7:83:86:E2:32:BC:61:62:00:6E:8C"}}},"request":{"raw":"GET /content/images/casino/icon3/4c4a0ca001587da5897edaf8b417ce5b_casinoGameIcon3.gif HTTP/1.1\r\nHost: icons.galabet1063.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: image/gif\r\ncontent-length: 1012077\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 15:37:24 GMT\r\npriority: u=4,i=?0\r\netag: \"697a2d34-f716d\"\r\nexpires: Mon, 06 Apr 2026 00:18:08 GMT\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nset-cookie: __cf_bm=ga44eq_HRL.99NGErgPcL_KqoLiSiggvy3RZJ7cEMcc-1774829888.4951642-1.0.1.1-R5ehpPFvUubzENSLn361VYLDND4MUIipoOw3PIoTteWTzKkX.6IJKj6hoi2.cZSl5nWRxNSEuWGw9UHBLSq8po3IFuqlyohj4ITPzLg8RO.DwoKb1RNbb3caXgVr0kX8; HttpOnly; Secure; Path=/; Domain=galabet1063.com; Expires=Mon, 30 Mar 2026 00:48:08 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Gop6szhftV%2BAwVbp53dZlO1HQzJcD0JDtN3XPjJfyUDiAXvgnXbZBb0%2BX%2B%2FK%2BIwkLZpaz9RR1BUM%2FMSR44TXNzcrUmq1Z3UcImVdlrIQ%2Fh%2FBiBvn9tdRH7F4i%2Bd4IJE2Lr7fOVzcLvY%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e42ef7318a85687-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":1012077,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 440 x 310","md5":"df58c9ef6a9fe2400b8068a206bc44c7","sha1":"aeb7477f8725269116ab2348eff848f040314c9c","sha256":"3befa99bdb44c4f4a444f29a042ece4e8b0be8713d1d6201829c01f71f15af25","sha512":"fdd04febfda3eb0ece84ab5e508e3ea2bcb839df95340ceeecdbb22667231493fe695bd1b8bf2f350d19f99d0cb133452c660871809c6f49a36b4777b5845feb","ssdeep":"24576:juvSL8fPnFliz6LiO9pkJ/mZW6OsqHGGKIP3Aem3343zcvcWgHu9pQ/:8SIftk29pMmZEuITEo3sMqQ/","tlshash":"a025339a6f88c1005711f3782e85a55efe359a809f87fdb04e333139f0cda58697a876","first_seen":"2026-02-24T14:18:16.785954Z","last_seen":"2026-06-03T04:20:31.832043Z","times_seen":23,"resource_available":false,"data":null}},"time_used":572,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":88,"receive":484,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/TabItem-BG99olJy.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.548Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/TabItem-BG99olJy.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gallabet1066.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"19d-IGa+UpS0kZ+4k6DQji4Id/SSBNI\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":413,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (412)","md5":"e3376ee9a88dd7571d01ed83a52b1575","sha1":"2066be5294b4919fb893a0d08e2e0877f49204d2","sha256":"a18382c584c849316565066c6d9c15135cbd26c13d422af3efd32bd1547682c8","sha512":"d177f55d9d5724b20d061bf15994345f058b742a78c7ca5ec65c8e7ed4a4ab3abfd78d16dd663bbe7431765dd637bd30ef57bbffd4979d78c8c1b80ffa90d260","ssdeep":"","tlshash":"03e02b42a020f3f5982b44d6d26e94c732260ddcda5688e6f0a22050072e521f74ff8e","first_seen":"2026-03-28T16:05:39.471795Z","last_seen":"2026-03-30T02:15:03.16973Z","times_seen":8,"resource_available":true,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"explorer-api.walletconnect.com/w3m/v1/getWalletImage/3386dde1-8b24-48c8-4b81-16979e342000?projectId=45f4062f4f6427f9e6eab952d2452b3c\u0026sdkType=w3m\u0026sdkVersion=js-2.7.1","fqdn":"explorer-api.walletconnect.com","domain":"walletconnect.com","tld":"com"},"ip":{"addr":"104.20.35.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.763Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"walletconnect.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 05 Feb 2026 12:00:46 GMT","end":"Wed, 06 May 2026 13:00:31 GMT"},"fingerprint":{"sha1":"0B:75:F6:C4:1F:5C:D6:FA:A0:CD:3E:89:69:B2:43:70:98:34:EB:71","sha256":"A7:6F:DB:DB:DF:40:40:BC:E0:FA:21:6A:0A:3B:17:05:37:B7:17:6E:6E:BC:B2:89:3D:F4:E2:7C:EB:48:E6:5E"}}},"request":{"raw":"GET /w3m/v1/getWalletImage/3386dde1-8b24-48c8-4b81-16979e342000?projectId=45f4062f4f6427f9e6eab952d2452b3c\u0026sdkType=w3m\u0026sdkVersion=js-2.7.1 HTTP/1.1\r\nHost: explorer-api.walletconnect.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://gallabet1066.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: image/webp\r\ncontent-length: 1688\r\ncf-ray: 9e42ef74bb865ebd-OSL\r\ncf-cache-status: HIT\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 81\r\ncache-control: public, max-age=31536000, s-maxage=86400\r\netag: \"cfEA-Bw7H9k1gZltgcL-Suew9FfmDcyauXnchu_YTSDQ\"\r\nserver: cloudflare\r\nvary: Accept\r\nx-wc-r2-status: HIT\r\ncf-images: internal=ok/- q=0 n=690+4 c=0+4 v=2024.10.6 l=1688 f=false\r\ncontent-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'\r\nx-content-type-options: nosniff\r\nx-robots-tag: noindex\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1688,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"2bffc4df749e3b8f1d0890df22f4bc77","sha1":"ec3033a449dcff239808409c5d96d388a661ea37","sha256":"c7cc404018e711a83cdb04a08a5c5a12f54d1612b3d3cef12a0b7721fccd4465","sha512":"0ef53d6b15c58647ec9f81e562dbda560cd9f6287abf9d07b5e791db37b97879aa57c86637f7213ff127d4d10e4b8528ffc5368e085d8179d18524a4d506a649","ssdeep":"","tlshash":"cb311a52b99510c943825527eff4cd41971398270f3c61734161247349694b22df02d4","first_seen":"2025-01-28T05:59:32.01912Z","last_seen":"2026-06-06T21:30:11.571202Z","times_seen":1649,"resource_available":false,"data":null}},"time_used":48,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":47,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/__statistics-proxy/images/e/s/0/787.png","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:14.326Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /__statistics-proxy/images/e/s/0/787.png HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/tr/\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D; _ga_2CT6DSEQTF=GS2.1.s1774829891$o1$g1$t1774829891$j60$l0$h0; _ga=GA1.1.1980892810.1774829891; ajs_anonymous_id=8a3528ef-ecae-4d6a-918e-6b61b4f3e7d5\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:20 GMT\r\ncontent-type: image/png\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":780,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced","md5":"215797c58ed29ea1f0801b737485b654","sha1":"a3b6015adde0a008217024ebfa146d5046ab7c4d","sha256":"cf1acffa44b88e2c84bf13ec578079a39cf910df9acbf2cb3eb8809e00dbc364","sha512":"0a56e5a669d105fad484477a6317e43e0f9fa76178c8cd91dbf0e265f3655001f2740f7c2a5c3f1cd4886155ec64d513baec4087eb0561588e4e170e105f04f1","ssdeep":"","tlshash":"060141c399d819ada96e9e7352fa19a4b0a711b61e680c5d3be5c026324519410b2ff2","first_seen":"2023-11-20T22:12:27Z","last_seen":"2026-06-04T03:51:32.503776Z","times_seen":36,"resource_available":false,"data":null}},"time_used":6596,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6596,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/FacebookTracking-hUyPiv-j.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:07.641Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/FacebookTracking-hUyPiv-j.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gallabet1066.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:07 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"2a8-aANQexLrHUlAHCEF2u6FKxJZnN8\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":680,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (679)","md5":"329b46df00ba81e577a706e48b1ea8b6","sha1":"6803507b12eb1d49401c2105daee852b12599cdf","sha256":"b83ccab6618c28370253e9678c6421f213cdf215b6cfad2058730d6cd2aeddff","sha512":"080bea66c63b2b2aa1116ad04256965e843c9488fc15cbb5d1191fd9a84d18afc2fe86a516b0711f79aa4d2ff78ce54650ab05151b2d9c12470cffaadb26f048","ssdeep":"","tlshash":"3601fe0f2c45b479167c18a8d3bbd81425ba590a258b44a5c6c389b52a2454a80cdb8d","first_seen":"2026-03-28T16:05:39.419123Z","last_seen":"2026-03-30T02:15:03.124178Z","times_seen":8,"resource_available":true,"data":null}},"time_used":44,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":44,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-2CT6DSEQTF\u0026cx=c\u0026gtm=4e63p1","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.251.143.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:11.242Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 09 Mar 2026 08:36:15 GMT","end":"Mon, 01 Jun 2026 08:36:14 GMT"},"fingerprint":{"sha1":"58:CB:88:A1:C4:55:4E:E5:46:DC:A0:9C:B3:54:25:79:20:1E:E8:09","sha256":"0B:B5:96:A2:57:57:EC:BA:63:14:8A:AF:4C:C2:32:63:18:8B:75:80:8F:78:1D:1F:5B:00:B7:B3:7E:C9:B7:18"}}},"request":{"raw":"GET /gtag/js?id=G-2CT6DSEQTF\u0026cx=c\u0026gtm=4e63p1 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Mon, 30 Mar 2026 00:18:11 GMT\r\nexpires: Mon, 30 Mar 2026 00:18:11 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 154269\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":464718,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (6031)","md5":"fbcdc00d7bc715339ecfb7e871199d83","sha1":"be72eff8839fc4c2a288bd3bf80fcb5a01b76e09","sha256":"9b0afb32e79782c6ec25c784ed165a07197aa02a14189de74e031a06da5c183a","sha512":"c59ec6e08d5f91e1cf343a405f4f13816a4c348127bc0fd7d46e58fee8a5c8333815a15410221dfbbfd7c953b5674cda5f274f6cd3616e679bc5cedfa018da2b","ssdeep":"6144:dCORjaFCE9VJlQGXHIzs8WVP1W+rwkQdqQtYTc0HdZgQ0:CCEfJlbIY8CmOp0","tlshash":"cea40aceb3d674625296e478903f01cba57b29e2b44cc8a5f189cce02e7465a4277f7c","first_seen":"2026-03-30T00:17:55.465615Z","last_seen":"2026-03-30T00:19:06.732068Z","times_seen":2,"resource_available":true,"data":null}},"time_used":58,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":23,"receive":35,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.recaptcha.net/recaptcha/api2/anchor?ar=1\u0026k=6LcKXcgUAAAAABnErUWDwYMpRiWUfgDhsWTkyPIJ\u0026co=aHR0cHM6Ly9nYWxsYWJldDEwNjYuY29tOjQ0Mw..\u0026hl=en\u0026v=79clEdOi5xQbrrpL2L8kGmK3\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=30000\u0026cb=d0lzo1o10o6f","date":"2026-03-30T00:18:14.996Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 09 Mar 2026 08:37:46 GMT","end":"Mon, 01 Jun 2026 08:37:45 GMT"},"fingerprint":{"sha1":"CE:A8:F5:0E:2D:25:9E:74:0C:47:4D:6C:AD:DF:7B:FC:CE:E6:41:7D","sha256":"E1:06:81:F7:22:E3:29:2F:2A:B9:4C:3F:37:46:25:24:5B:C8:B5:7F:9C:3E:54:A2:D2:DD:E0:54:C0:09:12:C1"}}},"request":{"raw":"GET /s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://www.recaptcha.net\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.recaptcha.net/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 40128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 26 Mar 2026 02:16:49 GMT\r\nexpires: Fri, 26 Mar 2027 02:16:49 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Thu, 29 May 2025 23:30:55 GMT\r\ncontent-type: font/woff2\r\nage: 338486\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 40128, version 1.0","md5":"9a01b69183a9604ab3a439e388b30501","sha1":"8ed1d59003d0dbe6360481017b44665153665fbe","sha256":"20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2","sha512":"0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca","ssdeep":"768:Vce3jkow68wmT4IBX0tXdlSirS61gSjcz0GPwHbP+w2jec56O:VcI/iEEEtXdFJj+0GPwHbP+w5rO","tlshash":"3703023a5e3ccf1a84157a703950f6d9a8481e548e9d143b4f1ac7bf085dde2209b6d4","first_seen":"2025-01-08T22:59:02.845106Z","last_seen":"2026-06-08T19:35:37.488322Z","times_seen":873852,"resource_available":false,"data":null}},"time_used":226,"timings":{"blocked":81,"dns":1,"connect":28,"send":0,"wait":28,"receive":35,"ssl":50},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/payments.json?v=03/24/2026-16:50","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:06.343Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /payments.json?v=03/24/2026-16:50 HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nCookie: TawkConnectionTime=1774829886282; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:06 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\netag: W/\"1b31b-Dtop2IJmnIaTM/rhtnPQLMCGYxQ\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":111387,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"af2ef31db3af12c57bb7854de9b7a640","sha1":"0eda29d882669c869333fae1b673d02cc0866314","sha256":"85320cadb035451197c8161814447e05a90a77adf5681de40bbd9f9abac07afb","sha512":"27cb2e0648a72a100df77cbec0903acf341cef4933ad106ecd860545946af8ed7817948b0c3d1adb52dd0d6cd39de8ba88c9a0d1141174ae4594cca8ab60452f","ssdeep":"384:qSgZJGtBM2vn7JNdjLV/6+34n7JkYPhiEmnXJJby5FF99ztQX3GtJirkcf7t2uQL:ZjB62YME6bTrFrxfPye/ZEb","tlshash":"e2b3e1a4d8690ce7198572e468bf9207766046478e2dbd4eb75cc82c4fdec0fadb426c","first_seen":"2026-03-28T16:05:39.673115Z","last_seen":"2026-03-30T00:19:06.739346Z","times_seen":7,"resource_available":false,"data":null}},"time_used":25,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":25,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/__proxy-cms-api/api/public/v1/tur/partners/751/seo/page?platform=0\u0026country=TR","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:07.432Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /__proxy-cms-api/api/public/v1/tur/partners/751/seo/page?platform=0\u0026country=TR HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/tr/\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:07 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 2659\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS\r\naccess-control-allow-headers: X-Requested-With,Content-Type,Origin,Accept,Accept-Encoding,Accept-Response\r\ncf-ray: 9e42ef6c6dfefeb7-AMS\r\ncontent-encoding: br\r\ncache-control: max-age=600\r\nvary: Accept-Encoding\r\ncf-cache-status: DYNAMIC\r\nset-cookie: __cf_bm=WcJFREZyX6OB.gaJXtgviemrGnEJblDAfh3n5G518P8-1774829887-1.0.1.1-j3LuuTa8dFPcEuRxbYXLB1WdbFHiU8f4wGcR4z8Wk1PWTj9CPVdWVjP8xuGJ1ve7BF.bq_51MXinGjK6lCTEJdkPUOjaU.cipte5jnqp19c; path=/; expires=Mon, 30-Mar-26 00:48:07 GMT; domain=.betcoapps.com; HttpOnly; Secure; SameSite=None\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":7671,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"0c3cb355e0745f8d403e214af1595e2e","sha1":"ed786d0ae61ad6adce28150c04a932c4e9bcd6da","sha256":"2b7c48aafa192476fcb639519893f40c28c1de98bd5e66b84769edc55b047be2","sha512":"1c1840626aba24469d43e66cef0893e9627c25afee6ab6a955e6cebf21946e2cf3514c9587cae3c5815a3b7b5ceabdb18cde0fc4b6d5cc52e798e14c7c456b62","ssdeep":"96:E2K/6TXWpoS1kKXplSunUVtRQl8bqOHEyj7fuSE3Ytvkeu5Jbrt:E1yTXENDplfnUtQyDjJE3ovy7bJ","tlshash":"76f10f0e37962d9f038a5fca29564d3c4fd55386fe41a91c8d63ce1e2bcd278d22ae01","first_seen":"2025-12-24T22:39:16.082152Z","last_seen":"2026-06-03T04:20:31.887932Z","times_seen":73,"resource_available":false,"data":null}},"time_used":57,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":57,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/FavoriteGamesButton-BN7ZNTW1.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:07.486Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/FavoriteGamesButton-BN7ZNTW1.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gallabet1066.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:07 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"1ab-acWugRX3UDa8tJLzLZ/O6L/jglM\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":427,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (426)","md5":"ee070841bdc59fe58ba681e48c775f40","sha1":"69c5ae8115f75036bcb492f32d9fcee8bfe38253","sha256":"0db2eb58ebe873397c13f9600cc61bc72eaeac3c761f67e7627247817e8d5c17","sha512":"8f34ba99cbdb74c3b9bf99376385de93bfffa3b15b158b2a34be897822f5409b3399ac89c815dff374813c95d0cd93733f521b8ff42f486b32b149edeae3f7b1","ssdeep":"","tlshash":"2be0a34b9089d2fa2b425a901107c4253536a87cd759d050409915703e75456c54eb7f","first_seen":"2026-03-28T16:05:39.51566Z","last_seen":"2026-03-30T02:15:03.120672Z","times_seen":8,"resource_available":true,"data":null}},"time_used":30,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":30,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/BetslipButton-DUPz8Rmj.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:07.825Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/BetslipButton-DUPz8Rmj.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/assets/index-B4qfN096.js\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:07 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"1a2-pjkIGSVbnV0rz2Al6yfScq8GCWo\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":418,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (417)","md5":"74ac41b2ebf06d37fa7688c50df0f636","sha1":"a6390819255b9d5d2bcf6025eb27d272af06096a","sha256":"ac21f1562a9f1b0a02d4f568f85733632a79cfef2c632693c751ef8c626ff6ae","sha512":"f26f9c951b0fc57f71a4901ec8790519887f7ad72d250fdefe09428800e4345e1223c46b25e792314179a3ddbdfd576aaa942e541f66c60e2217e2a651d30cba","ssdeep":"","tlshash":"eee02bc74948c2fa0746598211068112352659bca241a59180b96da27f78959c49eb7f","first_seen":"2026-03-28T16:05:39.551249Z","last_seen":"2026-03-30T02:15:03.171627Z","times_seen":8,"resource_available":true,"data":null}},"time_used":43,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":43,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/jackpot-jNbP6Duk.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.087Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/jackpot-jNbP6Duk.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gallabet1066.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"178-HTAHDn0O0IONuuIsgcQUMPs9DUU\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":376,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (375)","md5":"c4e89512f1192d8bdeb452c2cce992bc","sha1":"1d30070e7d0ed0838dbae22c81c41430fb3d0d45","sha256":"4a7f2a8747580d38cb522b361b5cc73a8ebcdb6690f3f8d92d7dded5be8a36fd","sha512":"b548c62816c00d3df156b43a8e608d5d7de55931f121ecfda4e7296e5cd65208ffaf60871ba3b035cd43b5e2aae82b0965329a8c9b5a0821de5a23fbdbc12626","ssdeep":"","tlshash":"00e068eed8c08dfb967007552bb018840e2416ca101ec9e4be2672611800b8828f8239","first_seen":"2026-02-24T14:23:51.255604Z","last_seen":"2026-06-07T06:35:51.65736Z","times_seen":99,"resource_available":true,"data":null}},"time_used":43,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":43,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets.json?v=1774830000000","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:05.588Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets.json?v=1774830000000 HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:06 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: MISS\r\naccess-control-allow-origin: *\r\netag: W/\"6c-rLoNYJIMYaJJnEJdD6jW/NBrU+E\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":108,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"4ee89984d6fb4aad941e7cf6cc639d8b","sha1":"acba0d60920c61a2499c425d0fa8d6fcd06b53e1","sha256":"adc12bf71cfc37b9889de5d878c36ef74224dd986fcbec05656adb2d12016e22","sha512":"998b96b1f3fd723a177521a6a54616931aa2e0fce8dc23940f0fa573b14a711d210dc1dccc67e69db74abd89413badacfb21edfc081f3fbcb642c1a20ca98b9e","ssdeep":"","tlshash":"95b092885a6dc80033c0e08822856b04f304f1ce8ea7025e201701a88af0b268ae080e","first_seen":"2026-03-21T17:26:39.627607Z","last_seen":"2026-06-03T04:20:31.818456Z","times_seen":53,"resource_available":false,"data":null}},"time_used":763,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":763,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"wss","addr":"gallabet1066.com/__swarm/eu-swarm-newm","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:06.719Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /__swarm/eu-swarm-newm HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://gallabet1066.com\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: MuAvVTJegU0RNaNlvnuN3g==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nCookie: TawkConnectionTime=1774829886481; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 101 Switching Protocols\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Mon, 30 Mar 2026 00:18:07 GMT\r\nConnection: upgrade\r\nUpgrade: websocket\r\nSec-WebSocket-Accept: 4sXnWKPz2rSd53biqsOz8IZGv6Y=\r\n\r\n","headers":null,"cookies":null,"status_code":"101","status_text":"Switching Protocols","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T19:34:27.179619Z","times_seen":16247994,"resource_available":true,"data":null}},"time_used":598,"timings":{"blocked":0,"dns":1,"connect":22,"send":0,"wait":535,"receive":0,"ssl":39},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"my.rtmark.net/p.js?f=sync\u0026lr=1\u0026partner=139a886e39fc38c92e86d82c241e5af2bdde29b6844bc7ddeb0c099f62648e4a","fqdn":"my.rtmark.net","domain":"rtmark.net","tld":"net"},"ip":{"addr":"104.18.41.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:11.231Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"my.rtmark.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 21 Feb 2026 19:28:29 GMT","end":"Fri, 22 May 2026 20:28:25 GMT"},"fingerprint":{"sha1":"36:C6:D1:CA:01:47:A4:1B:73:8E:62:DB:CB:24:79:4D:06:01:3B:B5","sha256":"11:41:34:A5:A1:10:2F:10:C6:7F:8A:F2:77:75:66:AA:39:99:F9:E7:00:8D:1E:EE:4E:30:42:B7:A3:82:28:31"}}},"request":{"raw":"GET /p.js?f=sync\u0026lr=1\u0026partner=139a886e39fc38c92e86d82c241e5af2bdde29b6844bc7ddeb0c099f62648e4a HTTP/1.1\r\nHost: my.rtmark.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 30 Mar 2026 00:18:11 GMT\r\ncontent-type: text/javascript\r\nserver: cloudflare\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token\r\naccess-control-expose-headers: Authorization\r\naccess-control-allow-credentials: true\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ntiming-allow-origin: *\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: gzip\r\ncf-ray: 9e42ef847d44b1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":697,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text","md5":"cebc7667967e601f02df39ba19712d86","sha1":"c7d3677008d76115cc41ba1b734aad112c743dbf","sha256":"089867e58a1de5998b0d74b779119d8a30fe54616ea3ce76063a5530163febea","sha512":"80a26888852e4a15ef49580494958b710628b404f4026c5b218daa918280b24a8f2fcc698ac49ee66c6e9b91954c54f5f296abfd4645d71cc32c83d4ba199378","ssdeep":"","tlshash":"2b01c07d5b86312454f634906b2bbb4a743b12be5c535808848d0414a3a8bafa21add8","first_seen":"2025-12-24T22:39:16.348988Z","last_seen":"2026-05-22T17:22:58.055376Z","times_seen":51,"resource_available":true,"data":null}},"time_used":118,"timings":{"blocked":41,"dns":21,"connect":4,"send":0,"wait":32,"receive":0,"ssl":16},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gstatic.com/recaptcha/releases/79clEdOi5xQbrrpL2L8kGmK3/recaptcha__en.js","fqdn":"www.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.67","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:13.868Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 09 Mar 2026 08:37:46 GMT","end":"Mon, 01 Jun 2026 08:37:45 GMT"},"fingerprint":{"sha1":"CE:A8:F5:0E:2D:25:9E:74:0C:47:4D:6C:AD:DF:7B:FC:CE:E6:41:7D","sha256":"E1:06:81:F7:22:E3:29:2F:2A:B9:4C:3F:37:46:25:24:5B:C8:B5:7F:9C:3E:54:A2:D2:DD:E0:54:C0:09:12:C1"}}},"request":{"raw":"GET /recaptcha/releases/79clEdOi5xQbrrpL2L8kGmK3/recaptcha__en.js HTTP/1.1\r\nHost: www.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://gallabet1066.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha-scs\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"recaptcha-scs\"\r\nreport-to: {\"group\":\"recaptcha-scs\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/recaptcha-scs\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 370674\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 25 Mar 2026 00:32:39 GMT\r\nexpires: Thu, 25 Mar 2027 00:32:39 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Mon, 23 Mar 2026 04:01:54 GMT\r\ncontent-type: text/javascript\r\nvary: Accept-Encoding\r\nage: 431135\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":870412,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (703)","md5":"b55b90c630ad899c694dc42582979708","sha1":"f08949879387eb8dd6553c8b0c548c701b5f0db9","sha256":"eb297967f5005eb95dfb369ff9f780a436a67144be372260b6f86f6fe37b917f","sha512":"eb9945688c1c7a4847df769bd9072f9f3be532c697c1b11185b48345162ab6a22c7ac2b8a251c9835e81ad8a8b155d67f0885a1986908cd69b3f9370f5a030d3","ssdeep":"12288:Epo+RhFDORIh355fBjbFOsAi6dhTOLtl5dlV3EZm9eyVbI:UhFDsIZ55fBjbFwZItXB3EZAhbI","tlshash":"ea053bd879127be16372b4f510673009736da826d88c086df6a5d8f02eb194d70f6ebb","first_seen":"2026-03-26T03:15:38.916554Z","last_seen":"2026-06-05T22:00:02.856876Z","times_seen":11772,"resource_available":true,"data":null}},"time_used":417,"timings":{"blocked":130,"dns":0,"connect":28,"send":0,"wait":30,"receive":125,"ssl":99},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/__statistics-proxy/images/e/s/0/1040.png","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:14.186Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /__statistics-proxy/images/e/s/0/1040.png HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/tr/\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D; _ga_2CT6DSEQTF=GS2.1.s1774829891$o1$g1$t1774829891$j60$l0$h0; _ga=GA1.1.1980892810.1774829891; ajs_anonymous_id=8a3528ef-ecae-4d6a-918e-6b61b4f3e7d5\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T19:34:27.179619Z","times_seen":16247994,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1063.com/svg/player-info.json","fqdn":"icons.galabet1063.com","domain":"galabet1063.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:14.331Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1063.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:15:23 GMT","end":"Sun, 24 May 2026 11:15:19 GMT"},"fingerprint":{"sha1":"C4:6E:C1:0C:2A:88:F4:C7:0A:FC:21:E6:85:92:C0:68:80:2C:FB:17","sha256":"91:A1:28:71:34:B4:38:04:7E:56:1B:F2:5E:81:57:F5:65:0C:43:12:65:B7:83:86:E2:32:BC:61:62:00:6E:8C"}}},"request":{"raw":"GET /svg/player-info.json HTTP/1.1\r\nHost: icons.galabet1063.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://gallabet1066.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 30 Mar 2026 00:18:14 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nlast-modified: Mon, 30 Jun 2025 11:11:30 GMT\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\ncf-cache-status: DYNAMIC\r\nset-cookie: __cf_bm=cY08mv4oe_apiQAM3WagznKwO9NXP6yfpNdEqN7fuF0-1774829894.308181-1.0.1.1-vg6ZmOXrhrmlHZxz0B0yPXJ64mHO8GXJrCOr4Fsa12qxMjZkqNRrdI43mRR.L9jUZTOBPcJCaNqPnt_tPbOu.5VyFOVHT37V4d.T.CVfMOQXwGt.Dq0zW7SGa7j8Dvib; HttpOnly; Secure; Path=/; Domain=galabet1063.com; Expires=Mon, 30 Mar 2026 00:48:14 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ayX26yPrvTqn9UgnmJn0I9xgz8Wa%2FIh%2Bu4rCxPl0jKqQ7IGEssj1e69Ylhw4CWzSIwPNt5nvmmGG%2FvijJpOxZln0MqTHO7dYvjL85o%2BQ%2F6ycyvFdw9N44WqM1vI06usR%2BTtV3Cvu6Ks%3D\"}]}\r\netag: W/\"686270e2-fc\"\r\ncontent-encoding: br\r\ncf-ray: 9e42ef976d895687-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":252,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"00c69a837dbf2437f1615a82b60d316f","sha1":"1b4bd1e192f12ce5981e7d205064a206bb9483fa","sha256":"8e094d84efd592ef377cf45fffc17cf592725e3df6ed2063350c8cfb71815011","sha512":"a066e0d2c2d7be38f57fcdb8f0124105119891282197a1a28fa5f4fff1f9a75398096b323afd25502ca0e603132b3c38e21ff84b18871674f5d4a1dd1f80578f","ssdeep":"","tlshash":"0bd05e29a070382c1eae186c853885f2910509ba06b00b35f54dab8e8b4b2282154c5c","first_seen":"2025-12-04T10:26:29.969581Z","last_seen":"2026-06-08T11:36:24.28411Z","times_seen":199,"resource_available":false,"data":null}},"time_used":43,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":42,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.recaptcha.net/recaptcha/api2/anchor?ar=1\u0026k=6LcKXcgUAAAAABnErUWDwYMpRiWUfgDhsWTkyPIJ\u0026co=aHR0cHM6Ly9nYWxsYWJldDEwNjYuY29tOjQ0Mw..\u0026hl=en\u0026v=79clEdOi5xQbrrpL2L8kGmK3\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=30000\u0026cb=d0lzo1o10o6f","date":"2026-03-30T00:18:15.002Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 09 Mar 2026 08:37:46 GMT","end":"Mon, 01 Jun 2026 08:37:45 GMT"},"fingerprint":{"sha1":"CE:A8:F5:0E:2D:25:9E:74:0C:47:4D:6C:AD:DF:7B:FC:CE:E6:41:7D","sha256":"E1:06:81:F7:22:E3:29:2F:2A:B9:4C:3F:37:46:25:24:5B:C8:B5:7F:9C:3E:54:A2:D2:DD:E0:54:C0:09:12:C1"}}},"request":{"raw":"GET /s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://www.recaptcha.net\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.recaptcha.net/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 40128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 26 Mar 2026 02:16:49 GMT\r\nexpires: Fri, 26 Mar 2027 02:16:49 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Thu, 29 May 2025 23:30:55 GMT\r\ncontent-type: font/woff2\r\nage: 338486\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 40128, version 1.0","md5":"9a01b69183a9604ab3a439e388b30501","sha1":"8ed1d59003d0dbe6360481017b44665153665fbe","sha256":"20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2","sha512":"0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca","ssdeep":"768:Vce3jkow68wmT4IBX0tXdlSirS61gSjcz0GPwHbP+w2jec56O:VcI/iEEEtXdFJj+0GPwHbP+w5rO","tlshash":"3703023a5e3ccf1a84157a703950f6d9a8481e548e9d143b4f1ac7bf085dde2209b6d4","first_seen":"2025-01-08T22:59:02.845106Z","last_seen":"2026-06-08T19:35:37.488322Z","times_seen":873852,"resource_available":false,"data":null}},"time_used":239,"timings":{"blocked":79,"dns":1,"connect":27,"send":0,"wait":60,"receive":20,"ssl":49},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69967ba6a3b/languages/en.json","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"172.66.161.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:05.816Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 06 Mar 2026 09:33:33 GMT","end":"Thu, 04 Jun 2026 10:33:27 GMT"},"fingerprint":{"sha1":"F0:6C:DC:32:63:CD:34:E3:15:CD:7F:77:F5:A3:64:E0:9B:36:95:83","sha256":"B6:7F:6E:A3:69:3E:0D:3B:04:3E:8B:65:86:7E:1D:5F:82:84:18:16:8D:AD:72:D5:51:E3:46:BC:BD:CD:BC:38"}}},"request":{"raw":"GET /_s/v4/app/69967ba6a3b/languages/en.json HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gallabet1066.com/\r\nOrigin: https://gallabet1066.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 30 Mar 2026 00:18:05 GMT\r\ncontent-type: application/json\r\nlast-modified: Thu, 19 Feb 2026 02:56:35 GMT\r\netag: W/\"4662c7c182dfe30065936bfa05f8c773\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\nage: 81\r\nvary: accept-encoding\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nx-content-type-options: nosniff\r\ncf-ray: 9e42ef625bf6dfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11595,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"4662c7c182dfe30065936bfa05f8c773","sha1":"d1f155c335c31be5947ef8ebf82be1eee2782fc2","sha256":"2d2d85dfc80ec4f42d12bea574d59879d269b5c06557cf888367fbfa9036fe47","sha512":"abd2530371ef02602814b0bed360225c0530615c5db002d61511bca5e8cda0d8da2bd288631ee02da5fbf952b31bd4380284dcd56838277b52654f7d13dc6229","ssdeep":"192:wmr65/bLHzPrquLUVid+BCzfF+npqpe9svKGC6KEt1aZwf1E:fCbLHzxUVid+BEfF+np59L3Zwfi","tlshash":"ed323169ce504ea702d29646399f35437624829b1f54342eb78c91ac0f8ec6fa1f77ce","first_seen":"2025-06-18T04:11:24.033166Z","last_seen":"2026-05-27T07:42:34.836287Z","times_seen":49915,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/JackpotPoolsWidgetContainer-B5MGOsjJ.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.086Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/JackpotPoolsWidgetContainer-B5MGOsjJ.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gallabet1066.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"101a-bXqCGmLQFoBE+nRnG08dIJ6HHfI\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":4122,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (4121)","md5":"e89155f8d22a4bd0cc9caf5be0c603c7","sha1":"6d7a821a62d0168044fa74671b4f1d209e871df2","sha256":"5463e0f0b2083232839cb9323193c1e3181e0ee595ae503b95cbba6852e5c8bd","sha512":"26e46c18b5a47a38a120c5b328703db33f2cdf0fce63a08eb9b4a6c232378de220dbd376cd4361a136cb453f23db36c4aceabefb44d4d4cf69f75449f253c6f7","ssdeep":"96:yq51X/vpTBeLzTGNlTh6YaZmD/+oRtPeYFaORtTzk:95FCMN654moRdrPzk","tlshash":"13819517e01ab3fce89c14a3502f911e367e0bfcd65604e8d0ad04240bbd859f25abda","first_seen":"2026-03-28T16:05:39.608329Z","last_seen":"2026-03-30T02:15:03.198062Z","times_seen":8,"resource_available":true,"data":null}},"time_used":43,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":43,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/FeaturedGames-DfIwIlXg.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.092Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/FeaturedGames-DfIwIlXg.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gallabet1066.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"1ede-VHTsTuqs93R/aPV04ZCHfxfaUMI\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":7902,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (7901)","md5":"99db3268cd7badcfabce503c52da9e23","sha1":"5474ec4eeaacf7747f68f574e190877f17da50c2","sha256":"0c58e6cce6014652c4494c1df481a6231c4235c5c902173681fb94b23d6e91ff","sha512":"6e372a9360b0a38e63d407c556979ec31610924cf35cf7be380343c8c46f10c5e43746a33223a5a2eaf4264f0d521d0a2b72d437d58512fe7bdaea85fb3a1ced","ssdeep":"192:0JY/13fNH4EwDlNKyYE3406hcMO/zHwL4BflCayjae:qkVH4NNPYE34XhASaCV","tlshash":"6ff1fa0ae011ba7de53b49e7b57e6104f57a06d4e7150880d07e2e2919ea306733ff8b","first_seen":"2026-03-28T16:05:39.50794Z","last_seen":"2026-03-30T02:15:03.177503Z","times_seen":8,"resource_available":true,"data":null}},"time_used":41,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":41,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/__proxy-cms-api/api/public/v1/tur/partners/751/components/4273/contents?use_webp=1\u0026platform=0\u0026country=TR","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.103Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /__proxy-cms-api/api/public/v1/tur/partners/751/components/4273/contents?use_webp=1\u0026platform=0\u0026country=TR HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/tr/\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 585\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS\r\naccess-control-allow-headers: X-Requested-With,Content-Type,Origin,Accept,Accept-Encoding,Accept-Response\r\ncf-ray: 9e42ef709cb2feb7-AMS\r\ncontent-encoding: br\r\ncache-control: no-cache\r\npragma: no-cache\r\nvary: Accept-Encoding\r\ncf-cache-status: DYNAMIC\r\nset-cookie: __cf_bm=nqdiDFD9AkyUDEb8KlOczdxwHvz71279iT12pWqUCWw-1774829888-1.0.1.1-eeD6L_4pAH.6FjOvHnCSFq3jesh8HU4lglqaK1VMpZUupCL16ogvIZ5BLr532qmZn8W0K2z5V_ycw9T8fmM6l1yL6CnUr4X.6V_D_wZPPZY; path=/; expires=Mon, 30-Mar-26 00:48:08 GMT; domain=.betcoapps.com; HttpOnly; Secure; SameSite=None\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":1702,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"a677d84292afed10e693067e7563289c","sha1":"432315dde2dbaad3add3b77a5e68f3c6e7e8be8d","sha256":"32b0940f6cf126a050c3f648687a9d4238a616ba8bf432b6dd5c2b0b89e87950","sha512":"ccda283af9125698f8574ebfdf1beec21123935c617366392d1fcdccde79287aededd3248efb0acfc09998c5f379048de39cfc9f0a457b9ee32d910bdbc532c4","ssdeep":"","tlshash":"9d319b13b42d9cba6b547b00a4d3394a88ed5847dc0e9570dc898f8d92ee63dc6e32d7","first_seen":"2026-03-21T23:21:16.946823Z","last_seen":"2026-03-30T02:15:03.279338Z","times_seen":11,"resource_available":false,"data":null}},"time_used":73,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":73,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-MCEY36CK22","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.251.143.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.168Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 09 Mar 2026 08:36:15 GMT","end":"Mon, 01 Jun 2026 08:36:14 GMT"},"fingerprint":{"sha1":"58:CB:88:A1:C4:55:4E:E5:46:DC:A0:9C:B3:54:25:79:20:1E:E8:09","sha256":"0B:B5:96:A2:57:57:EC:BA:63:14:8A:AF:4C:C2:32:63:18:8B:75:80:8F:78:1D:1F:5B:00:B7:B3:7E:C9:B7:18"}}},"request":{"raw":"GET /gtag/js?id=G-MCEY36CK22 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\nexpires: Mon, 30 Mar 2026 00:18:08 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 154447\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":464796,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (6031)","md5":"261c16d9255c574bf4f8c8423c51e46c","sha1":"06883eff9a7ea2ed2d973ef8d0fd090c17322a7e","sha256":"e76fa2fb5bbb6c6b12b1e770e9b4f2d3b501bf8c1307c7ac1011165edf3d4e69","sha512":"eb080754c828730dff443361b84a4ce5c6ab3f87ae38ebb24a7a6cd592949c90dcdc4e6d09ad8ec80da5f4cd5a3dd616fcfb79f9f60347d293c55d5d3fa6adad","ssdeep":"6144:vAaORjaFCE9VJlQGXHIzs8WVP1W+rwkQdqQtYTc0HdZgQ0:vDCEfJlbIY8CmOp0","tlshash":"03a409ceb3d674615296e478903f01cba57b29e2b44cc8a6f189cce02e7465a4277f7c","first_seen":"2026-03-30T00:17:55.411615Z","last_seen":"2026-03-30T00:19:06.748739Z","times_seen":2,"resource_available":true,"data":null}},"time_used":396,"timings":{"blocked":121,"dns":1,"connect":21,"send":0,"wait":46,"receive":60,"ssl":145},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"explorer-api.walletconnect.com/w3m/v1/getWalletImage/e30d09fe-c0dd-4b61-81e2-d6dc09eb9700?projectId=45f4062f4f6427f9e6eab952d2452b3c\u0026sdkType=w3m\u0026sdkVersion=js-2.7.1","fqdn":"explorer-api.walletconnect.com","domain":"walletconnect.com","tld":"com"},"ip":{"addr":"104.20.35.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.761Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"walletconnect.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 05 Feb 2026 12:00:46 GMT","end":"Wed, 06 May 2026 13:00:31 GMT"},"fingerprint":{"sha1":"0B:75:F6:C4:1F:5C:D6:FA:A0:CD:3E:89:69:B2:43:70:98:34:EB:71","sha256":"A7:6F:DB:DB:DF:40:40:BC:E0:FA:21:6A:0A:3B:17:05:37:B7:17:6E:6E:BC:B2:89:3D:F4:E2:7C:EB:48:E6:5E"}}},"request":{"raw":"GET /w3m/v1/getWalletImage/e30d09fe-c0dd-4b61-81e2-d6dc09eb9700?projectId=45f4062f4f6427f9e6eab952d2452b3c\u0026sdkType=w3m\u0026sdkVersion=js-2.7.1 HTTP/1.1\r\nHost: explorer-api.walletconnect.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://gallabet1066.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: image/webp\r\ncontent-length: 2472\r\ncf-ray: 9e42ef74bb845ebd-OSL\r\ncf-cache-status: HIT\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 81\r\ncache-control: public, max-age=31536000, s-maxage=86400\r\netag: \"cfSFghIByqO-qpSeiAGASfCVErfmDcyauXnchu_YTSDQ\"\r\nserver: cloudflare\r\nvary: Accept\r\nx-wc-r2-status: HIT\r\ncf-images: internal=ok/- q=0 n=17+5 c=0+4 v=2025.5.1 l=2472 f=false c2=0\r\ncontent-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'\r\nx-content-type-options: nosniff\r\nx-robots-tag: noindex\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2472,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 120x120, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"c9bbc32ce28fd80253987f2e1f0be287","sha1":"ac50a6c9aaaa9a3fd32f610e9858fecee25be6dc","sha256":"9b9632ed8ef4f6d25483053b956d22184ee488efd3f8c22e0ef2626b974475cd","sha512":"5863d7231d17d3edf58896ef5332bb631d9a5c27d06fb934be7653a6847b8918e92ccb66090e97c8b96f5bd51b3c9ae112d2c4eb9407cfe8f617da98ea3d3dd0","ssdeep":"","tlshash":"f8513b2e28bac5e8bedcb4ce2f90883a3283b7511ad4c45552d80854e35fb41a1db0d8","first_seen":"2025-03-01T08:57:15.902828Z","last_seen":"2026-06-08T19:46:24.946279Z","times_seen":2667,"resource_available":false,"data":null}},"time_used":29,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1063.com/storage/medias/galabet10/content_751_4c091674cc1b8a757edda70f9a97662f.webp","fqdn":"icons.galabet1063.com","domain":"galabet1063.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.978Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1063.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:15:23 GMT","end":"Sun, 24 May 2026 11:15:19 GMT"},"fingerprint":{"sha1":"C4:6E:C1:0C:2A:88:F4:C7:0A:FC:21:E6:85:92:C0:68:80:2C:FB:17","sha256":"91:A1:28:71:34:B4:38:04:7E:56:1B:F2:5E:81:57:F5:65:0C:43:12:65:B7:83:86:E2:32:BC:61:62:00:6E:8C"}}},"request":{"raw":"GET /storage/medias/galabet10/content_751_4c091674cc1b8a757edda70f9a97662f.webp HTTP/1.1\r\nHost: icons.galabet1063.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 30 Mar 2026 00:18:09 GMT\r\ncontent-type: image/webp\r\ncontent-length: 19028\r\nserver: cloudflare\r\nlast-modified: Tue, 01 Oct 2024 12:45:14 GMT\r\npriority: u=4,i=?0\r\netag: \"66fbeeda-4a54\"\r\nexpires: Mon, 06 Apr 2026 00:16:47 GMT\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\naccept-ranges: bytes\r\nage: 81\r\ncf-cache-status: HIT\r\nset-cookie: __cf_bm=G41FxGnV6xdlh2QFfwjuajvIBequTCpMwsTbTDVdRhU-1774829889.0869515-1.0.1.1-vMrFpX.CtmP8GyN41EsCnhB8qPANhtTIqv1rwwTOH5hLS0p1gq_8PfM4oXWmPujVX03DDV1Ch1iXL_NmSy0oxM_LTmI9izIHNuqm2ZdYL6ekI9t9TGV0LYJxCSDsL9ao; HttpOnly; Secure; Path=/; Domain=galabet1063.com; Expires=Mon, 30 Mar 2026 00:48:09 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=JaYKlJXGaKahD4VnvfPM5gwl5ktqGIWLFo3z%2FYarW28Jzpjbm7V7AlX8A%2Bp7oBk0l2GYdqNXgWvU%2FqL8%2B2oOlA3drD1%2BDmSvzaUcamzPQkG5LwFqEd4F5EBkSB9sI2YDa%2FS8oUb3xg8%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e42ef76ca425687-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":19028,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"470ce435d160ed8e1bb2c716c12f2bd4","sha1":"42647d800b75281936e1427193e663f6c6aea371","sha256":"adf12d4f2eef34d98c80198b305fc79522cef8ffe98b36263a852afe7c7d3a54","sha512":"03487ca714d93651cc162135dfc4558db1a3ed137e1386aebdf37fba4957861664f6461c2ee462ad22e21484e3e8d4c87286b1935b412972047668e6a063c396","ssdeep":"384:TTMuAQQFE/lQynoYVSZv8D9gHyuiL7vF11TN2pWeLTmSdF//xIjYhop1uCCKEhN4:8u5K2o0WHNiL7vF172pWATpdNxS5pxEc","tlshash":"d582d13a8138838b86d7388ad4dd1964ba674a4c6d2a3815d37c6f8fd8f114d137587d","first_seen":"2025-12-24T22:39:16.382831Z","last_seen":"2026-06-06T23:43:56.120301Z","times_seen":55,"resource_available":false,"data":null}},"time_used":132,"timings":{"blocked":106,"dns":0,"connect":0,"send":0,"wait":25,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"wss","addr":"vsb51.tawk.to/s/?k=69c9c13e40112be81bba80aa\u0026cver=0\u0026pop=false\u0026asver=0\u0026tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI2OWM4ZjdmNjA1YzdlZDFjMzc2NDIzNDkiLCJ2aWQiOiI2OWM4ZjdmNjA1YzdlZDFjMzc2NDIzNDktcFIzb09KTEsyM0ZVSmVJZHQxZWVLIiwic2lkIjoiNjljOWMxM2U0MDExMmJlODFiYmE4MGFhIiwiaWF0IjoxNzc0ODI5ODg2LCJleHAiOjE3NzQ4MzE2ODYsImp0aSI6IlEwaVVaNF9wTzJweW5EUi0yS01FaiJ9.XQR-t4mnbn6ytoleg5tsVGX0QF-Y-VGVR2RpQ45qjz8fiKE0JHFVpTpM1xTKkAU0bOkMDi1LdS3dbVYTHrDZeA\u0026EIO=3\u0026transport=websocket\u0026__t=Pqy6jsr","fqdn":"vsb51.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"172.66.161.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:06.970Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 06 Mar 2026 09:33:33 GMT","end":"Thu, 04 Jun 2026 10:33:27 GMT"},"fingerprint":{"sha1":"F0:6C:DC:32:63:CD:34:E3:15:CD:7F:77:F5:A3:64:E0:9B:36:95:83","sha256":"B6:7F:6E:A3:69:3E:0D:3B:04:3E:8B:65:86:7E:1D:5F:82:84:18:16:8D:AD:72:D5:51:E3:46:BC:BD:CD:BC:38"}}},"request":{"raw":"GET /s/?k=69c9c13e40112be81bba80aa\u0026cver=0\u0026pop=false\u0026asver=0\u0026tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI2OWM4ZjdmNjA1YzdlZDFjMzc2NDIzNDkiLCJ2aWQiOiI2OWM4ZjdmNjA1YzdlZDFjMzc2NDIzNDktcFIzb09KTEsyM0ZVSmVJZHQxZWVLIiwic2lkIjoiNjljOWMxM2U0MDExMmJlODFiYmE4MGFhIiwiaWF0IjoxNzc0ODI5ODg2LCJleHAiOjE3NzQ4MzE2ODYsImp0aSI6IlEwaVVaNF9wTzJweW5EUi0yS01FaiJ9.XQR-t4mnbn6ytoleg5tsVGX0QF-Y-VGVR2RpQ45qjz8fiKE0JHFVpTpM1xTKkAU0bOkMDi1LdS3dbVYTHrDZeA\u0026EIO=3\u0026transport=websocket\u0026__t=Pqy6jsr HTTP/1.1\r\nHost: vsb51.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://gallabet1066.com\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: 0+Tv07zOcGkYk0crRly/KA==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 101 Switching Protocols\r\nDate: Mon, 30 Mar 2026 00:18:07 GMT\r\nConnection: upgrade\r\nUpgrade: websocket\r\nSec-WebSocket-Accept: aukZIeBoHp+lamRRVrHQNQKbjmU=\r\nSec-WebSocket-Extensions: permessage-deflate\r\nStrict-Transport-Security: max-age=0; includeSubDomains; preload\r\ncf-cache-status: DYNAMIC\r\nX-Content-Type-Options: nosniff\r\nServer: cloudflare\r\nCF-RAY: 9e42ef69cf4135a6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"101","status_text":"Switching Protocols","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T19:34:27.179619Z","times_seen":16247994,"resource_available":true,"data":null}},"time_used":652,"timings":{"blocked":-1,"dns":23,"connect":22,"send":0,"wait":590,"receive":0,"ssl":38},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/useNotificationsProvider-MUlWkG-w.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.512Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/useNotificationsProvider-MUlWkG-w.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/assets/FeaturedGames-DfIwIlXg.js\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"5c-GQdVWN0YNlpRf3dTYZi7yuvr/1E\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":92,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text","md5":"eb992915ad7eb98f91d9d97accb0d0e2","sha1":"19075558dd18365a517f77536198bbcaebebff51","sha256":"c3e7a828f7f806e9743f7f728b72d6404c06e0106d2ef38b118102ee26fa13f7","sha512":"62e575156c52d9151978f1a3d3faffde78050f3feb1e3f175787572c823751a49cd95094bcf81e5b86d4782edce9fd847059a2f0d74456630c1984b4d8022649","ssdeep":"","tlshash":"04b01213044013f0210108dc11194c290e340c3c33428aa06030029815e4089c30ea12","first_seen":"2026-03-28T16:05:39.387326Z","last_seen":"2026-03-30T02:15:03.178022Z","times_seen":8,"resource_available":true,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/__proxy-cms-media/storage/medias/galabet10/media_751_81a0a78176aca202a6413bca3746cd67.png","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.067Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /__proxy-cms-media/storage/medias/galabet10/media_751_81a0a78176aca202a6413bca3746cd67.png HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/tr/\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: image/png\r\ncontent-length: 13516\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: Content-Type\r\ncache-control: public, max-age=315360000\r\ncf-ray: 9e42ef7098a00a63-AMS\r\nlast-modified: Wed, 08 May 2024 11:53:54 GMT\r\netag: \"663b67d2-34cc\"\r\nexpires: Thu, 27 Mar 2036 00:18:08 GMT\r\naccept-ranges: bytes\r\nage: 48224\r\ncf-cache-status: HIT\r\nset-cookie: __cf_bm=zmOa4e5t.jAHRYlAUI1EfkyFZlWsuc.PGtMaZ6SaPi0-1774829888-1.0.1.1-e8IXH7T60AU7scBDFkgg.3RVPY1hvYF90YbUtQ5iyKRzqbU56Co0MTwbxJ3ho4SLb8FpmkMyKyNey_TNyCkZdWaKTMDoieUpMnPgGquc5wc; path=/; expires=Mon, 30-Mar-26 00:48:08 GMT; domain=.betcoapps.com; HttpOnly; Secure; SameSite=None\r\nvary: Accept-Encoding\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":13516,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 340 x 340, 8-bit/color RGBA, non-interlaced","md5":"9fdfdff5cb870c3f0abb6cc44f262bb5","sha1":"c48fb4dadfa4e6b4de69ec0e7e02445057c7e0ca","sha256":"308a8c0f3d3f9792d26ea2d84bd633ff1f490ec83375b1613d29c0995f8b740f","sha512":"39264153a485e22fbc442e86234ce24863f5bcbfcd47cad34f5afc8715946825fc705491b2ef888295f017d98f393c44fb28428dd05b829327c7ed38db3d4b19","ssdeep":"384:CvHjxbUGUk1+EVWqPDks5r6BU+xND3AU8h:CvFHoEVvaDsh","tlshash":"6852d0f0ae72adf08ab16c81539d8d1e8473de7ea5913f0361f64077e64e40d390a4b8","first_seen":"2025-12-24T22:39:16.288188Z","last_seen":"2026-06-06T23:43:56.100804Z","times_seen":54,"resource_available":false,"data":null}},"time_used":103,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":102,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/index-DYyHkwV5.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.225Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/index-DYyHkwV5.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/assets/DataspotTracking-C_baP2Ds.js\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"173c-JOBlhdErmKxo6KYymKKE2/wMCpw\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5948,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (3085)","md5":"3e83cea06fda45c90db6e4e35eb20af9","sha1":"24e06585d12b98ac68e8a63298a284dbfc0c0a9c","sha256":"400c23c5ceee90af147ddfd42b46d0ffee514aa71fc98c4812de54dd376d5863","sha512":"069c52fc64e764eb382c5897264df04a30d57f2af3f3477f2fd73b9d87d01508bd541b2471f18288a967fc14f764396ab196ce72b5597695f6c12744e4a8b5f9","ssdeep":"96:91SCtCFV0h7FhpokS73sjlsv2InwLRiTvHUgAaQKFJ0FdWpA6u6PEDdxrOq+IHWE:E0ljijHvN0FdIuSEDdxP+Vj8Eu","tlshash":"c9c1a65631907534c6d204a6914f42aeee3e7638f00f50a0b23f9c6d3ba1515caa3ebe","first_seen":"2026-03-28T16:05:39.536639Z","last_seen":"2026-03-30T02:15:03.173183Z","times_seen":8,"resource_available":true,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/fonts/default/Roboto.woff2?v=366","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:10.010Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /fonts/default/Roboto.woff2?v=366 HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/assets/index.B9_sFxRT.css\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:10 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 64248\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"faf8-1a8G5XndX0APgDtOJLwQIHQLC4o\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":64248,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 64248, version 2.0","md5":"b65b078c2f62cb030e8faa332896afec","sha1":"d5af06e579dd5f400f803b4e24bc1020740b0b8a","sha256":"594544184c059f885e1499c36a4147c3d3b41ce4f50252ac245a3a5faea6c72f","sha512":"34c06275b329ac62dddd6eb3981ef47d022d4e841c6a2659b9c648e77caf58277c91d1aa1b1bc432cbaccf9e3a7c89e67a3f41c940637942e692c90db9d910e1","ssdeep":"1536:T4FysiYyiqM4dWrgU2Tx5hpx1/VjrHS+92eTa:T4FyPY+rEATHH/xye2","tlshash":"df5301e2be45d926afc2dbeca3bd561c210eddbd2480d11717d5eaa002c1dbaf07c252","first_seen":"2023-04-17T11:05:44Z","last_seen":"2026-06-06T23:43:56.100029Z","times_seen":2788,"resource_available":false,"data":null}},"time_used":77,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":31,"receive":46,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/__statistics-proxy/images/e/s/1/2018.png","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:14.169Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /__statistics-proxy/images/e/s/1/2018.png HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/tr/\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D; _ga_2CT6DSEQTF=GS2.1.s1774829891$o1$g1$t1774829891$j60$l0$h0; _ga=GA1.1.1980892810.1774829891; ajs_anonymous_id=8a3528ef-ecae-4d6a-918e-6b61b4f3e7d5\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T19:34:27.179619Z","times_seen":16247994,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/__proxy-cms-api/api/public/v1/tur/partners/751/popups?type=per_page\u0026platform=0\u0026country=TR","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:07.434Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /__proxy-cms-api/api/public/v1/tur/partners/751/popups?type=per_page\u0026platform=0\u0026country=TR HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/tr/\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:07 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 447\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS\r\naccess-control-allow-headers: X-Requested-With,Content-Type,Origin,Accept,Accept-Encoding,Accept-Response\r\ncf-ray: 9e42ef6c6e01feb7-AMS\r\ncontent-encoding: br\r\ncache-control: max-age=600\r\nvary: Accept-Encoding\r\ncf-cache-status: DYNAMIC\r\nset-cookie: __cf_bm=HC1xfDR0FdsUfy2HiQPzDtnEEwGySSLwz9YFrIdvnOg-1774829887-1.0.1.1-GKtmorEocPeNdwGS9o19wXksQahOBrbtE0uRWWcDVnqkA0D6Sjyujuw3yah5Y_QtLqSL_EIJKiXssGgb..1Arabc80KDRnci3ZTxkhHqUIE; path=/; expires=Mon, 30-Mar-26 00:48:07 GMT; domain=.betcoapps.com; HttpOnly; Secure; SameSite=None\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":566,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"76cf188f24fd92f8cd823dd321e3e499","sha1":"1d20c5e1b0b25a6240209766e7e8ed0bd49767a5","sha256":"94c248cac51f072e3e59e5428a3e30ea38ebb9fbe4a83057b2b7e8d1c24ef080","sha512":"a7c6c338a282e1addf504acd59d4310abbae28d670c92660342ac85e6d4500b066e4af9bfa3c3d9b4cb7f8bae4aa424d1a1930d84c73ac5d576a8b066b4d169c","ssdeep":"","tlshash":"aef0eb2bb618c8319b0525a1a0826d8f58ba7d2aad0c99009e4fcb8c8270625e9d355b","first_seen":"2026-03-30T00:17:55.456526Z","last_seen":"2026-03-30T02:15:03.281009Z","times_seen":3,"resource_available":false,"data":null}},"time_used":59,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":59,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/__proxy-cms-media/storage/medias/galabet10/media_751_e36e767f918c2e0b1323c581778f3e42.png","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.069Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /__proxy-cms-media/storage/medias/galabet10/media_751_e36e767f918c2e0b1323c581778f3e42.png HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/tr/\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: image/png\r\ncontent-length: 3162\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: Content-Type\r\ncache-control: public, max-age=315360000\r\ncf-ray: 9e42ef709e8abd9c-AMS\r\nlast-modified: Mon, 09 Oct 2023 06:12:46 GMT\r\netag: \"652399de-c5a\"\r\nexpires: Thu, 27 Mar 2036 00:18:08 GMT\r\naccept-ranges: bytes\r\nage: 48224\r\ncf-cache-status: HIT\r\nset-cookie: __cf_bm=NHlcH5s1sxs_ecnIBa7F_.x6LOSFR6kLea5aPJEfvrw-1774829888-1.0.1.1-8GDzbh4sE7nVh3ilYWhiZ.ddb9OvGjl7dVTqgMKqUxPR4eyGC_GQn7y.B.AGZ05hPZgAVrb.m8nWf5BAdzGNDk.OIl50_coFRRSMz5NB7hU; path=/; expires=Mon, 30-Mar-26 00:48:08 GMT; domain=.betcoapps.com; HttpOnly; Secure; SameSite=None\r\nvary: Accept-Encoding\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":3162,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced","md5":"6b367a99bc86c352b5f45eb76ef837d4","sha1":"18d9b34beb5b22f7b086c4f803e6f21a95c3d22e","sha256":"e54c8f4ed20a3052a3d336f6084e083fb5c040aa67d85c170f0380ed0a74b75c","sha512":"c616fdbcf246d21c51373417c69af47c207bc8e6f36d4f3b3c53b83cbfe41bde4562cb147087264c68d1133c7378f477be104e8ab5c3927f7ca732981416c8ab","ssdeep":"","tlshash":"e8510af5f108241fc7a4c9721d59e0d3bd6af44e942d998f70a0d71e343b0a9d1c6966","first_seen":"2025-12-24T22:39:16.355284Z","last_seen":"2026-06-06T23:43:56.119039Z","times_seen":54,"resource_available":false,"data":null}},"time_used":97,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":96,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/__statistics-proxy/images/e/s/9/19158.png","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:14.285Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /__statistics-proxy/images/e/s/9/19158.png HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/tr/\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D; _ga_2CT6DSEQTF=GS2.1.s1774829891$o1$g1$t1774829891$j60$l0$h0; _ga=GA1.1.1980892810.1774829891; ajs_anonymous_id=8a3528ef-ecae-4d6a-918e-6b61b4f3e7d5\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:14 GMT\r\ncontent-type: image/png\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":1584,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced","md5":"d91a0dc7f55fdbc7a50a8f6d8c62d68c","sha1":"f923a2992386832c9d75f6e997f6ad86ea90d8f5","sha256":"0502f847f58534681d4d35e91b52fc5bde062c62d8390ab32f5e29445368c123","sha512":"038b6e573de2c1521a0ebabc458fbfed2d2a56330b970d67336c85bafe670cdc7fa8d6cc19224ce868100f41b62132fd955b7832a7a256a5c1b7f4e33e8d2027","ssdeep":"","tlshash":"79310ac72b4b789d7a6b045c27877e484857253d842146492e51e53d2e6a1f102410e1","first_seen":"2026-03-28T16:05:39.418056Z","last_seen":"2026-04-29T13:47:02.767699Z","times_seen":8,"resource_available":false,"data":null}},"time_used":331,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":331,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/__statistics-proxy/images/e/s/0/1046.png","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:14.289Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /__statistics-proxy/images/e/s/0/1046.png HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/tr/\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D; _ga_2CT6DSEQTF=GS2.1.s1774829891$o1$g1$t1774829891$j60$l0$h0; _ga=GA1.1.1980892810.1774829891; ajs_anonymous_id=8a3528ef-ecae-4d6a-918e-6b61b4f3e7d5\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:14 GMT\r\ncontent-type: image/png\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1330,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced","md5":"c48fd2ef8673cb902c1584875e961ffe","sha1":"44f708a993f690239254aa49ae15da22ce666c71","sha256":"73fdbaa835f7f918311f93e98da4a014d67d0662fc81dbe4ea1b0f6605c3ed98","sha512":"74b825322bfb1db7630954ec4b3e2478ae12fb2eae2ab417ec97fe7e147b3b03e8d262ea23233ad56da969fa71baadc035455fe6b8da11a30c7dd9364495f6ac","ssdeep":"","tlshash":"0d21b6af5e14d6122d54244ed91718dbed362d7da330a90766bacc08d41a24315ce56e","first_seen":"2025-03-17T08:34:28.417085Z","last_seen":"2026-05-22T22:07:06.215152Z","times_seen":24,"resource_available":false,"data":null}},"time_used":215,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":215,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/69c8f7f605c7ed1c37642349/1jksgh73g","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"172.66.161.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:05.177Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 06 Mar 2026 09:33:33 GMT","end":"Thu, 04 Jun 2026 10:33:27 GMT"},"fingerprint":{"sha1":"F0:6C:DC:32:63:CD:34:E3:15:CD:7F:77:F5:A3:64:E0:9B:36:95:83","sha256":"B6:7F:6E:A3:69:3E:0D:3B:04:3E:8B:65:86:7E:1D:5F:82:84:18:16:8D:AD:72:D5:51:E3:46:BC:BD:CD:BC:38"}}},"request":{"raw":"GET /69c8f7f605c7ed1c37642349/1jksgh73g HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://gallabet1066.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 30 Mar 2026 00:18:05 GMT\r\ncontent-type: application/x-javascript\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=7200, s-maxage=3600\r\netag: W/\"stable-v4-69967ba6a3b\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\nage: 82\r\ncf-cache-status: HIT\r\nx-content-type-options: nosniff\r\nserver: cloudflare\r\ncf-ray: 9e42ef5e7d8b3181-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2123,"size_decoded":0,"mime_type":"application/x-javascript","magic":"JavaScript source, ASCII text","md5":"94a4bd340dc6119788751c6a95f18ca2","sha1":"c6f23b354a088c909d7aaaf0652561b672650884","sha256":"ee0b8fe37c4386603e789bc7d14c90a3e6f8804f64be931be235b9f90d2c8033","sha512":"4536b60bc7b905811dea575e64c834a051ed275d05727d9073a77134d83d4c3a4f29ebc6dcf06235becee9bd76fc89e906a90537e1b6226139a52edb9742dc01","ssdeep":"","tlshash":"5941edea5b4f1c56b22410d90ebef90ef47220e749da5892870c085272657ad2f8ee38","first_seen":"2026-03-30T00:17:55.400438Z","last_seen":"2026-03-30T02:15:03.168045Z","times_seen":3,"resource_available":true,"data":null}},"time_used":51,"timings":{"blocked":22,"dns":1,"connect":1,"send":0,"wait":6,"receive":0,"ssl":17},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1063.com/svg/games.json","fqdn":"icons.galabet1063.com","domain":"galabet1063.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:07.367Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1063.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:15:23 GMT","end":"Sun, 24 May 2026 11:15:19 GMT"},"fingerprint":{"sha1":"C4:6E:C1:0C:2A:88:F4:C7:0A:FC:21:E6:85:92:C0:68:80:2C:FB:17","sha256":"91:A1:28:71:34:B4:38:04:7E:56:1B:F2:5E:81:57:F5:65:0C:43:12:65:B7:83:86:E2:32:BC:61:62:00:6E:8C"}}},"request":{"raw":"GET /svg/games.json HTTP/1.1\r\nHost: icons.galabet1063.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://gallabet1066.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 30 Mar 2026 00:18:07 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nlast-modified: Mon, 30 Jun 2025 11:09:51 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=bkPkMlQSb4F2VveZ_KaYQjkHZuZJcXmo9OnPfRQSIgM-1774829887.381723-1.0.1.1-0WajwzqUmmIMrK_OW0xT9Nh1_MprdUIeUdAW7iX7H.PTASqqbKUGEr7wwA4DH3YZVPiA9zw_GLYSeZyaiMFxHlSxhxfyepjKkOWaoBNZVLYPNn76xxmFisa2kVpDeCMT; HttpOnly; Secure; Path=/; Domain=galabet1063.com; Expires=Mon, 30 Mar 2026 00:48:07 GMT\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=aW1%2BWBST4aX7LvucO%2BKgGEi0Y4l7hC5gny4ebswpwnGineG0Dpk4IJMt3xbRja5AerIoQVi7LzGzrI9ZLPirkDg0QdsxFX6wm2v2odi4k5CbyvJyIm6dNDl5ZsC5INZgzz5NI6dWaMU%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\netag: W/\"6862707f-525\"\r\ncontent-encoding: br\r\ncf-ray: 9e42ef6c2b61b509-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":1317,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"1124c704ce353b78a51dd2190edbf761","sha1":"969751af8092f4dfa4450def11dc616eff99a8e4","sha256":"02b58d0aaacddd78f61fcc4a92e72d8526294443ec8e695fe41a763a24d873b7","sha512":"62371f1a27dc5a9f43dc9d738c81641e16ad577f02a50973cd1515f41053160ac5286128dc60ba13ce57271eb462d1f258f830125048ecaad0944f9f5153e39c","ssdeep":"","tlshash":"fe21e14c573150fcfd4fb3e9a32e6b787449f2156823c878c05e45cc268aa4b64dc861","first_seen":"2025-08-01T03:40:47.562391Z","last_seen":"2026-06-08T11:36:24.435879Z","times_seen":1059,"resource_available":false,"data":null}},"time_used":98,"timings":{"blocked":15,"dns":0,"connect":0,"send":0,"wait":83,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/index-BPfjku9q.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.544Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/index-BPfjku9q.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gallabet1066.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"b6b-kncpGZZTmgFvJf6LY3WBYRCk3m8\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":2923,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (2922)","md5":"398568143e29b91d01a39cb130b59bf4","sha1":"9277291996539a016f25fe8b6375816110a4de6f","sha256":"1ebb7de2c487c9cac381d172e2f976282ffee405357432cb4d33c82ced2c3a86","sha512":"a233095558707aac2418e3d7b692523b8bb9af5e7c480c1f0c72d425bf41abcc9a8b676af86cb605977e92ff9a00cd0c28c6755d0de0d9a1928a5266c13c2125","ssdeep":"","tlshash":"d55151c7a042e7f4bfe708e6429b10b074374d5cfe1b44a092be58964958752e35bf4d","first_seen":"2026-03-28T16:05:39.532641Z","last_seen":"2026-03-30T02:15:03.14624Z","times_seen":8,"resource_available":true,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/__statistics-proxy/images/e/s/1/2056.png","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:14.279Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /__statistics-proxy/images/e/s/1/2056.png HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/tr/\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D; _ga_2CT6DSEQTF=GS2.1.s1774829891$o1$g1$t1774829891$j60$l0$h0; _ga=GA1.1.1980892810.1774829891; ajs_anonymous_id=8a3528ef-ecae-4d6a-918e-6b61b4f3e7d5\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:14 GMT\r\ncontent-type: image/png\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":1029,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced","md5":"d2b4b110fa5bf2a721528dafde9c2a76","sha1":"936f124d1e6e0ab7b9d9302d0210cbe1df27c3cb","sha256":"3fdebc6a4c12abebdd2c921036ac1f7eea79d2e7b45cf002ca546f111bae5338","sha512":"859cfee40dafb827fe3de6ebeee9b103258614b876abd6c6708888dc89c1e2fcc0c589415e3310c1362d7b8a29064ec80d60f96994a422122caf136b60d1e963","ssdeep":"","tlshash":"c611d8d2bbdc12e4df8c719f0635a18570004fd1c2ce52023284e035a785b8a8da28d6","first_seen":"2025-10-20T07:10:30.820543Z","last_seen":"2026-04-29T13:47:02.766799Z","times_seen":10,"resource_available":false,"data":null}},"time_used":186,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":186,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/Firebase-BQz29U-S.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:07.479Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/Firebase-BQz29U-S.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gallabet1066.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:07 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"1487f-9RVwtX+90JTaC+sxGpdBudjMANM\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":84095,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (4779)","md5":"5a7833f78effa1f0d98fe711de9bd881","sha1":"f51570b57fbdd094da0beb311a9741b9d8cc00d3","sha256":"8825b8e95295627a01f597a16173b69bb346e64bf7873da5559e040cdf4cfbb3","sha512":"13c3062da50f0a48a04bf9caf38f787770a31e92d27d6b4dd190d16ff04025f4e90e8c569c86bb350c5757bec0b7251bea5a03e2ae7df3fd8dbf5d07075dc0fd","ssdeep":"1536:N4B1ZtLG0w0MlRdcuwMU51uxIZOLphF4yslNmuICMmWJRvebilqVotWL8Avw+u7h:Ns1ZtLG0w0MlRdcuwMU51uxIZOLzF4yv","tlshash":"3783957d7a922a3317d189ab792f50cbb319c64d390f8394741ec0e91e3e45a45faeb0","first_seen":"2026-03-28T16:05:39.472649Z","last_seen":"2026-03-30T02:15:03.120027Z","times_seen":8,"resource_available":true,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/__proxy-cms-media/storage/medias/galabet10/media_751_609aa2021173dbc7867be74ac403fadb.png","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.072Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /__proxy-cms-media/storage/medias/galabet10/media_751_609aa2021173dbc7867be74ac403fadb.png HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/tr/\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: image/png\r\ncontent-length: 2609\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: Content-Type\r\ncache-control: public, max-age=315360000\r\ncf-ray: 9e42ef70a8dd4464-AMS\r\nlast-modified: Wed, 23 Aug 2023 05:40:21 GMT\r\netag: \"64e59bc5-a31\"\r\nexpires: Thu, 27 Mar 2036 00:18:08 GMT\r\naccept-ranges: bytes\r\nage: 48224\r\ncf-cache-status: HIT\r\nset-cookie: __cf_bm=8c2yiashle6FZ0oHpEKx65jkElxdR7Ic35JbaFIr_WQ-1774829888-1.0.1.1-RgdPGSNkuH6lBg7spsN7pxGc0fP8OTzKPU1evNHRyHbgpY3loZFDRILS_JlXOXs0z0ytrX8dtEU_TahuDsmQtxjj3gc9IBTNOzGujg09eL4; path=/; expires=Mon, 30-Mar-26 00:48:08 GMT; domain=.betcoapps.com; HttpOnly; Secure; SameSite=None\r\nvary: Accept-Encoding\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":2609,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced","md5":"7081c9d3ea2a6fa19a82d1f725a61d11","sha1":"3c161f97bafb034eb192b0ef890a5f2e4b3d39cb","sha256":"61390467d0ee7bf0ac7253d9128af3b18943ddc4effe0ef415b1d0ab9e4da2d1","sha512":"0c2e13235adef124de8c8fef5009e25cd362690a5865db9e3ac68b80d9bc4f6e30f13880416a42206ea81cd932ca17912a2bfeee7ade6f647b0c00f46b376a39","ssdeep":"","tlshash":"ab511cf531120e38d6a470339d16dec67804b445c4afc416f992eb2d3da61a478cbdb9","first_seen":"2025-12-24T22:39:15.996531Z","last_seen":"2026-06-06T23:43:56.124757Z","times_seen":54,"resource_available":false,"data":null}},"time_used":102,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":102,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/bookingBet-cESIhAq_.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.222Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/bookingBet-cESIhAq_.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/assets/DataspotTracking-C_baP2Ds.js\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"ed4-nTt/fMaW2i/+2xhxVX9DiwsjXXw\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":3796,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (3795)","md5":"02808f2f70ec537c2d34e7d444109b03","sha1":"9d3b7f7cc696da2ffedb1871557f438b0b235d7c","sha256":"bcb2d7b8cd2175fc2d17f002cd0d2292f497b914adda309f5bfedaf901e4ab41","sha512":"ae1b62eaf4c5e2aab0a7f1c0c5e84019eb1906d8dcde9d26831c66f4d26fb0798bd7d89dbf71b5d85470cf7f668119844b96992c51329556aa939d91f51c5c18","ssdeep":"","tlshash":"7a71e664fd20907e67f2317df4de7b426b2c4ba871a19a40ff6b5e0841848cbb534638","first_seen":"2026-03-28T16:05:39.507069Z","last_seen":"2026-03-30T02:15:03.271067Z","times_seen":8,"resource_available":true,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1063.com/storage/medias/galabet10/content_751_c372c2b09b76d984de01cd2413db3fa9.webp","fqdn":"icons.galabet1063.com","domain":"galabet1063.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.972Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1063.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:15:23 GMT","end":"Sun, 24 May 2026 11:15:19 GMT"},"fingerprint":{"sha1":"C4:6E:C1:0C:2A:88:F4:C7:0A:FC:21:E6:85:92:C0:68:80:2C:FB:17","sha256":"91:A1:28:71:34:B4:38:04:7E:56:1B:F2:5E:81:57:F5:65:0C:43:12:65:B7:83:86:E2:32:BC:61:62:00:6E:8C"}}},"request":{"raw":"GET /storage/medias/galabet10/content_751_c372c2b09b76d984de01cd2413db3fa9.webp HTTP/1.1\r\nHost: icons.galabet1063.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 30 Mar 2026 00:18:09 GMT\r\ncontent-type: image/webp\r\ncontent-length: 25320\r\nserver: cloudflare\r\nlast-modified: Mon, 15 Dec 2025 14:02:58 GMT\r\npriority: u=4,i=?0\r\netag: \"69401512-62e8\"\r\nexpires: Mon, 06 Apr 2026 00:16:47 GMT\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\naccept-ranges: bytes\r\nage: 81\r\ncf-cache-status: HIT\r\nset-cookie: __cf_bm=cxC0Y4TMDLxpfkUm5qLzhY_Ivl5VHrycIykfTdWUpfg-1774829889.086402-1.0.1.1-KU8PmO_8Gm.6OCvB94CXDgKAX1pYz6b.E7F5lufoveW681fTWxgOFTutfdbuCAGHkEx0Mzkx42POMR5urGNcJz51dVCbhP5B8WSJgbN8WNcj0SGx6jN2zrtagyp4MXGm; HttpOnly; Secure; Path=/; Domain=galabet1063.com; Expires=Mon, 30 Mar 2026 00:48:09 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qIq6v18LMVs4kqFSfcMgffs9hVDTxDTcuaZUGcsEO1h0Z%2FCrzXdVg3yfFJM8SDjh70EQGhyzXpCGlbMYIceNAk0ajJlUA8nv9LHWOHixWD9z1Yubiz1542x%2FakfDVDk6dS7xVETVnR4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e42ef76ca405687-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":25320,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"acc869e91de526af3cc37efa5e7cd714","sha1":"96a65c3c5c64e544be0a75f42e7578147811db69","sha256":"57b2bd8ba04c5fc5617770502b74fbcbe449dbb22377f04e8042147dcc5da51b","sha512":"d35b2e9c750078007a66162e0b7956edb0b85f33f4e5fdaa25c83b7a4bbbb8e7540ff6eaa60d012ba904f0254bf0d35ac531b422eaa44763a785f64f01442722","ssdeep":"384:2AJyeaoQmlt01QNg7DPEqZK5Ud6nw4Gw+Ma8iASXoK41z+I/gYbz0n89B/EV:ZyeaoQmlS1BL6uwLHSYK41+Hc0nce","tlshash":"82b2f1b0154ab6d3708548666c0d3e9017ce8f5034ae0bf4789020229765f5fe4cfb9a","first_seen":"2025-12-24T22:39:16.063814Z","last_seen":"2026-06-03T04:20:31.844925Z","times_seen":63,"resource_available":false,"data":null}},"time_used":137,"timings":{"blocked":112,"dns":0,"connect":0,"send":0,"wait":24,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gstatic.com/recaptcha/releases/79clEdOi5xQbrrpL2L8kGmK3/recaptcha__en.js","fqdn":"www.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.67","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.recaptcha.net/recaptcha/api2/anchor?ar=1\u0026k=6LcKXcgUAAAAABnErUWDwYMpRiWUfgDhsWTkyPIJ\u0026co=aHR0cHM6Ly9nYWxsYWJldDEwNjYuY29tOjQ0Mw..\u0026hl=en\u0026v=79clEdOi5xQbrrpL2L8kGmK3\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=30000\u0026cb=d0lzo1o10o6f","date":"2026-03-30T00:18:14.579Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 09 Mar 2026 08:37:46 GMT","end":"Mon, 01 Jun 2026 08:37:45 GMT"},"fingerprint":{"sha1":"CE:A8:F5:0E:2D:25:9E:74:0C:47:4D:6C:AD:DF:7B:FC:CE:E6:41:7D","sha256":"E1:06:81:F7:22:E3:29:2F:2A:B9:4C:3F:37:46:25:24:5B:C8:B5:7F:9C:3E:54:A2:D2:DD:E0:54:C0:09:12:C1"}}},"request":{"raw":"GET /recaptcha/releases/79clEdOi5xQbrrpL2L8kGmK3/recaptcha__en.js HTTP/1.1\r\nHost: www.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.recaptcha.net/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha-scs\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"recaptcha-scs\"\r\nreport-to: {\"group\":\"recaptcha-scs\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/recaptcha-scs\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 370674\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 25 Mar 2026 00:32:39 GMT\r\nexpires: Thu, 25 Mar 2027 00:32:39 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Mon, 23 Mar 2026 04:01:54 GMT\r\ncontent-type: text/javascript\r\nvary: Accept-Encoding\r\nage: 431135\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":870412,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (703)","md5":"b55b90c630ad899c694dc42582979708","sha1":"f08949879387eb8dd6553c8b0c548c701b5f0db9","sha256":"eb297967f5005eb95dfb369ff9f780a436a67144be372260b6f86f6fe37b917f","sha512":"eb9945688c1c7a4847df769bd9072f9f3be532c697c1b11185b48345162ab6a22c7ac2b8a251c9835e81ad8a8b155d67f0885a1986908cd69b3f9370f5a030d3","ssdeep":"12288:Epo+RhFDORIh355fBjbFOsAi6dhTOLtl5dlV3EZm9eyVbI:UhFDsIZ55fBjbFwZItXB3EZAhbI","tlshash":"ea053bd879127be16372b4f510673009736da826d88c086df6a5d8f02eb194d70f6ebb","first_seen":"2026-03-26T03:15:38.916554Z","last_seen":"2026-06-05T22:00:02.856876Z","times_seen":11772,"resource_available":true,"data":null}},"time_used":145,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":31,"receive":114,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/withPanelButton-Bpxwaf69.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.122Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/withPanelButton-Bpxwaf69.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/assets/NotificationsButton-Ch9T4mRH.js\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"441-zf48CYHpmiSS29Q//cn1tY9CLK4\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":1089,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (1088)","md5":"89b6a48fe47185ce4f5c4a33a071c6ad","sha1":"cdfe3c0981e99a2492dbd43ffdc9f5b58f422cae","sha256":"e11eeacaa70afd147e464e1ad09ec130270a1344f5db3f218a6e426cef596ad4","sha512":"0fd698127b2bbf6d6fb73fcfe475cc0d2f8b26c1b87f62c9d2af7bbf1861166fc822fee14ef4868e742bbb1ce5eda186245bf4c4ecae6cd3325c6b886f640844","ssdeep":"","tlshash":"311112e4f5c4a9b1f0c41188577b2cb2759e32c9dce114d031b6c8ea5fe80489a5e9af","first_seen":"2026-03-28T16:05:39.510646Z","last_seen":"2026-03-30T02:15:03.139335Z","times_seen":8,"resource_available":true,"data":null}},"time_used":34,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1063.com/storage/medias/galabet10/content_751_a1274caa13ee07a1be1c6d0bd67f8e17.webp","fqdn":"icons.galabet1063.com","domain":"galabet1063.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.502Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1063.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:15:23 GMT","end":"Sun, 24 May 2026 11:15:19 GMT"},"fingerprint":{"sha1":"C4:6E:C1:0C:2A:88:F4:C7:0A:FC:21:E6:85:92:C0:68:80:2C:FB:17","sha256":"91:A1:28:71:34:B4:38:04:7E:56:1B:F2:5E:81:57:F5:65:0C:43:12:65:B7:83:86:E2:32:BC:61:62:00:6E:8C"}}},"request":{"raw":"GET /storage/medias/galabet10/content_751_a1274caa13ee07a1be1c6d0bd67f8e17.webp HTTP/1.1\r\nHost: icons.galabet1063.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: image/webp\r\ncontent-length: 154566\r\nserver: cloudflare\r\nlast-modified: Sun, 29 Mar 2026 14:12:56 GMT\r\npriority: u=4,i=?0\r\netag: \"69c93368-25bc6\"\r\nexpires: Mon, 06 Apr 2026 00:16:46 GMT\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\naccept-ranges: bytes\r\nage: 82\r\ncf-cache-status: HIT\r\nset-cookie: __cf_bm=qGdbd9dOgb4VQ3HPvbHZMGXupjhGcVTi1a3zmrtlg0A-1774829888.46984-1.0.1.1-gnablBEkhrOBq.zVgmVBTudSnvI8LeFbpQ4lhNAM59KUiTmUlmT2ASCl_OH1psD6mcKyCaD9EqfegFadvsj23n_hCqC2h3dsmd0Y.fY49eZM1gGnRDsITixRiHaA4dsG; HttpOnly; Secure; Path=/; Domain=galabet1063.com; Expires=Mon, 30 Mar 2026 00:48:08 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=FsVSU%2FflJs4lCv2Q%2B63srRU1qurVMxiVAVwrLOgZruXGnNb5w2W7OCAvVcPd7j7L9pBn0ZALIBImzfeUYJzpxdAg32ZXSq1WmIbuu8c1cN7ZOs1I76tY4owhNgi2o3QBWzP9glsSYEY%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e42ef72e8925687-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":154566,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 2600x662, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"8b9a2444453ba1294056b958425f45b6","sha1":"c3b7246990402e20762b9e4587865034d22acdc3","sha256":"4dc282562efcda5e5cc4ba5466709a8170c2cc37efb4be726b14b7cb6e8aa67c","sha512":"bc280a526b2c70d99b0720c677bfadf7f6d95344604979228e13b37b4fa9b5a8485f6f13b82fa4beb53ca95020c95fc057f2185e8a835ccd73cab7f05647e4ee","ssdeep":"3072:XSd5Fu1kESV8U8vlAgaTzl+pL5gLkq7sRHAx7R7jnM5:id5Fu1kESUKEL5gLkq7a67Rvw","tlshash":"62e31347ce72008560cfc415d952c194caa33e999718e2ab2fdb53fa67a34719c49fdc","first_seen":"2026-03-30T00:17:55.489054Z","last_seen":"2026-03-30T02:15:03.216211Z","times_seen":3,"resource_available":false,"data":null}},"time_used":34,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":16,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"crm-lib.fasttrack-solutions.com/wc/rewards-main.umd.cjs?v=493008","fqdn":"crm-lib.fasttrack-solutions.com","domain":"fasttrack-solutions.com","tld":"com"},"ip":{"addr":"104.26.5.72","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.774Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fasttrack-solutions.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 25 Mar 2026 06:34:08 GMT","end":"Tue, 23 Jun 2026 07:34:07 GMT"},"fingerprint":{"sha1":"6A:FF:CB:88:7D:2C:21:DB:DF:9C:CE:23:37:4F:33:97:B2:66:83:F9","sha256":"D6:89:30:57:7F:09:DC:DF:2F:F6:56:BD:C5:FA:DD:99:4A:6D:A6:D6:C0:95:94:F2:71:EA:ED:8B:67:DB:6D:46"}}},"request":{"raw":"GET /wc/rewards-main.umd.cjs?v=493008 HTTP/1.1\r\nHost: crm-lib.fasttrack-solutions.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://gallabet1066.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 30 Mar 2026 00:18:09 GMT\r\ncontent-type: application/javascript\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET\r\naccess-control-expose-headers: ETag\r\naccess-control-max-age: 3000\r\nlast-modified: Tue, 24 Mar 2026 07:36:28 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: BdMk6Wk8aWRo6lu9Z6ewjaTG_8Au_GVB\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5PxserxJUr%2F3aMwQTHkB3SUVtJjs2HI3kBmBzjcA0Ynlu%2FhKYb0lZn9IJU3FqihSB2YGgxAkVzj7WsjX0uE6BOr6C97uoeLQsSjO%2FDQeAgGwuB4X31iTBqV2CdpzZ%2FQzp9ArKlnXTedGb78AiizZVJA%3D\"}]}\r\nserver: cloudflare\r\nvary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ceb77ae2808ed96bb38d1b2c27dcb6aa.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: 07tKVpym-16fy2lTRcAD6ln36Ql4nO03usS5-9vBfkl3Ay9Eu4IajQ==\r\nage: 82\r\ncache-control: max-age=31536000\r\ncf-cache-status: HIT\r\netag: W/\"a7570e482ddf964f60caa6a8f57a1c1e\"\r\ncontent-encoding: br\r\ncf-ray: 9e42ef76cc16b505-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":957435,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (35622)","md5":"a7570e482ddf964f60caa6a8f57a1c1e","sha1":"ee33327f4bb6eef06278f27b133482c1827ef75e","sha256":"23fa54fd78d3135fc91f2eb6e218cf6bad6177c7582807d095edc2d4eb03600f","sha512":"a0d8c7aa6833ce29a1d6b3226fbc0d23958098242babc6156a2580a6215acd1bd5da7118620c2c3933c3f8c1a85e484474fa5f49789d75fc0424334d98b533d3","ssdeep":"24576:Ilh8uJBnzlhchoxy763W69ht8kjLs638DymN0+o/CeeDHHnmlhkpNR8ehhg:IlauJBnzluhoxy763W69gkjL/E0+o/CS","tlshash":"3c157d9472567434c37795a260be050c733c5b037406c6a8f2bc99a92fd7c9aa27bb7c","first_seen":"2026-03-28T16:05:39.59312Z","last_seen":"2026-04-04T19:51:35.140437Z","times_seen":15,"resource_available":true,"data":null}},"time_used":692,"timings":{"blocked":314,"dns":20,"connect":23,"send":0,"wait":58,"receive":0,"ssl":263},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/__proxy-cms-api/api/public/v1/tur/casino/partners/751/platforms/0/games?category=406\u0026limit=12","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.105Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /__proxy-cms-api/api/public/v1/tur/casino/partners/751/platforms/0/games?category=406\u0026limit=12 HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/tr/\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 1221\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS\r\naccess-control-allow-headers: X-Requested-With,Content-Type,Origin,Accept,Accept-Encoding,Accept-Response\r\ncf-ray: 9e42ef70cfdbf546-AMS\r\ncontent-encoding: br\r\ncache-control: max-age=600\r\nvary: Accept-Encoding\r\ncf-cache-status: DYNAMIC\r\nset-cookie: __cf_bm=NoFzjNQZFOiJws0K2IvoLBvDbYFvndumcSaR6vCpokU-1774829888-1.0.1.1-p5HB5tWTfHga95OAu.ezFuGtLo28CZLxLWZlkk3EuMdQIOh8hzBLkV6_ss5kdPE8ohqR.FPKfmg.MKGbgsDL6GsS5RI.bpt7f5hbYwhwWNY; path=/; expires=Mon, 30-Mar-26 00:48:08 GMT; domain=.betcoapps.com; HttpOnly; Secure; SameSite=None\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5981,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"fd0d965ae6f0dc364d04e0283d70bfc2","sha1":"b6eec32c8588df9375c9857e332004e505c9bcd0","sha256":"eaff2223516634bc1402a4a52e05cac4eb7c6bd67eaa0818834eb5c6100b6e89","sha512":"dd65c3f08f15f9d8085336263082080d527d9d5b5f3b23789cc9c627f14af3d0e4590e39784f9db24d52eb9e838593bdd4df7c29ac9727cb208e52a9f6393f99","ssdeep":"96:Eg1PC71ejYYvkAka1wcweYYCpvYYvxj1YpYYCNCjYYvKUYYvV6Vg01t8t8l17/:Eg1P81ejFvt31jjFCpvFvxj1YpFCN0F6","tlshash":"bdc1ad4a4d34faefbb59094074423c0d9cbe53c2aa8dbe10cc56994e60e90e567726ef","first_seen":"2026-03-21T17:26:39.64763Z","last_seen":"2026-03-30T02:15:03.124822Z","times_seen":12,"resource_available":false,"data":null}},"time_used":114,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":114,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/useJackpot-D3CfHg5h.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.486Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/useJackpot-D3CfHg5h.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/assets/JackpotPoolsWidgetContainer-B5MGOsjJ.js\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"58b-gm2d5dtCf7M9ADywfOBkAG13BFU\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":1419,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (1418)","md5":"2f35f1b682fcc0133730fc13d994d982","sha1":"826d9de5db427fb33d003cb07ce064006d770455","sha256":"cbf704512cfd9422e0d3971b7462ec032c8ea726f7210201147934c832ea8f69","sha512":"d25cceab0749d0952121e522d15436ec05e6947888ebe01f5f8d71ef1195156fd17a625b0691d246911efa23f05f0514e115e6cc7f9c21ea2d527d80c77f7d7b","ssdeep":"","tlshash":"9721e045c059e5f8f5cd8cb10167972a2b3c3f797440a0a0e0ba5ebd57ace45b6a0b93","first_seen":"2026-03-28T16:05:39.405107Z","last_seen":"2026-03-30T02:15:03.166974Z","times_seen":8,"resource_available":true,"data":null}},"time_used":36,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":36,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1063.com/storage/medias/galabet10/content_751_1e0032d5ab6bc47ae0ff53da48c1e21a.webp","fqdn":"icons.galabet1063.com","domain":"galabet1063.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.979Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1063.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:15:23 GMT","end":"Sun, 24 May 2026 11:15:19 GMT"},"fingerprint":{"sha1":"C4:6E:C1:0C:2A:88:F4:C7:0A:FC:21:E6:85:92:C0:68:80:2C:FB:17","sha256":"91:A1:28:71:34:B4:38:04:7E:56:1B:F2:5E:81:57:F5:65:0C:43:12:65:B7:83:86:E2:32:BC:61:62:00:6E:8C"}}},"request":{"raw":"GET /storage/medias/galabet10/content_751_1e0032d5ab6bc47ae0ff53da48c1e21a.webp HTTP/1.1\r\nHost: icons.galabet1063.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 30 Mar 2026 00:18:09 GMT\r\ncontent-type: image/webp\r\ncontent-length: 18886\r\nserver: cloudflare\r\nlast-modified: Tue, 01 Oct 2024 12:45:34 GMT\r\npriority: u=4,i=?0\r\netag: \"66fbeeee-49c6\"\r\nexpires: Mon, 06 Apr 2026 00:16:47 GMT\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\naccept-ranges: bytes\r\nage: 81\r\ncf-cache-status: HIT\r\nset-cookie: __cf_bm=MiglRVvFuDv4hbbAxmbG0nYWFl5lDIFK0_HcyqIiYqA-1774829889.0872576-1.0.1.1-3neYfrTG1Z3nQlg6X8zoZ0qEA.VCcC3HBIhkH3rkNHEq7DYWd6OyrvTaHNEBsRUZ.o4PWYY0PPnVOxn8QLy6vfezxrtKZuFmQ2xKpfbo_jAzpmSjqs77a8OHb1i5KxPd; HttpOnly; Secure; Path=/; Domain=galabet1063.com; Expires=Mon, 30 Mar 2026 00:48:09 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=julVtD4ykr7CSXOrtFmR7Hv65rjHDJ%2F4mx0zGkJUdUcAROypG9RoUNXZVbYWRSSh%2FzncUXXzUUh2voFCUiW%2BAuL3JpBj4zije%2F0MpyoK92VFNublfq4g7p%2BD0rdZj%2B0mw1FVxeGMkMg%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e42ef76ca435687-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":18886,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"aa5bb675b18fb9ff6ebcefc6c52b2b80","sha1":"aef0af185eab795ed1e66b6fd386bb2bbdf99a51","sha256":"9e57aa30fe310aacb3a5660d08ad36e93609014c63ab91e2674217cc81ebc5b5","sha512":"bda4926c3f51a68f3466aad782bb0e212b59ebc698591699ce3927038ba8a8dfbd52ae66535da875700c6ef2cbbdabb67fdab3a92629c17cf2bdd2d909459623","ssdeep":"384:uTMJDMzfI4dhbysbrfdO/1rYKo5nvpEg8SA21BvLQzOSMGz:XJozfI4/ysbr1O/1AvlD1LQKMz","tlshash":"4082e1099a7934e9329308fe1b21614d31f03ab66c405758db7ccbe410c1d956b6faf5","first_seen":"2025-12-24T22:39:16.22703Z","last_seen":"2026-06-06T23:43:56.14056Z","times_seen":55,"resource_available":false,"data":null}},"time_used":135,"timings":{"blocked":105,"dns":0,"connect":0,"send":0,"wait":29,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtm.js?id=GTM-WL4QZ2GQ\u0026gtm_auth=\u0026gtm_preview=\u0026gtm_cookies_win=x","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.251.143.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:11.004Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 09 Mar 2026 08:36:15 GMT","end":"Mon, 01 Jun 2026 08:36:14 GMT"},"fingerprint":{"sha1":"58:CB:88:A1:C4:55:4E:E5:46:DC:A0:9C:B3:54:25:79:20:1E:E8:09","sha256":"0B:B5:96:A2:57:57:EC:BA:63:14:8A:AF:4C:C2:32:63:18:8B:75:80:8F:78:1D:1F:5B:00:B7:B3:7E:C9:B7:18"}}},"request":{"raw":"GET /gtm.js?id=GTM-WL4QZ2GQ\u0026gtm_auth=\u0026gtm_preview=\u0026gtm_cookies_win=x HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Mon, 30 Mar 2026 00:18:11 GMT\r\nexpires: Mon, 30 Mar 2026 00:18:11 GMT\r\ncache-control: private, max-age=900\r\nlast-modified: Mon, 30 Mar 2026 00:00:00 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 129179\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":398357,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (32337)","md5":"735871e59847a355315f61a4a8d5350c","sha1":"7020d4a05e3cbe1a9eb024c18e7471ee46432a32","sha256":"1f3a47d5c8f38da0283195ffe7d09255abcf0faa6f6fc2a78e3cc6e1ef9d8dd5","sha512":"da7b511a5c0f74714af1f7b0fedd900ec4ac99df7ddc35e5e57b38f154212f57c93d770998b2f779ac8b372e96969f47c282645e88b70d7823f3d93c08f3834e","ssdeep":"6144:FrL5bRuPtxd5hORjaFlrQJlQGXms8WVd1W+rwkQd9DOVe5:FrL5bRuPtxdRlUJlp8IsL","tlshash":"f98419cdb7d6b46643a3a474903f118fb27a28e2b44cd894f085c8d42e746aa1277f7d","first_seen":"2026-03-30T00:17:55.476495Z","last_seen":"2026-03-30T00:19:06.779792Z","times_seen":2,"resource_available":true,"data":null}},"time_used":43,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":21,"receive":22,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/__statistics-proxy/images/e/s/1/2406.png","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:14.282Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /__statistics-proxy/images/e/s/1/2406.png HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/tr/\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D; _ga_2CT6DSEQTF=GS2.1.s1774829891$o1$g1$t1774829891$j60$l0$h0; _ga=GA1.1.1980892810.1774829891; ajs_anonymous_id=8a3528ef-ecae-4d6a-918e-6b61b4f3e7d5\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:14 GMT\r\ncontent-type: image/png\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":1573,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced","md5":"6e17becefd3669d19dcd1aec641ac874","sha1":"5ffab63f12a97c4767f676cdb103e21918566766","sha256":"78932828bbfa5dd3326f3bf2d528435d0a9740809a685fb9d83a362972e1cdc0","sha512":"2c287697341a8844f9c95828f37b94489b66c95997d066b4690cda97be6de7ccd81397128437f89b5fd967a42d387a44a9fbaf6e0723b8240796e34da7cc4b6a","ssdeep":"","tlshash":"3631070a2b48bc9bf49d2b78624dc14cb83faa96068c79019e9cd0a5524fd422c218f2","first_seen":"2023-12-02T01:31:51Z","last_seen":"2026-04-29T13:47:02.748017Z","times_seen":13,"resource_available":false,"data":null}},"time_used":115,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":115,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/withPanelButton-Bpxwaf69.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:07.485Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/withPanelButton-Bpxwaf69.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gallabet1066.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:07 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"441-zf48CYHpmiSS29Q//cn1tY9CLK4\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":1089,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (1088)","md5":"89b6a48fe47185ce4f5c4a33a071c6ad","sha1":"cdfe3c0981e99a2492dbd43ffdc9f5b58f422cae","sha256":"e11eeacaa70afd147e464e1ad09ec130270a1344f5db3f218a6e426cef596ad4","sha512":"0fd698127b2bbf6d6fb73fcfe475cc0d2f8b26c1b87f62c9d2af7bbf1861166fc822fee14ef4868e742bbb1ce5eda186245bf4c4ecae6cd3325c6b886f640844","ssdeep":"","tlshash":"311112e4f5c4a9b1f0c41188577b2cb2759e32c9dce114d031b6c8ea5fe80489a5e9af","first_seen":"2026-03-28T16:05:39.510646Z","last_seen":"2026-03-30T02:15:03.139335Z","times_seen":8,"resource_available":true,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/walletConnect-CiycSUBb.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:06.827Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/walletConnect-CiycSUBb.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gallabet1066.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:06 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"7ce-4NL9XQUE1X1LJPUYsilS0smIp/4\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":1998,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (1997)","md5":"da47465662d5f1b88313ef72ebb29b9b","sha1":"e0d2fd5d0504d57d4b24f518b22952d2c988a7fe","sha256":"3bab1d05ac548fa6a9da34691fb10a9952e78e39de56d9db8e707490f5693803","sha512":"0caccce9e0a63d128acb707352cf961d8f203ab6088a491971a415a6902229d366a19c5983aa951831611446a97d432ac6eb2fa0aaba7cafee0d82e68688bcb2","ssdeep":"","tlshash":"cc4153ed9a14e4fccd74d1801ac9a709a0268ec6b40d40cb71cd912f0ffd4aad546b27","first_seen":"2025-03-03T02:49:15.275081Z","last_seen":"2026-06-06T21:30:11.623634Z","times_seen":1659,"resource_available":true,"data":null}},"time_used":47,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":47,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"galabet.winwingames.io/check-auth","fqdn":"galabet.winwingames.io","domain":"winwingames.io","tld":"io"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://galabet.winwingames.io/","date":"2026-03-30T00:18:08.063Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"winwingames.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 08 Feb 2026 19:47:04 GMT","end":"Sat, 09 May 2026 20:45:41 GMT"},"fingerprint":{"sha1":"5F:A1:45:1D:4B:B7:61:A8:B4:5F:25:27:8B:2E:35:9F:B2:AE:4E:72","sha256":"80:69:5A:6E:C6:E7:5E:F3:BF:B1:27:9B:EC:BD:81:46:6D:C9:B0:59:00:CC:90:C4:6D:BC:45:CE:D4:38:E5:01"}}},"request":{"raw":"GET /check-auth HTTP/1.1\r\nHost: galabet.winwingames.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://galabet.winwingames.io/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: application/json\r\naccess-control-allow-origin: *\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=tQw3vWWX%2BlLHGt9CpwBwrS%2F4NkrikrBbAwlP2T93pd1h9k3lrnDWBdbfHRaVrZ2g6sviW9SmcNJrBM5vUL5xUK%2Fh1%2Fb77phjfQb%2BnxZAIVCCFhqY3vACtV1zA%2B6FgkJSt1bnQygdw7NC\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 9e42ef701d14dfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":20,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"a0fbfc07d732802cbc977cd1df3f2adc","sha1":"97aa8607574c851a0633302a0b56ef67c25ba7b6","sha256":"69c2b8e06630556f0356093d2679ff3a26a9ce177a8c784ce85a52760a2db3b6","sha512":"97af218dccd0b6236b52ec304ff3545a062d74682ae44aa453e32818f2e6aec8166513815ad87a5dfbd4e15b968a5947743c09435dcc01183f73d28bf5e67df3","ssdeep":"","tlshash":"f070000002000a0aaa0000080300022388008c38a32020288000802020830880002800","first_seen":"2023-07-01T06:35:26Z","last_seen":"2026-06-08T12:03:46.615045Z","times_seen":476,"resource_available":true,"data":null}},"time_used":592,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":592,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/usePriceChange-BUWblRaB.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.517Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/usePriceChange-BUWblRaB.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/assets/FeaturedGames-DfIwIlXg.js\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"1d6-CZoHa3fJ8KcWe/yW2F0SiEIdFgo\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":470,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (469)","md5":"6c60da2f36cbb5113e240c4511901263","sha1":"099a076b77c9f0a7167bfc96d85d1288421d160a","sha256":"7ce97772d8642a6c697a506574df8b8e8a7d5901e7426c0dbbf4b8bc4ab51514","sha512":"c0e39a25d56ffe6f51d20ad2f19a0eb5b1bd486eaf25f50c05d3c60d9ad40d89cdf64f675e0a650adf78a3b5efa62772dba7f96105ce56a9c61b0a8a550c1912","ssdeep":"","tlshash":"ccf05cbd14901823545f0cc4c26485572fe52ad56bbec31eb230882d37589af06aef66","first_seen":"2026-03-28T16:05:39.423122Z","last_seen":"2026-03-30T02:15:03.22844Z","times_seen":8,"resource_available":true,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"crm-lib.fasttrack-solutions.com/lib/js/fasttrack-crm-app.js?v=caaa61a","fqdn":"crm-lib.fasttrack-solutions.com","domain":"fasttrack-solutions.com","tld":"com"},"ip":{"addr":"104.26.5.72","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:09.427Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fasttrack-solutions.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 25 Mar 2026 06:34:08 GMT","end":"Tue, 23 Jun 2026 07:34:07 GMT"},"fingerprint":{"sha1":"6A:FF:CB:88:7D:2C:21:DB:DF:9C:CE:23:37:4F:33:97:B2:66:83:F9","sha256":"D6:89:30:57:7F:09:DC:DF:2F:F6:56:BD:C5:FA:DD:99:4A:6D:A6:D6:C0:95:94:F2:71:EA:ED:8B:67:DB:6D:46"}}},"request":{"raw":"GET /lib/js/fasttrack-crm-app.js?v=caaa61a HTTP/1.1\r\nHost: crm-lib.fasttrack-solutions.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://gallabet1066.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 30 Mar 2026 00:18:09 GMT\r\ncontent-type: text/javascript\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET\r\naccess-control-expose-headers: ETag\r\naccess-control-max-age: 3000\r\nlast-modified: Wed, 11 Feb 2026 13:55:46 GMT\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: jD3YWZG5NtFt4BcajB7OMpiBQ.UUxxmD\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lBJNawuKHypWTb2jvkR1v3T%2BYjWQ7FysX22Q%2B5kjpdOv3d8GQcHxx3e%2Fnp7VYsWy5shZ%2FduADO%2BQ9tAaULfZXBmXessFhEUCCyfNRFmiCQPtF16v8gq42NeDRffiE%2B%2FPD5YWjqX3KQWn0yNceVJfpr4%3D\"}]}\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method\r\nx-cache: RefreshHit from cloudfront\r\nvia: 1.1 d5fd4f36a8dc316ac9f65d9c9b60260e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: qLTPpsimUO847J2TKfSIqCkqk9u02zzTuQZKcIxjWPK21LIMSi7EIg==\r\nage: 82\r\ncache-control: max-age=31536000\r\ncf-cache-status: HIT\r\netag: W/\"c2b96460440b1358a43a511913fcc46a\"\r\ncontent-encoding: br\r\ncf-ray: 9e42ef78dceab505-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":75107,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"c2b96460440b1358a43a511913fcc46a","sha1":"815bc669e0c05413dd3618b44e995de5200098b8","sha256":"6a86bcf9466e23eb5dd702ffae4b53f730cde0c3a160ccfff8afca7169cd7c98","sha512":"64c88dfbdb85e2b328f8e690a4829accddbc943dfe479a4210ddf28c872f5fccedd46f23c525e2653f27d6e3d24aefaac7d9500f8027c0f08ab2be0abbe58d13","ssdeep":"768:HQzjpSkGROiRfEu8T3eSwKo2hWN0Kh4yPaw6ANGp2u+A47WFfVVoO4kC:wHpSbROiVJ88hawKV+A47OVo2C","tlshash":"4773b88db1d2badd4de32021535b3604f23b1974542bd484f7acedd52a28b0be227b6d","first_seen":"2026-02-12T21:09:52.719393Z","last_seen":"2026-04-14T09:08:05.884309Z","times_seen":63,"resource_available":true,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69967ba6a3b/js/twk-vendor.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"172.66.161.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:05.618Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 06 Mar 2026 09:33:33 GMT","end":"Thu, 04 Jun 2026 10:33:27 GMT"},"fingerprint":{"sha1":"F0:6C:DC:32:63:CD:34:E3:15:CD:7F:77:F5:A3:64:E0:9B:36:95:83","sha256":"B6:7F:6E:A3:69:3E:0D:3B:04:3E:8B:65:86:7E:1D:5F:82:84:18:16:8D:AD:72:D5:51:E3:46:BC:BD:CD:BC:38"}}},"request":{"raw":"GET /_s/v4/app/69967ba6a3b/js/twk-vendor.js HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://gallabet1066.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 30 Mar 2026 00:18:05 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Thu, 19 Feb 2026 02:56:35 GMT\r\netag: W/\"3b341e35b39f6195793ecaf5db7c1d63\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\nage: 82\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nx-content-type-options: nosniff\r\ncf-ray: 9e42ef6119703181-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":82913,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65472)","md5":"3b341e35b39f6195793ecaf5db7c1d63","sha1":"3ef56ed9ac8bfbf5347dc4592653703f59763083","sha256":"548669d6434f5204dca25b9a6f8a02f63301b8c1b58a717b91fec8b6c2918305","sha512":"6b222121b74ffeabd4de7b69f354ad25283d0989376e8e3f6d97f829e28175291eab0a535ca77c22d3f65595250ad9ad3909525c2eb74bf9783f4955c3d7cde2","ssdeep":"768:kURUFvX9zXAfE4dm9+fuDosXRfMySUHM1ONdYO31hY6d/o6cyO4fefHvSAW64F:kURUZXGfzd1uU+8ODY6JORfHBWJF","tlshash":"b483e6dcb295b57117ab20b5417f050bf33a7815a80ac0a4f266f4da7c7848ea06bf7d","first_seen":"2024-03-08T05:46:53Z","last_seen":"2026-06-08T19:38:41.244294Z","times_seen":58995,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"va.tawk.to/v1/widget-settings?propertyId=69c8f7f605c7ed1c37642349\u0026widgetId=1jksgh73g\u0026sv=null","fqdn":"va.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"172.66.161.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:05.814Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 06 Mar 2026 09:33:33 GMT","end":"Thu, 04 Jun 2026 10:33:27 GMT"},"fingerprint":{"sha1":"F0:6C:DC:32:63:CD:34:E3:15:CD:7F:77:F5:A3:64:E0:9B:36:95:83","sha256":"B6:7F:6E:A3:69:3E:0D:3B:04:3E:8B:65:86:7E:1D:5F:82:84:18:16:8D:AD:72:D5:51:E3:46:BC:BD:CD:BC:38"}}},"request":{"raw":"GET /v1/widget-settings?propertyId=69c8f7f605c7ed1c37642349\u0026widgetId=1jksgh73g\u0026sv=null HTTP/1.1\r\nHost: va.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gallabet1066.com/\r\nOrigin: https://gallabet1066.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nx-served-by: visitor-application-preemptive-dsx4\r\naccess-control-allow-origin: *\r\naccess-control-max-age: 3600\r\naccess-control-allow-methods: GET,OPTIONS\r\naccess-control-allow-headers: content-type,x-tawk-token\r\ncache-control: public, max-age=7200, s-maxage=1800\r\netag: W/\"2-13-0\"\r\ncontent-type: application/json\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ndate: Mon, 30 Mar 2026 00:18:05 GMT\r\npriority: u=4,i=?0\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\nage: 81\r\ncf-cache-status: HIT\r\nserver: cloudflare\r\ncf-ray: 9e42ef625bf5dfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3405,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"c9e68a6c01f2203f26e4e27e60bd4f34","sha1":"168f7cab8143cb4749ac84eb68c874c44321df95","sha256":"3b0bec91dcb4a7a624174d2e2226d6c27756b66650cb5926fcea8cc34ec5c22a","sha512":"2c8f688b69378044ab15a61171166b72eaa91c6690f739449d8a3606d8cd5e09362a06ceab213cdff8f9d8d421e278a7fb80f1ff8d27574e267e1d77f249e01d","ssdeep":"","tlshash":"b36153294a15dd7da3cc8283b1df3a23e43cd123e384590de1985d3893ea9ce226271f","first_seen":"2026-03-30T00:17:55.349941Z","last_seen":"2026-03-30T02:15:03.195928Z","times_seen":3,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/tr-D5SL2RUn.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:06.706Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/tr-D5SL2RUn.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gallabet1066.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:06 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"5b3-1BS9IG8drTpzwbmWttBJnvMYgO0\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":1459,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (1438)","md5":"3abf0a5430cab7aa01adf0e7c0166bff","sha1":"d414bd206f1dad3a73c1b996b6d0499ef31880ed","sha256":"4848b14db52c1881d2ab6dcd2da96487bf4cb8a0efcac7cce0985707b1510586","sha512":"ae6956e4640909e6186e53a223a9b897c16190ef91601521f9207accb33f3408fe6e8708aab120f63462a4d89619b52e9f0f9eac879b1b96dc627114598f5aa3","ssdeep":"","tlshash":"a431a44c2946eab287015987882f1f04f81d2b087036f1649ba0c561bab09ed807eb3e","first_seen":"2026-03-28T16:05:39.464196Z","last_seen":"2026-03-30T02:15:03.222285Z","times_seen":8,"resource_available":true,"data":null}},"time_used":43,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":43,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69967ba6a3b/js/twk-chunk-6289ff8e.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"172.66.161.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:06.925Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 06 Mar 2026 09:33:33 GMT","end":"Thu, 04 Jun 2026 10:33:27 GMT"},"fingerprint":{"sha1":"F0:6C:DC:32:63:CD:34:E3:15:CD:7F:77:F5:A3:64:E0:9B:36:95:83","sha256":"B6:7F:6E:A3:69:3E:0D:3B:04:3E:8B:65:86:7E:1D:5F:82:84:18:16:8D:AD:72:D5:51:E3:46:BC:BD:CD:BC:38"}}},"request":{"raw":"GET /_s/v4/app/69967ba6a3b/js/twk-chunk-6289ff8e.js HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 30 Mar 2026 00:18:06 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 19 Feb 2026 02:56:35 GMT\r\netag: \"79b4aa69d45c4b43f0b31fd971b1bbdd\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\nage: 1530168\r\nvary: accept-encoding\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nx-content-type-options: nosniff\r\ncf-ray: 9e42ef69380c8be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":106023,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"79b4aa69d45c4b43f0b31fd971b1bbdd","sha1":"77122463966366aaa969b55f404af7903b9d8f86","sha256":"34b9a3ffbb7a87b04fe51abdb665588b82d1e5fba4cad27b6d6518228d20c2b5","sha512":"6bc666c4e89838ba9d62ccba15b642154cb69eb86ac22585e64e11eb0bca2ebc710c3c5cf8993a99aa85035e1ae44d566601f6b7649e7d92fa3d72a2f53f252f","ssdeep":"1536:BigMTWFu196wufn32jGDdgaOFUWbaGlDluK1MFY7dZPkx3u4V5pfYMrlSf:4nmuTilGhmPx3u4V5pPrlSf","tlshash":"36a3096ef091b47d8993d26120af3212f3363d55a919d0a8f234cdf859d89c9a127f3e","first_seen":"2026-02-19T03:13:10.618029Z","last_seen":"2026-04-15T01:21:42.737131Z","times_seen":8426,"resource_available":true,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/index-DnlcLyxn.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:07.106Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/index-DnlcLyxn.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gallabet1066.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:07 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"26774-7Qf3Ofvizmoq97Objw6U9xD0qS0\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":157556,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"11f328f79eabc9a081454a4b6686ade3","sha1":"ed07f739fbe2ce6a2af7b39b8f0e94f710f4a92d","sha256":"3c4be5a5ce6a35ef80d0c50e62d17f7b3f8b9fd6bcad633e674d59c7171a4d8b","sha512":"edae2ca5ae3917f42f6560d574795d1a571f5eb2bb3f28e36ac5ff5fc7463295cc032749e623954d42057d936474b91a2539873922e8760294e12adae834cf6a","ssdeep":"3072:mBwaIFmmU4Hxsu9jbgkqJFHSWotoOwhWBx9/F1FV:owhFHU4HNwFH7MoOWexZFHV","tlshash":"74f34ce063b4e17db603836e97e605e0e21cb444f729c0f4b6ed87f540c3599deaa629","first_seen":"2026-03-28T16:05:39.489438Z","last_seen":"2026-03-30T02:15:03.212531Z","times_seen":8,"resource_available":true,"data":null}},"time_used":62,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":62,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1063.com/svg/VirtualBetting1.json","fqdn":"icons.galabet1063.com","domain":"galabet1063.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:07.349Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1063.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:15:23 GMT","end":"Sun, 24 May 2026 11:15:19 GMT"},"fingerprint":{"sha1":"C4:6E:C1:0C:2A:88:F4:C7:0A:FC:21:E6:85:92:C0:68:80:2C:FB:17","sha256":"91:A1:28:71:34:B4:38:04:7E:56:1B:F2:5E:81:57:F5:65:0C:43:12:65:B7:83:86:E2:32:BC:61:62:00:6E:8C"}}},"request":{"raw":"GET /svg/VirtualBetting1.json HTTP/1.1\r\nHost: icons.galabet1063.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://gallabet1066.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 30 Mar 2026 00:18:07 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nlast-modified: Mon, 30 Jun 2025 11:12:04 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=UBto5ck8Facnkum84t2iN2Mv45lSmQI2w25qO1bwuoY-1774829887.3747742-1.0.1.1-DkX8M9VVq_RDikh3tX11YSkSJYlf3p6mQrV4EwpOs617oWOnJJ6CcAln7Aaof4t4fLo7vk2oEJ8WOPLsNhj47NnYHrRBvSO_KhzL.gZnibTyH3RUBf.BhilUXKAJMlwn; HttpOnly; Secure; Path=/; Domain=galabet1063.com; Expires=Mon, 30 Mar 2026 00:48:07 GMT\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7HaiDhpE2mHsp7ho6e11e1HEuA73WDeRvOgyF%2FEZLy2nCmpyszBesjfD4gL70d%2FOE7sG3sSbEiw2QZRHCuBuh%2Bs1UPAj98YrEBswM5Ft13txTlGqrhH3PZ0GGs1tHu5OIrRi9zyYM9k%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\netag: W/\"68627104-320\"\r\ncontent-encoding: br\r\ncf-ray: 9e42ef6c1b58b509-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":800,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"d36eb3cba0196446e5ecd1a41eb6a1f1","sha1":"d6f113e0850fe1dcd80528c0efe40b1b9b0e38ba","sha256":"9e07f25c6032cecf5b0bb0c9fd6411af2930a1fa4be994a7c9125a9047e3db3a","sha512":"6eb0be89ad9c5f90473a271a751901c458c9dcabe6116b8fcdd95d97ed741328571fc081f4652f41f81a6a23eb7ff9e89e290b39af1799fe5d75b96ea78743b7","ssdeep":"","tlshash":"9201f1edd57025f0c4882befa76905652bff443b0552bb28ceaa0d0c3fc796d9210422","first_seen":"2025-07-08T10:50:27.844023Z","last_seen":"2026-06-08T11:36:24.236085Z","times_seen":1570,"resource_available":false,"data":null}},"time_used":107,"timings":{"blocked":24,"dns":0,"connect":0,"send":0,"wait":83,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/DisabledMarketEvent.BUY5t_rR.css","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.082Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/DisabledMarketEvent.BUY5t_rR.css HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/tr/\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"2c4-BlCcUkj/wUUFtw/bsj+lE5hutQw\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":708,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (707)","md5":"c0742f5af30b5e1ab1e9e3184a8d4adb","sha1":"06509c5248ffc14505b70fdbb23fa513986eb50c","sha256":"4b6712623061506cf21b8296602cd61def3d0a81b5cee16bd0d245e7275715df","sha512":"7050ab375c9e4b209bda0bd7ce449e76da69f00d56d7a9504a52eef1e36fabfb8b36f9f560d810edb4522247e15d17cf736e929f40503802df2035007d1494ab","ssdeep":"","tlshash":"4701d4c4f98a25344c3a9d0c9abc8fee560a93705ca15d33789a113a4bce08a4a20d26","first_seen":"2026-01-18T14:34:50.585531Z","last_seen":"2026-06-08T11:36:24.478587Z","times_seen":490,"resource_available":false,"data":null}},"time_used":44,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":44,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/UnavailableMarketEvent-BMKM2D6W.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.098Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/UnavailableMarketEvent-BMKM2D6W.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gallabet1066.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"134-fkWnA5i2F5xtaOdS0avwKbGfQ4o\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":308,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (307)","md5":"1ab1e90471648eb242de708c80b8509f","sha1":"7e45a70398b6179c6d68e752d1abf029b19f438a","sha256":"5a2c30ba1fc70dcd7ca3229292fa56415823049898937e7a0f97286274a5fbe3","sha512":"55278ca78d7127c0bbba0dea56f6086edf8dc8a322ea71626df14cb930153417ae9247d0b24c8a2b3ae64be708093559d8e8e45f5675f4fe54e55cf863766f85","ssdeep":"","tlshash":"2fe07d096004bbf6d02518ccce3e4b4d60120ba4c7aa45c3d1b910281f34226360eaab","first_seen":"2026-03-28T16:05:39.509382Z","last_seen":"2026-03-30T02:15:03.17423Z","times_seen":8,"resource_available":true,"data":null}},"time_used":41,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":41,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/translations/tur.json?v=1774830000000","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:06.699Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /translations/tur.json?v=1774830000000 HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nCookie: TawkConnectionTime=1774829886481; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:06 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\netag: W/\"30ccf-LvRNjVOfZO5V076gkANU2ppbQdQ\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":199887,"size_decoded":0,"mime_type":"application/json","magic":"Unicode text, UTF-8 text, with very long lines (63253), with no line terminators","md5":"5c31558bad649a75940dc42df5c5bd78","sha1":"0f376734ae0eb11f832beb6d8800f46ec14175b2","sha256":"ff37927224d6492b858a8fb5775432a8ff488811898bcc452e326b722ea2efc0","sha512":"1f6f047e92fa43ae315551c1efc99f1f3f8e3c683a1d31f8f3ff0ca58950ae6afe7c12a1bf18dd1cdbe0cd71e2bf94df293e9e0f38df61105e07b529b7d36463","ssdeep":"6144:vu+a3k6PQoW83TX+oTo2MuwOcOwqHECKqdpVyKjscd/:G+Ak6I0DTwObw4ECvdpp/","tlshash":"63144c05686e3cfd976207ce74de9e66b0fa0283d150e426ed9dd63a138c767d22b90c","first_seen":"2026-03-30T00:19:06.785658Z","last_seen":"2026-03-30T00:19:06.785658Z","times_seen":1,"resource_available":false,"data":null}},"time_used":25,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":25,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/index.es-Bpw37RR6.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:07.073Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/index.es-Bpw37RR6.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gallabet1066.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:07 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"48144-+MSnfUK6dpESkBk4lbSjYn+7KnY\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":295236,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (49514)","md5":"9df61dc2ccde4dfd054c6b9af8c5e06d","sha1":"f8c4a77d42ba76911290193895b4a3627fbb2a76","sha256":"6827f8b04575955fc94d485b80aeff36fbe2160547ae41fd21390865ccf765ce","sha512":"4c13e2d817e98a74e9a5f3cdbb9fccbea1f35c06875c21e9a62a88c38c49e536fd3711c469b0beed5650b5de129a145e12b76ec19f88d69244cbc4aafcc4eddc","ssdeep":"3072:FzCw7+KZdQZv/7VXKAMJtSu7vYK9u6INz8P1jXJphlzfl8FnN1Nd6UVh:Fz77jdU/7sJJMcvYisoljSFN1Nd6UVh","tlshash":"a054fa8472a7f47543d665a8943b1542f23a5c64700c902cf6acfceebdac4499a3bf78","first_seen":"2026-03-28T16:05:39.465335Z","last_seen":"2026-03-30T02:15:03.205249Z","times_seen":8,"resource_available":true,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/GoogleTagManagerTracking-RoemoByL.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:07.698Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/GoogleTagManagerTracking-RoemoByL.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gallabet1066.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:07 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"4e04-6+P//YxlnqNotoZ2/sr1SkKaE6o\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":19972,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (18674)","md5":"5fb25ba20ae4131564a868996f7359c5","sha1":"ebe3fffd8c659ea368b68676fecaf54a429a13aa","sha256":"31af8004759616dbecd6205c067386976eb69cfdb2e7a940139aad09210c183a","sha512":"e0913be626432beecdfc4dca91d3dca5ce080663bb64fb8a8346dd2c20974371a7fcece00643a3b2e31a6aec55c09dab66223bdb66cdabc4151f35ea26f47673","ssdeep":"384:IUQbKxoHovyaM6xGBYgoxNuN15pK75Q4Fr1xQkbRgywBJsJF+Fa/BmhsRboAki7O:IUIKxoHsYyNuN1zgviimywfkMF2mhQo/","tlshash":"d692a8cbf96508a0a6bc1fe81b93424738f1ba5ef49144747c6e7c0c223cd0ef2a5969","first_seen":"2026-03-28T16:05:39.4776Z","last_seen":"2026-03-30T02:15:03.175461Z","times_seen":8,"resource_available":true,"data":null}},"time_used":45,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":45,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/LiveChatInc-BKOBRr3D.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:07.716Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/LiveChatInc-BKOBRr3D.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gallabet1066.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:07 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"b68-mHawEjW/j0drh3nSIpQtc+ENbfA\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2920,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (2919)","md5":"b756d4d1f92e579f1317bf579d849632","sha1":"9876b01235bf8f476b8779d222942d73e10d6df0","sha256":"2509fd9b431b75989acc83f49124dddde3690706feb30f2d747f446832919e1b","sha512":"9ab55631d639d1e6304b524665aa04838e15174e3accb35d92a4273327cfc92e158e97c3e0562338280fa52de60b3cc69c64616caec229e811057bf695bf7387","ssdeep":"","tlshash":"b25133eec43cb4b092ae67d1323f7b5f711a571a94008d31656c4b1af62e4cbc463aca","first_seen":"2026-03-28T16:05:39.498935Z","last_seen":"2026-03-30T02:15:03.209908Z","times_seen":8,"resource_available":true,"data":null}},"time_used":46,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":46,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/FeaturedGames.BqGfbibX.css","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.083Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/FeaturedGames.BqGfbibX.css HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/tr/\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"1baa-UnbJe3DzrIMb4Ue9nTGE64Uyotw\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":7082,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (7081)","md5":"b9d344659eda7f84d59b2ca785922590","sha1":"5276c97b70f3ac831be147bd9d3184eb8532a2dc","sha256":"e89b502316316e94643e2b764cf5688400f9359a0dce35ddb32f4d1b6025e20c","sha512":"56e9d6058b85b8fd878993b2ee6e6ed7f5acfe624e013631471f889e36f34543c3ec77987f452bd46ec2e5c5d93266f4e01a5f80662867760c46463fe4c7235d","ssdeep":"192:TYFnOFceEDvCElpcFpgZFcV3r90CCkPaifKLwp2xA:sFnOFceGrcFp+FcVRWg","tlshash":"cee13115710e3a387a23a1ff26905b8ef4dac0f1de2a2d3ea490272bcad63560535d58","first_seen":"2026-01-23T19:25:36.430155Z","last_seen":"2026-06-08T11:36:24.439872Z","times_seen":535,"resource_available":false,"data":null}},"time_used":44,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":44,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"explorer-api.walletconnect.com/w3m/v1/getWalletImage/a38db32b-8291-4d25-9aae-4bf4b6e6f300?projectId=45f4062f4f6427f9e6eab952d2452b3c\u0026sdkType=w3m\u0026sdkVersion=js-2.7.1","fqdn":"explorer-api.walletconnect.com","domain":"walletconnect.com","tld":"com"},"ip":{"addr":"104.20.35.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.760Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"walletconnect.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 05 Feb 2026 12:00:46 GMT","end":"Wed, 06 May 2026 13:00:31 GMT"},"fingerprint":{"sha1":"0B:75:F6:C4:1F:5C:D6:FA:A0:CD:3E:89:69:B2:43:70:98:34:EB:71","sha256":"A7:6F:DB:DB:DF:40:40:BC:E0:FA:21:6A:0A:3B:17:05:37:B7:17:6E:6E:BC:B2:89:3D:F4:E2:7C:EB:48:E6:5E"}}},"request":{"raw":"GET /w3m/v1/getWalletImage/a38db32b-8291-4d25-9aae-4bf4b6e6f300?projectId=45f4062f4f6427f9e6eab952d2452b3c\u0026sdkType=w3m\u0026sdkVersion=js-2.7.1 HTTP/1.1\r\nHost: explorer-api.walletconnect.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://gallabet1066.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: image/webp\r\ncontent-length: 2444\r\ncf-ray: 9e42ef74ab765ebd-OSL\r\ncf-cache-status: HIT\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 81\r\ncache-control: public, max-age=31536000, s-maxage=86400\r\netag: \"cfEskOIKWizVhJrvVnrMlrV9p-fmDcyauXnchu_YTSDQ\"\r\nserver: cloudflare\r\nvary: Accept\r\nx-wc-r2-status: HIT\r\ncf-images: internal=ok/- q=0 n=19+0 c=6+17 v=2023.9.8 l=2444\r\ncontent-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'\r\nx-content-type-options: nosniff\r\nx-robots-tag: noindex\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2444,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 120x120, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"4b44902a539b26f42ca501a8fc2eca9a","sha1":"c9156f826c8af47c13c4e95a4953987d2c34a74f","sha256":"e1473cf463a4e737486548692bef2ff33e1435ccb7b1d4d9e4428371b57a2666","sha512":"2dd9d9716c420f8d993a738149c8ed8a18bb8ee2034cadb05c3743cbab9ecb9eaabfa064be34e53fad571e80eeebdf7292cb9811a369dd67d51da327fd80fef2","ssdeep":"","tlshash":"db513db78f5778c0ec5c0e4b60017a48e401be0053f0e18caab51dd2069c629d371a8b","first_seen":"2024-06-21T17:22:35Z","last_seen":"2026-06-06T21:30:11.65097Z","times_seen":1640,"resource_available":false,"data":null}},"time_used":35,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":34,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/TabItem-BG99olJy.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.770Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/TabItem-BG99olJy.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/assets/FavoriteGamesContent-CiuAoX4I.js\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"19d-IGa+UpS0kZ+4k6DQji4Id/SSBNI\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":413,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (412)","md5":"e3376ee9a88dd7571d01ed83a52b1575","sha1":"2066be5294b4919fb893a0d08e2e0877f49204d2","sha256":"a18382c584c849316565066c6d9c15135cbd26c13d422af3efd32bd1547682c8","sha512":"d177f55d9d5724b20d061bf15994345f058b742a78c7ca5ec65c8e7ed4a4ab3abfd78d16dd663bbe7431765dd637bd30ef57bbffd4979d78c8c1b80ffa90d260","ssdeep":"","tlshash":"03e02b42a020f3f5982b44d6d26e94c732260ddcda5688e6f0a22050072e521f74ff8e","first_seen":"2026-03-28T16:05:39.471795Z","last_seen":"2026-03-30T02:15:03.16973Z","times_seen":8,"resource_available":true,"data":null}},"time_used":33,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/header.json?v=03/24/2026-16:50","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:07.314Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /header.json?v=03/24/2026-16:50 HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/tr/\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:07 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\netag: W/\"e1-o5bX8SfuIDtHHxp+UHGEMY50Fj0\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":225,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"4fbc119c5c8514e3587fdfa01f205866","sha1":"a396d7f127ee203b471f1a7e507184318e74163d","sha256":"10279aa2fbd66a0c0140d4b4cf9a39b0c9bd14b18bb35f1bd6eb26eab355b9d9","sha512":"9eef97111b2474b705b496860ecd29c7c591ddcb79887d755e5ea7bcf2d578a68bbecdc54ce4f11954f679ff2b8b5cf060da8cd4287a78a1fc3a92fdfc6125b7","ssdeep":"","tlshash":"cdd0a73aec10da7073a0c413c18067801140e514d644485c9cddea5a93dd7891180b67","first_seen":"2025-12-24T22:39:16.192168Z","last_seen":"2026-06-03T04:20:31.884146Z","times_seen":75,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/InformativeWidget-BeeJfdic.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.077Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/InformativeWidget-BeeJfdic.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gallabet1066.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"43f-RnZJF+R3GScu3NHDh4txIiKpdwQ\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":1087,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (1086)","md5":"cc3bb3dc26cc413e8130530cd33f1977","sha1":"46764917e47719272edcd1c3878b712222a97704","sha256":"700ac463afa61d312192241e608e724ca8b1378064d91ea45125dfefe02ce965","sha512":"19cc0aba25a81433479e695d99f206516d25750b2caa871d562b1bb00cb854b3d47bdb7519e503fd406be62321bc8d237202739db9e1e45ece7909db85698509","ssdeep":"","tlshash":"bb117986f590d6bdb0350dc44217909579312ed4cf39d4edd8b13004a87450bb6db7bc","first_seen":"2026-03-28T16:05:39.574196Z","last_seen":"2026-03-30T02:15:03.13277Z","times_seen":8,"resource_available":true,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/CasinoGame-ttw0yr5X.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.495Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/CasinoGame-ttw0yr5X.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/assets/AiPromotedGamesWidget-Cb_R6mvW.js\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"16ee-K3ImLahwIdbHOrAoYXizPXrTm4I\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":5870,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (5595)","md5":"89bd8d536c7bd7bb8a6e3bc68e410f81","sha1":"2b72262da87021d6c73ab0286178b33d7ad39b82","sha256":"1fc3bdb84baa35b6847cdbda7954fc6b75a10840a339c14d9e50c655d105e422","sha512":"5bb883e7ddcf0609312bb04df9ce21fdc40850324eb07d3fb041e351ec9c7bbe3b9f4635109f84f387f627f2e5ea68604694aefea2f65662ca62886fc4a277fb","ssdeep":"96:j/1bqI2i+M36ZhR+hoEYxF+OZZ9LWQiN8M+xn5Z9gvWwBVlLVdNRK:zNqIF340T9eKQiN8FxnBcLVdNRK","tlshash":"fac1a549e024ebbdb83a48d9986f102574192fe1de198075f47da839313c11db227bde","first_seen":"2026-03-28T16:05:39.587003Z","last_seen":"2026-03-30T02:15:03.187727Z","times_seen":8,"resource_available":true,"data":null}},"time_used":31,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":31,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/index.6hr6LgI6.css","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.542Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/index.6hr6LgI6.css HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/tr/\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"4e4-6s/qza/fhzjzJcukzZNSutKCmk0\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":1252,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1251)","md5":"d03ad7d634db584e4aed770123954f9b","sha1":"eacfeacdafdf8738f325cba4cd9352bad2829a4d","sha256":"7dc01c1d9e89862143b3c4cc81a2255e63cdb8412bf7421061819919fc2c6bf5","sha512":"e4641ddc5f100aec535f0f87f4b4cf617ff4fe450de4ed993b3681bec62023646689f9f12edc7b03c4dbf21e0b98081e4e8dd5b0b0a13970fd25946f953bde37","ssdeep":"","tlshash":"f0218ad7190b14feba73a6bf454346ebe5238c5bce63114ab6c21729c4827a2422245c","first_seen":"2025-10-29T09:08:38.623149Z","last_seen":"2026-06-08T11:36:24.390416Z","times_seen":1241,"resource_available":false,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1063.com/storage/medias/galabet10/content_751_f00ad00088322c3724f224ea083d15cc.webp","fqdn":"icons.galabet1063.com","domain":"galabet1063.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.977Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1063.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:15:23 GMT","end":"Sun, 24 May 2026 11:15:19 GMT"},"fingerprint":{"sha1":"C4:6E:C1:0C:2A:88:F4:C7:0A:FC:21:E6:85:92:C0:68:80:2C:FB:17","sha256":"91:A1:28:71:34:B4:38:04:7E:56:1B:F2:5E:81:57:F5:65:0C:43:12:65:B7:83:86:E2:32:BC:61:62:00:6E:8C"}}},"request":{"raw":"GET /storage/medias/galabet10/content_751_f00ad00088322c3724f224ea083d15cc.webp HTTP/1.1\r\nHost: icons.galabet1063.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 30 Mar 2026 00:18:09 GMT\r\ncontent-type: image/webp\r\ncontent-length: 24390\r\nserver: cloudflare\r\nlast-modified: Mon, 15 Dec 2025 14:03:09 GMT\r\npriority: u=4,i=?0\r\netag: \"6940151d-5f46\"\r\nexpires: Sat, 04 Apr 2026 16:12:10 GMT\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\naccept-ranges: bytes\r\nage: 115558\r\ncf-cache-status: HIT\r\nset-cookie: __cf_bm=pYQXUMelR4.SbbLWXcZVooGJ5C2x7wyoIMIQQH6Ootg-1774829889.0866904-1.0.1.1-532rJdXbp5edNfoEchew9jT406tImciysR_gqBXcQVTfBC2QiXKnNr6CbYa97ivl3IKSYH4FBxVN2L7HBiMQoN.rD4OmD_hCVAkkuDyBZ6RJwNlicvh9sDFCMt546BHx; HttpOnly; Secure; Path=/; Domain=galabet1063.com; Expires=Mon, 30 Mar 2026 00:48:09 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=tku%2F8hqa%2BlhaWAug6Q7VuDrw8DgUKVhO82FvcUQIrgU4V8bReM1Le3ScupnalE1w6sm2wvUytSxdi7ZieMzDNVprrFFIACms%2BE%2BjQksRWWAMQKO4gIXqZhqPPXjDg6ii48PkXJql5%2Fo%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e42ef76ca415687-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":24390,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"10a343e21bbc8dd82b9a351018ae46fe","sha1":"ea31b5994a6dbc5e2c49d5f6eeaeb1c6b16df3f4","sha256":"08550d26480f3f6cf58fb6b50ba9c247d35c1eba70b6f2ca467abec7c84a19e8","sha512":"7c2cd2364f94f5a82d27ea07f251eabd2b42a03d1e2ddcb671abb80b897803941c05d8d3e2910c5fcc9844d5fb0e608c6b2063f1bf7c932bcd501efc709f5921","ssdeep":"384:lKjKORGzizM3XqK4PhCDkQcL5F0cqx1/v+zgxjfTE/a7PPY+xbyWBuPcCgfLdC:lQ1GzQM39QEkPF0cSN2zWjfTIfKjBe5x","tlshash":"5eb2e089da8861645c84f4483f4e24d7bb7816dcebaf083e978d0ee835c99b577b610c","first_seen":"2025-12-24T22:39:16.06566Z","last_seen":"2026-05-14T23:49:57.36494Z","times_seen":59,"resource_available":false,"data":null}},"time_used":160,"timings":{"blocked":107,"dns":0,"connect":0,"send":0,"wait":28,"receive":25,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.recaptcha.net/recaptcha/api.js?render=6LcKXcgUAAAAABnErUWDwYMpRiWUfgDhsWTkyPIJ","fqdn":"www.recaptcha.net","domain":"recaptcha.net","tld":"net"},"ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:13.451Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"misc.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 09 Mar 2026 08:36:54 GMT","end":"Mon, 01 Jun 2026 08:36:53 GMT"},"fingerprint":{"sha1":"5C:63:31:39:A7:BF:00:B2:81:36:9A:4F:63:5D:AC:4E:FF:2B:F2:1E","sha256":"56:0A:B3:57:A9:15:3D:4B:A1:0A:00:8E:9C:83:79:4F:39:31:72:70:02:A3:EF:08:4C:94:7D:30:6F:B3:3E:01"}}},"request":{"raw":"GET /recaptcha/api.js?render=6LcKXcgUAAAAABnErUWDwYMpRiWUfgDhsWTkyPIJ HTTP/1.1\r\nHost: www.recaptcha.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/javascript; charset=utf-8\r\nexpires: Mon, 30 Mar 2026 00:18:13 GMT\r\ndate: Mon, 30 Mar 2026 00:18:13 GMT\r\ncache-control: private, max-age=300\r\ncross-origin-resource-policy: cross-origin\r\nreport-to: {\"group\":\"coop_38fac9d5b82543fc4729580d18ff2d3d\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d\"}]}\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"coop_38fac9d5b82543fc4729580d18ff2d3d\"\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1013,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (1013), with no line terminators","md5":"0a08a33a7d5da8ec425b814535fabcc2","sha1":"c5f1b387efe0bcbbb546a4c6089817b817a8012a","sha256":"7399aad1937c164a29c9e2b1b9aaf60b5ad4ba920cd9707860484cf84c080bf1","sha512":"558ecc819d0a227000423e8aa04bf91b0f028f0c6261d6b07a6957d71e4bffe2567260a613a0106994cc8d6628a76932e78a2b9e8f1d44bc57664e4885c6eef5","ssdeep":"","tlshash":"631132b21a29a0390f320de1e1ffdbb5e442701cf15889d8a515ded42ebecc7ce04945","first_seen":"2026-03-28T16:05:39.623964Z","last_seen":"2026-03-30T02:15:03.202592Z","times_seen":8,"resource_available":true,"data":null}},"time_used":311,"timings":{"blocked":132,"dns":1,"connect":27,"send":0,"wait":47,"receive":0,"ssl":100},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/__statistics-proxy/images/e/s/0/247.png","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:14.319Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /__statistics-proxy/images/e/s/0/247.png HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/tr/\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D; _ga_2CT6DSEQTF=GS2.1.s1774829891$o1$g1$t1774829891$j60$l0$h0; _ga=GA1.1.1980892810.1774829891; ajs_anonymous_id=8a3528ef-ecae-4d6a-918e-6b61b4f3e7d5\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:15 GMT\r\ncontent-type: image/png\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":785,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced","md5":"e9b7da3c5168ccdfadd7f328b7257a04","sha1":"600429eb57a5a60fc952ab916477aec245bde74e","sha256":"b162f434541afdb3c9ff322a56ea6e40b0e8dfd9b43f8098dce54062e4af1f8f","sha512":"76a7c5cfd10e5fd926a38b5a7c63ebf4ace537f7f10a8fc564b8169b69e651e6c0ed249b3af376ad90c24e24d23e7adc9b91bff2b8d1f7d00cf084b6c55944d5","ssdeep":"","tlshash":"16017518d903687e454af068d5f34093b06b2680749a7c9aadf9c0acaa140d0e2d4a64","first_seen":"2024-08-19T20:31:49.092346Z","last_seen":"2026-06-04T16:23:58.105566Z","times_seen":116,"resource_available":false,"data":null}},"time_used":734,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":734,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"explorer-api.walletconnect.com/w3m/v1/getWalletImage/3d7eb880-7654-431f-ed84-a25712b45200?projectId=45f4062f4f6427f9e6eab952d2452b3c\u0026sdkType=w3m\u0026sdkVersion=js-2.7.1","fqdn":"explorer-api.walletconnect.com","domain":"walletconnect.com","tld":"com"},"ip":{"addr":"104.20.35.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.764Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"walletconnect.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 05 Feb 2026 12:00:46 GMT","end":"Wed, 06 May 2026 13:00:31 GMT"},"fingerprint":{"sha1":"0B:75:F6:C4:1F:5C:D6:FA:A0:CD:3E:89:69:B2:43:70:98:34:EB:71","sha256":"A7:6F:DB:DB:DF:40:40:BC:E0:FA:21:6A:0A:3B:17:05:37:B7:17:6E:6E:BC:B2:89:3D:F4:E2:7C:EB:48:E6:5E"}}},"request":{"raw":"GET /w3m/v1/getWalletImage/3d7eb880-7654-431f-ed84-a25712b45200?projectId=45f4062f4f6427f9e6eab952d2452b3c\u0026sdkType=w3m\u0026sdkVersion=js-2.7.1 HTTP/1.1\r\nHost: explorer-api.walletconnect.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://gallabet1066.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: image/webp\r\ncontent-length: 2176\r\ncf-ray: 9e42ef74dbb25ebd-OSL\r\ncf-cache-status: HIT\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 81\r\ncache-control: public, max-age=31536000, s-maxage=86400\r\netag: \"cfepCHWB1qkSi-cNd1o8wsvD9BfmDcyauXnchu_YTSDQ\"\r\nserver: cloudflare\r\nvary: Accept\r\nx-wc-r2-status: HIT\r\ncf-images: internal=ok/- q=0 n=16+2 c=0+1 v=2025.8.5 l=2176 f=false c2=0\r\ncontent-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; img-src data:;\r\nx-content-type-options: nosniff\r\nx-robots-tag: noindex\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2176,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 120x120, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"7b91b6e5024dfdf6e8a4d61f0f74dd13","sha1":"1614f764ed7b516c7768fae0966abab152ac7d1b","sha256":"00e34844a07301274fc65fdbb65891aa95436b94c4c860d9edfcb96331c5487f","sha512":"c3948fdb40f0f4154fce632acb88cf9cf57ce39d2858e4934d8820c4d5729da238c569448b5bcb6d1780e37f005cb9f5ed60093005cfa451a92270c4c0034566","ssdeep":"","tlshash":"48413ab2c3378c72ce2cb5e3e9b2d5168b449a5a91859afc22413d33a4b145cc4b89e4","first_seen":"2025-01-28T05:59:32.007883Z","last_seen":"2026-06-08T19:46:24.703528Z","times_seen":2955,"resource_available":false,"data":null}},"time_used":47,"timings":{"blocked":11,"dns":0,"connect":0,"send":0,"wait":35,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/loader.png?v=1773142319","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:06.356Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /loader.png?v=1773142319 HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nCookie: TawkConnectionTime=1774829886282; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:06 GMT\r\ncontent-type: image/png\r\ncontent-length: 456\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"1c8-ia8wVKtM84nn6QXS7HVglYAWgM0\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":456,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 60 x 60, 8-bit gray+alpha, non-interlaced","md5":"ce13d4aab7656181924146d7eefb42a7","sha1":"89af3054ab4cf389e7e905d2ec756095801680cd","sha256":"393b5575ab9863a7702eb2a6bd7405f3118d0da53ff1a3257d1d7353a056a59c","sha512":"4153a0d45eb10ca02aa1bca3f3dc78529b3d1a23d582ab9f5831ba71b9a5de126253d469d28276160f1ed27de41049491125726144c40e17a5fe2c26a77406b2","ssdeep":"","tlshash":"14f023d69fe31ffaccc05a9a7437c3710c22824a829936149107009c645ad2f8dc4e1d","first_seen":"2025-12-24T22:39:16.322656Z","last_seen":"2026-06-03T04:20:31.988411Z","times_seen":59,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/menus/header_menu_751_tur.json","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:07.092Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /menus/header_menu_751_tur.json HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:07 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\netag: W/\"720a-9A5dLpIUNCarEr/I2UmaKC63dcI\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":29194,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"d766c55012dba1cc9204951524736c86","sha1":"36f4a469ed0063db857486b196932b92b133a597","sha256":"fd6122ecc1400f7ff54feda5882b9c2034e8daa1af1cb5b9db64b321e4446a48","sha512":"93c03479421424c6caa731f0f5b8bc400f60eff6a93f2f0e952ed0a6da3ee1b2f235cd86a9159ccc0198b93aed1d46f33e3770519153ef44cde536de72913e8d","ssdeep":"768:ESqDWDCfBFZuT9o4UrRcMDkJkKzaDCsEP2DFMB0ATF63aT6bkVcKbeSjj:/WVDYufkl","tlshash":"7bd27222e83a4c5393887a3068d50687975542c79da6bc053acc598d4fcfc5ec6fa3ee","first_seen":"2026-03-28T16:05:39.687943Z","last_seen":"2026-03-30T02:15:03.16488Z","times_seen":8,"resource_available":false,"data":null}},"time_used":65,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":65,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/ButtonWithAction-Bt3bVpTR.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:07.819Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/ButtonWithAction-Bt3bVpTR.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/assets/index-B4qfN096.js\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:07 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"10b-n9SH5XGXzfPxdhJVis12VnQv5Mw\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":267,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text","md5":"7006a69511abcd67d8bd4d8fcd8c5ee4","sha1":"9fd487e57197cdf3f17612558acd7656742fe4cc","sha256":"f9d6b3b2bf48775f8aca0fe5b06e1701518e6257d9bcf41a9cfa9fc708153c2a","sha512":"6faa14f50166468de40c9c94ad65e0ff29640421114bd6366528c52795306cb71b18efa0cd4a1d604bbf5a9b5db9435fb609e761afcbf218d5c07b3cc356004b","ssdeep":"","tlshash":"52d0958f1441d2f603c5aa90511b811239255d60e7948451c04815b03f35d5dc15e737","first_seen":"2026-03-28T16:05:39.486745Z","last_seen":"2026-03-30T02:15:03.121373Z","times_seen":8,"resource_available":true,"data":null}},"time_used":43,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":43,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/SmartMarketEvent-DYGb6D4W.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.098Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/SmartMarketEvent-DYGb6D4W.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gallabet1066.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"393-0vm/FSDlJB64WSQKg4+MGPdUz54\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":915,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (914)","md5":"9a0359779601302b3cc85b6a76bc78ef","sha1":"d2f9bf1520e5241eb859240a838f8c18f754cf9e","sha256":"abb6c03f0cf5385e809cdbc4991cdaf65ff7457d045f6d70593e95ac3b577e4b","sha512":"24bb729c19af36356788e935eb026bf89fc7132b9e962dd6d5928484f9632e9d789a8433176c8677e714bd073565c22fe50da288c99e334acf3309827791f293","ssdeep":"","tlshash":"5311e3d6d581323a0632c8bdd1109f42429c02d7cb210359e58b86f173ad4fda34de59","first_seen":"2026-03-28T16:05:39.528898Z","last_seen":"2026-03-30T02:15:03.167529Z","times_seen":8,"resource_available":true,"data":null}},"time_used":40,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":40,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/gameDataProcessing-D5qIumMX.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.512Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/gameDataProcessing-D5qIumMX.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/assets/FeaturedGames-DfIwIlXg.js\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"436a-Ekl59pd5p0CRsQ/5jlUehPF7QPY\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":17258,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (17257)","md5":"eb755f0c5aa5f4eec5a299d8ba09bfff","sha1":"124979f69779a74091b10ff98e551e84f17b40f6","sha256":"f7fa2ba43cf9df83777b3dcfb9479f5b276f866290d7e59bc423baf77be3e78b","sha512":"160bd3c6c8d004140373e06a4531eef8a800487da0ec8b1426d32bf01f7526bdc105e2931deea2cbcb47bbaca0ea8ce89f27f097d1c07f9740b344fbf20b7ef5","ssdeep":"384:8wphrrZxhxlVz12awqhvTXDsB4Pzenac0aw5K4A1nV:8CptXDe8QiAX1nV","tlshash":"8d72750b8a024c12c97e4639c0aa15f1b9781b32e8b8cdd51a655c7afb5fa5b31e173c","first_seen":"2026-03-28T16:05:39.564915Z","last_seen":"2026-03-30T02:15:03.146789Z","times_seen":8,"resource_available":true,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69967ba6a3b/js/twk-chunk-7941cc06.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"172.66.161.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:06.923Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 06 Mar 2026 09:33:33 GMT","end":"Thu, 04 Jun 2026 10:33:27 GMT"},"fingerprint":{"sha1":"F0:6C:DC:32:63:CD:34:E3:15:CD:7F:77:F5:A3:64:E0:9B:36:95:83","sha256":"B6:7F:6E:A3:69:3E:0D:3B:04:3E:8B:65:86:7E:1D:5F:82:84:18:16:8D:AD:72:D5:51:E3:46:BC:BD:CD:BC:38"}}},"request":{"raw":"GET /_s/v4/app/69967ba6a3b/js/twk-chunk-7941cc06.js HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 30 Mar 2026 00:18:06 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 19 Feb 2026 02:56:35 GMT\r\netag: W/\"09a6b2a4fc1400ec37c1115e6aa1670f\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\nage: 402826\r\nvary: accept-encoding\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nx-content-type-options: nosniff\r\ncf-ray: 9e42ef69380a8be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":53530,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (53411)","md5":"09a6b2a4fc1400ec37c1115e6aa1670f","sha1":"d703fbc76276de75b56fad5c189fb663146d116b","sha256":"59147272a66366aa00b1f3771a23f360ee90c3bcac88ad31f59d29562b2d3c28","sha512":"2af2fecb20cad761430bd295a3e8846ad7404f20c9610dc8e20010e4d941b9067a192e700a964b92fccd2289ae4a10eb0e2ae81db8323b49bc3c0543dfe0e457","ssdeep":"768:Vlxfu8+HYUmI+rTRWf2z+y+Um/+VRJWf/W+Hc1lt7Gj67IW8/JGvgLCBxf6stK43:xfurowf20UJWfO+Et7GZrC90k","tlshash":"a533c8c9b2d6f4258763632130af3006f27a4964a81dd155f334d9f6b9ece48a227f2d","first_seen":"2025-11-13T12:40:48.539817Z","last_seen":"2026-05-27T07:42:34.882187Z","times_seen":34008,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/index-DYyHkwV5.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:07.607Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/index-DYyHkwV5.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gallabet1066.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:07 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"173c-JOBlhdErmKxo6KYymKKE2/wMCpw\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":5948,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (3085)","md5":"3e83cea06fda45c90db6e4e35eb20af9","sha1":"24e06585d12b98ac68e8a63298a284dbfc0c0a9c","sha256":"400c23c5ceee90af147ddfd42b46d0ffee514aa71fc98c4812de54dd376d5863","sha512":"069c52fc64e764eb382c5897264df04a30d57f2af3f3477f2fd73b9d87d01508bd541b2471f18288a967fc14f764396ab196ce72b5597695f6c12744e4a8b5f9","ssdeep":"96:91SCtCFV0h7FhpokS73sjlsv2InwLRiTvHUgAaQKFJ0FdWpA6u6PEDdxrOq+IHWE:E0ljijHvN0FdIuSEDdxP+Vj8Eu","tlshash":"c9c1a65631907534c6d204a6914f42aeee3e7638f00f50a0b23f9c6d3ba1515caa3ebe","first_seen":"2026-03-28T16:05:39.536639Z","last_seen":"2026-03-30T02:15:03.173183Z","times_seen":8,"resource_available":true,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/getLiveGameAdditionalInfo-X6I7keVs.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.514Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/getLiveGameAdditionalInfo-X6I7keVs.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/assets/FeaturedGames-DfIwIlXg.js\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"47e-yn0YGux+JL+IBxYo44pZN1Wb1J4\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1150,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, Unicode text, UTF-8 text, with very long lines (1148)","md5":"1fe279b3908651bd999d78e09f81fa92","sha1":"ca7d181aec7e24bf88071628e38a5937559bd49e","sha256":"1c5e1bafe5d307297e9378e140676f593441bdbc68d4dc48db0b90652cf1cb8b","sha512":"0797f7005dccb782502173de5777b13fca3fcaa66332f418bd392a931dde6bd3e26ab1ce243ec3317948e54c52c36c1453636b2f0e514450a58640148b416ae1","ssdeep":"","tlshash":"332114b6606e93bba5c9499456b01b31a2b5ba05380445ccbb3cca191877884a7e2039","first_seen":"2026-03-28T16:05:39.642086Z","last_seen":"2026-03-30T02:15:03.125629Z","times_seen":8,"resource_available":true,"data":null}},"time_used":32,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":32,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1063.com/content/images/casino/icon3/164ad8f5eb7d9e506f4fb19575dabfc2_casinoGameIcon3.gif","fqdn":"icons.galabet1063.com","domain":"galabet1063.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.519Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1063.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:15:23 GMT","end":"Sun, 24 May 2026 11:15:19 GMT"},"fingerprint":{"sha1":"C4:6E:C1:0C:2A:88:F4:C7:0A:FC:21:E6:85:92:C0:68:80:2C:FB:17","sha256":"91:A1:28:71:34:B4:38:04:7E:56:1B:F2:5E:81:57:F5:65:0C:43:12:65:B7:83:86:E2:32:BC:61:62:00:6E:8C"}}},"request":{"raw":"GET /content/images/casino/icon3/164ad8f5eb7d9e506f4fb19575dabfc2_casinoGameIcon3.gif HTTP/1.1\r\nHost: icons.galabet1063.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: image/gif\r\ncontent-length: 2448055\r\nserver: cloudflare\r\nlast-modified: Thu, 13 Apr 2023 14:04:22 GMT\r\npriority: u=4,i=?0\r\netag: \"64380be6-255ab7\"\r\nexpires: Mon, 06 Apr 2026 00:18:08 GMT\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nset-cookie: __cf_bm=VszFPL4ny4ck6G3nW4TEmgS.ZF95E68BbE5To8P5sc4-1774829888.4945595-1.0.1.1-0LLY_.DzZm6Ad0MMuKOBzPeb2ViBbX.QjYJNBhODKkJK1DI2thlTrnPXd_5uX57qlZ2joUvmJGUqBQiQz17sQeR.pX3xdmaXtJOmGKaPWhid7hlGkwQVvyb7xmVaC.Wx; HttpOnly; Secure; Path=/; Domain=galabet1063.com; Expires=Mon, 30 Mar 2026 00:48:08 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5CHMoxz%2B1U2acCXW4BbGdHDTOqfqIYb223VkDlzhSIHefSa8ROQlRGr7o3lO7Cp7b8J6aECaaOMCYTBspcaaO%2BtP2jwfU%2FsmUlYIq%2BFgHP4bj2s2Sc%2Fk%2FIiweebtGS1yFZVSBSVe3mw%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e42ef7318a65687-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":2448055,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 440 x 310","md5":"84620e71035d1ac7a8b9a1f43bf60071","sha1":"047b4233e87e5cb2800e460e78c6e1662c970267","sha256":"e2ee766643a69bbb03ce8659171cbb6b7006b5a7dfd2d6a81c587d126a54ce55","sha512":"0f1a9c8402b8cbb386a1e92ffc41d0895029a317e18a0735cfc775fdf5a524db6dd461f7cca11bde5dc051941832d677ed2a73d8c977fe82b38451d59cf65074","ssdeep":"24576:yrzDgR6oyBYBNr8GcNBqYQMRyUhKa2ZCwmJ6TXu50YEE3rHBRlhN/:koQnBUxCbB3iCwm8Y+EjphN/","tlshash":"172533f44255d6e39af8f042f142259b204eed79c3a0b69b3f98d104dcecde9681af19","first_seen":"2025-12-24T22:39:16.299133Z","last_seen":"2026-06-06T23:43:56.073254Z","times_seen":30,"resource_available":false,"data":null}},"time_used":545,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":82,"receive":463,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/FavoriteGamesContent-CiuAoX4I.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.545Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/FavoriteGamesContent-CiuAoX4I.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gallabet1066.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"ae1-xQmdx1+JqNMqNQ2+ER86QmnfWoM\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":2785,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (1707)","md5":"1c1fbe960c6af46770f31f974364c95a","sha1":"c5099dc75f89a8d32a350dbe111f3a4269df5a83","sha256":"2106b9535d3a8639be04578a9c8ebb498a3f07c848a834aacd58e411dddc981d","sha512":"97b1e193c606c567b7c99ca10a8600edd40d5314fd766e54ce54aae5486ef758b4fdd3290ed2ce58f10127c1bf9fcb3aab01c42b90a952b05cbb41d59a6cf75c","ssdeep":"","tlshash":"d751a50051415ff9bb8f9ed66e17d0a419b6074ca246c17da8785e3d341da007237ffa","first_seen":"2026-03-28T16:05:39.427402Z","last_seen":"2026-03-30T02:15:03.138643Z","times_seen":8,"resource_available":true,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/lodash-mq4f_UMN.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:05.357Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/lodash-mq4f_UMN.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/assets/index-B4qfN096.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:05 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"285a8-YqlzwbytGs6OflkUA4HDxYzmiEw\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":165288,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (35300)","md5":"f8720f0f29964a56710f60e77afd1621","sha1":"62a973c1bcad1ace8e7e59140381c3c58ce6884c","sha256":"e2edd84139ebd5db6d21a8b18f1235348ed9cf7c046c87f1aab29826cacf02f4","sha512":"9e98a629a56bb137444cb533005b46482afda1668df60a44ddee9a038a9af57677cbba38e2c6413a089ce14ed9459814b5c7705dd5ec25704c0e8be0bd23f3a9","ssdeep":"1536:Tit6Yc+cPLTG4Z/e1tR8LWqpx7E6GyT1SCeES3n1dPdy0D5zKKif78dqHQ3DKmLo:TAcqwWq6yT1EedNHYDKmRfKMa","tlshash":"76f3a0c835d7f4a183a7287440bf084ff23dad65a84cc550e1aae0dd7db89298277e6d","first_seen":"2026-03-28T16:05:39.430528Z","last_seen":"2026-03-30T02:15:03.204731Z","times_seen":8,"resource_available":true,"data":null}},"time_used":27,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":27,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/index-BW_ti3FS.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:06.950Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/index-BW_ti3FS.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/assets/WagmiConf-B3PbL1Lw.js\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:06 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"466b-S8d6sjkGo0aWBM+MuGyP8oVlgY0\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":18027,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (17806)","md5":"2dd75fcad69ad5f5c2f546ad21dbd00a","sha1":"4bc77ab23906a3469604cf8cb86c8ff28565818d","sha256":"51469018a1994e685c695564b1b189995059786ac932f9d3babf2fb06cc400df","sha512":"45c33a2ff69129346d028e14bc3e2bfdb757445cf03e60e3048501a6b007a4ee55aab58bb82c45bff5c5c17271afab127e4134abf856dfa8cbfda861f98a7298","ssdeep":"384:hkMci40qXFFnJImIjE3QEuAOY2E0/JqNPR3OUFxmZ1d33PdEkBcxJG:hkMci408FFnJrIjE3D/OY2E0xqpc1NK4","tlshash":"55820ad0e2b4f7a602e85adc80392074f2248c28343dd0f1b6b6edea74664cac56dd37","first_seen":"2026-03-28T16:05:39.578625Z","last_seen":"2026-03-30T02:15:03.22647Z","times_seen":8,"resource_available":true,"data":null}},"time_used":35,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":35,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/Odometer-CVaM43ag.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.087Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/Odometer-CVaM43ag.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gallabet1066.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"3d08-lFkApsI68G0Q7p7pezUyx9NGA74\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":15624,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (15623)","md5":"7ce0493e80abab5b502971adf63e2c5e","sha1":"945900a6c23af06d10ee9ee97b3532c7d34603be","sha256":"1f330e0f505666aeda740fec841089b5efb4cba906b2c8c6e5875e4a7bc7fb02","sha512":"ba03da5413f32a34f119078a3a4d1c30367cf37abb950fb8cbace215ac90ced02f7a8f939c5155cf02b5c92f099d8ca9650dfd09019b33d8f94f57e4d574e6d8","ssdeep":"192:Hd7+NJtQaM1S0KCL529Xskmkjm6H/I7kauLPH7BNeSYpkYxSBrC7TlFa4PFD:kVQaM19K0khm6m6H/LPyFtUhkNPZ","tlshash":"3d622a897922723443a3b2a055bb4609773f5d6a3809405db67caeda7e32c09d12bff1","first_seen":"2026-03-28T16:05:39.445042Z","last_seen":"2026-03-30T02:15:03.137514Z","times_seen":8,"resource_available":true,"data":null}},"time_used":42,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":42,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"wss","addr":"gallabet1066.com/__swarm/rgs-wss/jackpot","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.834Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /__swarm/rgs-wss/jackpot HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://gallabet1066.com\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: v2IBze1h6PHNOi2UPf0ejw==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 101 Switching Protocols\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Mon, 30 Mar 2026 00:18:09 GMT\r\nConnection: upgrade\r\nUpgrade: websocket\r\nSec-WebSocket-Accept: wh60xBKvZZUpRvDpDcqzwuI/msk=\r\n\r\n","headers":null,"cookies":null,"status_code":"101","status_text":"Switching Protocols","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T19:34:27.179619Z","times_seen":16247994,"resource_available":true,"data":null}},"time_used":826,"timings":{"blocked":8,"dns":7,"connect":180,"send":0,"wait":523,"receive":9,"ssl":86},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/index.es-Bpw37RR6.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:07.084Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/index.es-Bpw37RR6.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/assets/WagmiConf-B3PbL1Lw.js\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:07 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"48144-+MSnfUK6dpESkBk4lbSjYn+7KnY\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":295236,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (49514)","md5":"9df61dc2ccde4dfd054c6b9af8c5e06d","sha1":"f8c4a77d42ba76911290193895b4a3627fbb2a76","sha256":"6827f8b04575955fc94d485b80aeff36fbe2160547ae41fd21390865ccf765ce","sha512":"4c13e2d817e98a74e9a5f3cdbb9fccbea1f35c06875c21e9a62a88c38c49e536fd3711c469b0beed5650b5de129a145e12b76ec19f88d69244cbc4aafcc4eddc","ssdeep":"3072:FzCw7+KZdQZv/7VXKAMJtSu7vYK9u6INz8P1jXJphlzfl8FnN1Nd6UVh:Fz77jdU/7sJJMcvYisoljSFN1Nd6UVh","tlshash":"a054fa8472a7f47543d665a8943b1542f23a5c64700c902cf6acfceebdac4499a3bf78","first_seen":"2026-03-28T16:05:39.465335Z","last_seen":"2026-03-30T02:15:03.205249Z","times_seen":8,"resource_available":true,"data":null}},"time_used":56,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":56,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1063.com/svg/Sports.json","fqdn":"icons.galabet1063.com","domain":"galabet1063.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:07.330Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1063.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:15:23 GMT","end":"Sun, 24 May 2026 11:15:19 GMT"},"fingerprint":{"sha1":"C4:6E:C1:0C:2A:88:F4:C7:0A:FC:21:E6:85:92:C0:68:80:2C:FB:17","sha256":"91:A1:28:71:34:B4:38:04:7E:56:1B:F2:5E:81:57:F5:65:0C:43:12:65:B7:83:86:E2:32:BC:61:62:00:6E:8C"}}},"request":{"raw":"GET /svg/Sports.json HTTP/1.1\r\nHost: icons.galabet1063.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://gallabet1066.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 30 Mar 2026 00:18:07 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nlast-modified: Thu, 03 Jul 2025 10:12:55 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=HSRpMrMno4a8HCcZFkjeq_eBNVQuO1yOKUuOr8FNNG0-1774829887.3919907-1.0.1.1-pFFdx2kWfE4sHG7J1rRxQQ8xfvBchmUlk0tqECxK3srUXJDu3Mw.Ll27AfjRKlL3EBG4u3RchIJvOF7vSD1PUf4suQnBqOuWP24tpGPD2Pc2sWdZtRCZ.LcH01nkkGhe; HttpOnly; Secure; Path=/; Domain=galabet1063.com; Expires=Mon, 30 Mar 2026 00:48:07 GMT\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wcxCrcokrznMS%2BrA%2FkUoMn7wOrnABIb5cK%2FtiQ8ZdvQiOatyFgGP0XdziLlRGgZnTuxL8mR9AOtNS7zXWl0zJgnfcqqxWduUjwPgxHbtby8woNgidYLSrUOuOoHXCR6kjTDL8jw6mak%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\netag: W/\"686657a7-82e\"\r\ncontent-encoding: br\r\ncf-ray: 9e42ef6c3b6cb509-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":2094,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"e98bc5be7f5882a72abf78d11dda926a","sha1":"d835544d895a4817c210e575a6a99e08c1e2f095","sha256":"bc7880489b92bad21b9475577a93515e928dbc3fe62bf09e014e973e124ed223","sha512":"966b29438ae513d771a33e04b1f0566a70d205ee6698d6b2c7f1b00c7e263311652d392fc3f4251256866bbc2b0abf0dfa35698aaef8bc160847938a33a8a184","ssdeep":"","tlshash":"3d410018c3b983facc45823c5035a5b83a4e10ffa8a0f3b4996e95a47a420dc95cd6ed","first_seen":"2025-10-24T05:32:28.392126Z","last_seen":"2026-05-17T19:23:31.955994Z","times_seen":54,"resource_available":false,"data":null}},"time_used":209,"timings":{"blocked":62,"dns":18,"connect":1,"send":0,"wait":77,"receive":0,"ssl":44},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/SystemBetCalculatorContainer-BXahpv9w.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:07.767Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/SystemBetCalculatorContainer-BXahpv9w.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/assets/index-B4qfN096.js\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:07 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"378-mGZSot3UMrmMUzkxsiWnifxO6+0\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":888,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (544)","md5":"929928ab8a7615f346915b4f66c5040b","sha1":"986652a2ddd432b98c533931b225a789fc4eebed","sha256":"5873d309db53f9e5c74a0dd19ee024520a969055ae6cc6b31f8d114b26069f64","sha512":"7b08a6721acd51c7d73e5867534a5f740e838ba1e62701f26f8feaa34ada76d5582f2379b9f0c82c2f373c7177cd824e4598d900eadb9af69be501caf1b4d21d","ssdeep":"","tlshash":"ee11ef275754ce74888e0ba2094664650cf507185a09f628f6b44c38e018483c3ebffb","first_seen":"2026-03-28T16:05:39.45624Z","last_seen":"2026-03-30T02:15:03.166439Z","times_seen":8,"resource_available":true,"data":null}},"time_used":47,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":47,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/__statistics-proxy/images/e/s/1/2063.png","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:14.304Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /__statistics-proxy/images/e/s/1/2063.png HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/tr/\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D; _ga_2CT6DSEQTF=GS2.1.s1774829891$o1$g1$t1774829891$j60$l0$h0; _ga=GA1.1.1980892810.1774829891; ajs_anonymous_id=8a3528ef-ecae-4d6a-918e-6b61b4f3e7d5\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:14 GMT\r\ncontent-type: image/png\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1559,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced","md5":"020bad0dcabc73a76d56e085e25e3a6d","sha1":"dfac34ebcb389ebf717f675fce52670f2ba7acf1","sha256":"c6a072e155527d38e803c0be8b29c3c9707cb495260691ad23aa4c1cba8e7ff1","sha512":"8c5afb736f545f54a9b21ab072faecf0cbc9d8e369bbb69eae44c45acf69645fed585204f69c3a7c260a500633a435db7c172c0ba25dead2308de718f7913c17","ssdeep":"","tlshash":"38310ada2b6ece2f00440743b41641603bfb5aa580fd640ec399a12929723294bc1951","first_seen":"2025-10-20T07:10:30.972765Z","last_seen":"2026-04-29T13:47:02.802853Z","times_seen":9,"resource_available":false,"data":null}},"time_used":391,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":391,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1063.com/svg/Predictor.json","fqdn":"icons.galabet1063.com","domain":"galabet1063.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:07.353Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1063.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:15:23 GMT","end":"Sun, 24 May 2026 11:15:19 GMT"},"fingerprint":{"sha1":"C4:6E:C1:0C:2A:88:F4:C7:0A:FC:21:E6:85:92:C0:68:80:2C:FB:17","sha256":"91:A1:28:71:34:B4:38:04:7E:56:1B:F2:5E:81:57:F5:65:0C:43:12:65:B7:83:86:E2:32:BC:61:62:00:6E:8C"}}},"request":{"raw":"GET /svg/Predictor.json HTTP/1.1\r\nHost: icons.galabet1063.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://gallabet1066.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 30 Mar 2026 00:18:07 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nlast-modified: Mon, 30 Jun 2025 11:10:20 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=FtH5.0U32J4vfaDwPF4Xj_abde6822rz7_XfVGBrJ_w-1774829887.3753169-1.0.1.1-_oWT3j4MEEqoKYHD69.RVYtVGOVI2MDuvgj.9IrHSLtSM5NkP2SqK4UyrJXQJksQ143Exs_6au6nAVFlB_hURT36vyVUGSN6iMXaMofdoX8vtNKPSqGOQ6SnCdSkX3jl; HttpOnly; Secure; Path=/; Domain=galabet1063.com; Expires=Mon, 30 Mar 2026 00:48:07 GMT\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=A7GdIrweAM2LE%2BCoVKWfnyqRotBEtGp0h2%2FWtg%2F%2FIsdHRwAFg9Mi7xnLkGjJFm3rU%2FIdrEk9JAOr6o7WzdajA7OG7fXODj6nkU6gixf51nm1tjZ86sHphE9Q1yW7NNq0skJFr1HKyrk%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\netag: W/\"6862709c-2ce1\"\r\ncontent-encoding: br\r\ncf-ray: 9e42ef6c1b5ab509-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":11489,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"9b3949596034c0e170589b0d298d8d80","sha1":"3ef85a6cf846b4e3c0453652cd192a92db48165c","sha256":"14ae74f8558911ae15ae063621fa5b3f92699ca40af8034feaf7da18e1c5b5f8","sha512":"cadc1b604d9bbb9116a00b9cae1c19156c46103627ff76f5040c8f249ed6f0215f662f45a25d9fa1654671e8c6cfa4b258cc01d7f165f4a6d1c443671b91f68b","ssdeep":"192:IDzUUkrlb5YU/aMstNifMcLwW/ykO8piJesLUoyua7aASt5KsM50FgJGPbdGl+Jv:Ehk5b5LCNi1LJ6gsM5KgEPJGl0v","tlshash":"d2322fe7cb30c0e038de25bede2a5ed93a1ab4bd5ab1d044536dbc09d6c3dcad628540","first_seen":"2025-08-06T06:15:59.472831Z","last_seen":"2026-05-14T23:49:57.427522Z","times_seen":97,"resource_available":false,"data":null}},"time_used":108,"timings":{"blocked":21,"dns":0,"connect":0,"send":0,"wait":87,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/NotificationsButton-Ch9T4mRH.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:07.770Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/NotificationsButton-Ch9T4mRH.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/assets/index-B4qfN096.js\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:07 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"22e-s8wQg9JDKV3RJjbn6gB7QiQBJnk\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":558,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (557)","md5":"5fb31f00e52440a0d2c363b9e2040e4b","sha1":"b3cc1083d243295dd12636e7ea007b4224012679","sha256":"6d9ea89253e66d4d0923f3284d0541cca09b63242f1d02c4767afaeb842df94b","sha512":"2a6ba46d4496de9896989cee8ea4ff0536632bee7cd723452e89e5ccab344cc446f1b05b70712759aa0ec943b29ed46f1be5b36ef57895a30da6554a2ecdc485","ssdeep":"","tlshash":"26f0208be9a8d5f51b824a21622b9016383b6d3cee0b548004a62ca9173401ac58fb9f","first_seen":"2026-03-28T16:05:39.407956Z","last_seen":"2026-03-30T02:15:03.184898Z","times_seen":8,"resource_available":true,"data":null}},"time_used":46,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":46,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/GoogleAnalyticsTracking-XfS-t3v-.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:07.828Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/GoogleAnalyticsTracking-XfS-t3v-.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/assets/index-B4qfN096.js\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:07 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"3588-mo66QpwFUMNkl/O+ZfXUO/GYR5Q\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":13704,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (10208)","md5":"6778172e064a8f5e326ca0e9470a5158","sha1":"9a8eba429c0550c36497f3be65f5d43bf1984794","sha256":"1f1614773c7d90ad19e37324462180bd8efe2952be950c3f5d62ca68c9067e39","sha512":"8db856e9fff27df937c2d60cd22d95f3cb98ad2fa89976c297ffdce075647b52c06d32d98273ee35ee63033387343d06acce4a069972974827eefdc2e44cab25","ssdeep":"192:HWYceR0SE+m/CTb3bHXCT76hoxGE0VK7D6L7kBNrnPWh52Lz2PM7mBE:2YcoE/CzCIEP3Byy2PdBE","tlshash":"3852b55c32adb0b682df6054487f720bf1755910a458f480a265edf46ef8caf02abf36","first_seen":"2026-03-28T16:05:39.414374Z","last_seen":"2026-03-30T02:15:03.148843Z","times_seen":8,"resource_available":true,"data":null}},"time_used":44,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":44,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1063.com/content/images/casino/icon3/09f008809752fa26a75d239cb44d5b30_casinoGameIcon3.webp","fqdn":"icons.galabet1063.com","domain":"galabet1063.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.525Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1063.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:15:23 GMT","end":"Sun, 24 May 2026 11:15:19 GMT"},"fingerprint":{"sha1":"C4:6E:C1:0C:2A:88:F4:C7:0A:FC:21:E6:85:92:C0:68:80:2C:FB:17","sha256":"91:A1:28:71:34:B4:38:04:7E:56:1B:F2:5E:81:57:F5:65:0C:43:12:65:B7:83:86:E2:32:BC:61:62:00:6E:8C"}}},"request":{"raw":"GET /content/images/casino/icon3/09f008809752fa26a75d239cb44d5b30_casinoGameIcon3.webp HTTP/1.1\r\nHost: icons.galabet1063.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: image/webp\r\ncontent-length: 44112\r\nserver: cloudflare\r\nlast-modified: Tue, 10 Mar 2026 08:26:06 GMT\r\npriority: u=4,i=?0\r\netag: \"69afd59e-ac50\"\r\nexpires: Mon, 06 Apr 2026 00:18:08 GMT\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nset-cookie: __cf_bm=ROXhLi6pjwRzhDTumhvYNGHdsHGVOz_e1c61Jb0QLUk-1774829888.4968026-1.0.1.1-R1QonJ0t0LH4mY5oBu7Al7JzKj88gt4aeJsGANBWJm0BxaG68Sjg_UufQXAJDaG2pWrkVFmD4OxuHyAiUN_KrMKeH2dXfq.KvOdRBixGWanF89XVde5Tc5ezROitG550; HttpOnly; Secure; Path=/; Domain=galabet1063.com; Expires=Mon, 30 Mar 2026 00:48:08 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RMz8lu2dF5s25OwnIH6zQdw%2B%2BNRBsqAdmfr00IrRME32omY6BZBhXE7HetIm%2FWg%2BIViLQd%2FXExspP%2BiMrOOVVcIMi2RiXQEOMqpM91TBjWJdTP8VrzZ2wT8bAMap7NNshpPUH9a6w80%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e42ef7318ae5687-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":44112,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 440x310, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"f7549e6cedd3d48dfc8f9cc4fe88ab88","sha1":"85c8e7831f050d581e41563b58c9faaa59c5dd7e","sha256":"a906e5378a976d7248efd625b1301442c2d4d2dcde6ece7841020a729123d10a","sha512":"56526826f6219f3bdc49e23de21585670c77ac59288e682f80d7586f9ccd03989791230c9fe114bea56dfc3cf8ffeb9d2dd1052ca5370030dbf02cde3bfecf16","ssdeep":"768:iBBosfm9gY2gkw3Tth2CWvIWoGZqrbvwwh/MEkwr7MGHueVZfTpIYpdC/FroNl6N:6qsW5/3n2rIWarwwh/MEkwr75OeVZfTm","tlshash":"2f13f293ea22570d25ba1ac38743361af43d67913e36abcf06e93ac511417d0f91ad3b","first_seen":"2026-03-28T21:46:03.192994Z","last_seen":"2026-04-29T13:47:02.791584Z","times_seen":10,"resource_available":false,"data":null}},"time_used":155,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":86,"receive":69,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1063.com/content/images/casino/icon3/cf166d52a5aeeb827a6e0c5410835b96_casinoGameIcon3.webp","fqdn":"icons.galabet1063.com","domain":"galabet1063.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.532Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1063.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:15:23 GMT","end":"Sun, 24 May 2026 11:15:19 GMT"},"fingerprint":{"sha1":"C4:6E:C1:0C:2A:88:F4:C7:0A:FC:21:E6:85:92:C0:68:80:2C:FB:17","sha256":"91:A1:28:71:34:B4:38:04:7E:56:1B:F2:5E:81:57:F5:65:0C:43:12:65:B7:83:86:E2:32:BC:61:62:00:6E:8C"}}},"request":{"raw":"GET /content/images/casino/icon3/cf166d52a5aeeb827a6e0c5410835b96_casinoGameIcon3.webp HTTP/1.1\r\nHost: icons.galabet1063.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: image/webp\r\ncontent-length: 29136\r\nserver: cloudflare\r\nlast-modified: Mon, 09 Mar 2026 09:21:40 GMT\r\npriority: u=4,i=?0\r\netag: \"69ae9124-71d0\"\r\nexpires: Mon, 06 Apr 2026 00:18:08 GMT\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nset-cookie: __cf_bm=89Jj0MgO.Wb2vR1oSKxbUx9ZtDDXMNTjsCfqeKDWEd0-1774829888.504237-1.0.1.1-.RVr856LpTrP1ewnAFAY_c.kdzADYWmTE.yhQFimRpU2Ni4ivpZpRiXkNK7BbXb4cNJTLL8_.TmFrYXU7sloMs0LT.wvQTd.qnIK1jWVzY.6LCYyXHzA6WDDEa4FfQlQ; HttpOnly; Secure; Path=/; Domain=galabet1063.com; Expires=Mon, 30 Mar 2026 00:48:08 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zZ5KVk7RCCKenOvJHyj6VCHicuNgJuXkG4T3AJi1XKYFMdNLcjQEN7TcvvrTkRHavnkbQea5%2F8weziOpvfhIKi3i1F5hIuT%2FZs3d%2BHJswsEIO%2FhB3%2BF0x42g%2BsCbG%2FTca%2Fao1jT5pO0%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e42ef7328b45687-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":29136,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 440x310, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"dc40e59f1eab8f99443b55b935c52ce8","sha1":"1ae116192bb75e7018780fdb2b606adc7f33af71","sha256":"481aa882d89feca935d303d451d205cf642caaeac0d4b6c2732fd151aa038852","sha512":"77752f256330449d91aaa759c6bfbd29384f5b084045553fc679c400f0bda5694a643d65eacf84807a307e0e9aaebc72acfc3d2da68516902d63868cfd8183e2","ssdeep":"768:jyr3l4W8aiIiW0yx+4sEIchyBfldp40DQyKb1SRS/p/KykokbxeR:jOrhji784kyjeR","tlshash":"62d2e222e027b823b0e14ee6fd74f25574bc90cda9bc48f049e1cb635d652cee1ab654","first_seen":"2026-03-11T15:08:03.092681Z","last_seen":"2026-04-30T19:32:29.883823Z","times_seen":11,"resource_available":false,"data":null}},"time_used":113,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":80,"receive":33,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/__statistics-proxy/images/e/s/1/2018.png","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:14.278Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /__statistics-proxy/images/e/s/1/2018.png HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/tr/\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D; _ga_2CT6DSEQTF=GS2.1.s1774829891$o1$g1$t1774829891$j60$l0$h0; _ga=GA1.1.1980892810.1774829891; ajs_anonymous_id=8a3528ef-ecae-4d6a-918e-6b61b4f3e7d5\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:14 GMT\r\ncontent-type: image/png\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1096,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced","md5":"b1ee4810b27c3590ef5819b402fb8e83","sha1":"0a1022dcffe48508af8a0566c0e8bb0bcde94cf3","sha256":"8d9ba6bae0115baa0aa56c574b6d295db7cf97a6b7b8257e0638d06c959ab1c1","sha512":"0a3af538cb360e5c3d7bda032d61a6e9f102b802db324dce5cb390feb85be516bf628a75eba7f9f5b8756f73f0d3255003437e7159108a2d851826133a0a4c1b","ssdeep":"","tlshash":"2111b6984ba40c3f8e0e654a73868cd26f1b01f2d3c0590d96bd8338f2ee5c83106e83","first_seen":"2025-03-18T10:52:19.760615Z","last_seen":"2026-04-29T13:47:02.798783Z","times_seen":9,"resource_available":false,"data":null}},"time_used":301,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":301,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/Firebase-BQz29U-S.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:07.720Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/Firebase-BQz29U-S.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/assets/index-B4qfN096.js\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:07 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"1487f-9RVwtX+90JTaC+sxGpdBudjMANM\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":84095,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (4779)","md5":"5a7833f78effa1f0d98fe711de9bd881","sha1":"f51570b57fbdd094da0beb311a9741b9d8cc00d3","sha256":"8825b8e95295627a01f597a16173b69bb346e64bf7873da5559e040cdf4cfbb3","sha512":"13c3062da50f0a48a04bf9caf38f787770a31e92d27d6b4dd190d16ff04025f4e90e8c569c86bb350c5757bec0b7251bea5a03e2ae7df3fd8dbf5d07075dc0fd","ssdeep":"1536:N4B1ZtLG0w0MlRdcuwMU51uxIZOLphF4yslNmuICMmWJRvebilqVotWL8Avw+u7h:Ns1ZtLG0w0MlRdcuwMU51uxIZOLzF4yv","tlshash":"3783957d7a922a3317d189ab792f50cbb319c64d390f8394741ec0e91e3e45a45faeb0","first_seen":"2026-03-28T16:05:39.472649Z","last_seen":"2026-03-30T02:15:03.120027Z","times_seen":8,"resource_available":true,"data":null}},"time_used":43,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":43,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/getLiveGameAdditionalInfo-X6I7keVs.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.096Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/getLiveGameAdditionalInfo-X6I7keVs.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gallabet1066.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"47e-yn0YGux+JL+IBxYo44pZN1Wb1J4\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1150,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, Unicode text, UTF-8 text, with very long lines (1148)","md5":"1fe279b3908651bd999d78e09f81fa92","sha1":"ca7d181aec7e24bf88071628e38a5937559bd49e","sha256":"1c5e1bafe5d307297e9378e140676f593441bdbc68d4dc48db0b90652cf1cb8b","sha512":"0797f7005dccb782502173de5777b13fca3fcaa66332f418bd392a931dde6bd3e26ab1ce243ec3317948e54c52c36c1453636b2f0e514450a58640148b416ae1","ssdeep":"","tlshash":"332114b6606e93bba5c9499456b01b31a2b5ba05380445ccbb3cca191877884a7e2039","first_seen":"2026-03-28T16:05:39.642086Z","last_seen":"2026-03-30T02:15:03.125629Z","times_seen":8,"resource_available":true,"data":null}},"time_used":42,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":42,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"va.tawk.to/log-performance/v3","fqdn":"va.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"172.66.161.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.231Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 06 Mar 2026 09:33:33 GMT","end":"Thu, 04 Jun 2026 10:33:27 GMT"},"fingerprint":{"sha1":"F0:6C:DC:32:63:CD:34:E3:15:CD:7F:77:F5:A3:64:E0:9B:36:95:83","sha256":"B6:7F:6E:A3:69:3E:0D:3B:04:3E:8B:65:86:7E:1D:5F:82:84:18:16:8D:AD:72:D5:51:E3:46:BC:BD:CD:BC:38"}}},"request":{"raw":"OPTIONS /log-performance/v3 HTTP/1.1\r\nHost: va.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://gallabet1066.com/\r\nOrigin: https://gallabet1066.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/3 200 OK\r\nx-served-by: visitor-application-preemptive-mc49\r\naccess-control-allow-origin: https://gallabet1066.com\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 3600\r\naccess-control-allow-methods: POST,OPTIONS\r\naccess-control-allow-headers: content-type,x-tawk-token\r\ncache-control: public, s-maxage=600, max-age=600\r\ncontent-type: text/html; charset=utf-8\r\nvary: Accept-Encoding\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\npriority: u=4,i=?0\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\ncf-cache-status: DYNAMIC\r\nserver: cloudflare\r\ncontent-encoding: br\r\ncf-ray: 9e42ef71589e8be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T19:34:27.179619Z","times_seen":16247994,"resource_available":true,"data":null}},"time_used":150,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":150,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/bookingBet-cESIhAq_.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:07.556Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/bookingBet-cESIhAq_.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gallabet1066.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:07 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"ed4-nTt/fMaW2i/+2xhxVX9DiwsjXXw\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":3796,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (3795)","md5":"02808f2f70ec537c2d34e7d444109b03","sha1":"9d3b7f7cc696da2ffedb1871557f438b0b235d7c","sha256":"bcb2d7b8cd2175fc2d17f002cd0d2292f497b914adda309f5bfedaf901e4ab41","sha512":"ae1b62eaf4c5e2aab0a7f1c0c5e84019eb1906d8dcde9d26831c66f4d26fb0798bd7d89dbf71b5d85470cf7f668119844b96992c51329556aa939d91f51c5c18","ssdeep":"","tlshash":"7a71e664fd20907e67f2317df4de7b426b2c4ba871a19a40ff6b5e0841848cbb534638","first_seen":"2026-03-28T16:05:39.507069Z","last_seen":"2026-03-30T02:15:03.271067Z","times_seen":8,"resource_available":true,"data":null}},"time_used":31,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":31,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69967ba6a3b/js/twk-app.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"172.66.161.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:05.636Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 06 Mar 2026 09:33:33 GMT","end":"Thu, 04 Jun 2026 10:33:27 GMT"},"fingerprint":{"sha1":"F0:6C:DC:32:63:CD:34:E3:15:CD:7F:77:F5:A3:64:E0:9B:36:95:83","sha256":"B6:7F:6E:A3:69:3E:0D:3B:04:3E:8B:65:86:7E:1D:5F:82:84:18:16:8D:AD:72:D5:51:E3:46:BC:BD:CD:BC:38"}}},"request":{"raw":"GET /_s/v4/app/69967ba6a3b/js/twk-app.js HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://gallabet1066.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 30 Mar 2026 00:18:05 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Thu, 19 Feb 2026 02:56:34 GMT\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\nage: 82\r\nx-content-type-options: nosniff\r\ncf-cache-status: HIT\r\netag: W/\"e736e189edb5d0d9d5b8e7f23dd9114a\"\r\ncontent-encoding: br\r\ncf-ray: 9e42ef6129813181-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":151,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with no line terminators","md5":"e736e189edb5d0d9d5b8e7f23dd9114a","sha1":"bcabee193f13756fa9154fc492fe420c47140343","sha256":"13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd","sha512":"ea972884c185633ea238bdacea6ac9da0e0e92f88588cd85c214514c3597bc7d811c4dc4cd35b671dd2db97179bedceb38bd5d200abb9653fbcaeac2ca6ec7b5","ssdeep":"","tlshash":"a0c080ac1496fc9c1674154a8377f54a5cd510108055141015d851a11311546560c54d","first_seen":"2023-03-07T01:02:46Z","last_seen":"2026-06-08T19:38:41.312264Z","times_seen":85508,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1063.com/svg/LiveCasino1.json","fqdn":"icons.galabet1063.com","domain":"galabet1063.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:07.340Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1063.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:15:23 GMT","end":"Sun, 24 May 2026 11:15:19 GMT"},"fingerprint":{"sha1":"C4:6E:C1:0C:2A:88:F4:C7:0A:FC:21:E6:85:92:C0:68:80:2C:FB:17","sha256":"91:A1:28:71:34:B4:38:04:7E:56:1B:F2:5E:81:57:F5:65:0C:43:12:65:B7:83:86:E2:32:BC:61:62:00:6E:8C"}}},"request":{"raw":"GET /svg/LiveCasino1.json HTTP/1.1\r\nHost: icons.galabet1063.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://gallabet1066.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 30 Mar 2026 00:18:07 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nlast-modified: Mon, 30 Jun 2025 11:11:39 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=HYhqNzhuDq6NORgn04FDXpX0HvqxP3snzKXOYmrlchs-1774829887.3934376-1.0.1.1-_D8Qyv.zDIHpKTV7KOmSa1XxOc.NIu4ZOOoB9TNQiuJb_XdGsqf7kATZtfTXAjaw_p6u4qfCFJOtbNv9UHQfbAts8GPK.7Gz_3bj5cl5kv1GpfQCFkUEaeOB59vl6jJu; HttpOnly; Secure; Path=/; Domain=galabet1063.com; Expires=Mon, 30 Mar 2026 00:48:07 GMT\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vylAe3%2B3aq0RjhOvu%2BHklEpdhTgNRyq52y1L5qoUkFVEEXNzUeUdlXeGT2PeijAHeHgCmON9rOessVYPSV4DddkvvbfslEKn9eDDxMklJlMV6tE54OsAFe0XCrqq0CrulrXd9%2FQfIYc%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\netag: W/\"686270eb-5d7\"\r\ncontent-encoding: br\r\ncf-ray: 9e42ef6c3b6eb509-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1495,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"ab76ddacc7177297110531bdc4b7b09c","sha1":"9e3a3721140685f8b095694cf6690ebaeac63278","sha256":"67de7a9984a8f57a460e025368985daf653eab425caaa5482cc1f3af17c43104","sha512":"16ce040d64e0b45e159c5a0bc2ee0ddbcffdf3405d0ae5dd70b5d1297f657f9067b8cb03a1e30811720c804e7997d3c57815e9b3db2ace852941fb2a7900ea13","ssdeep":"","tlshash":"ce316de876b0ed7c5c9d3a9ea7195d542c9ede6921007ba5db0c8c90c3cb4089759c8b","first_seen":"2025-08-01T03:40:47.847838Z","last_seen":"2026-06-08T11:36:24.402276Z","times_seen":1018,"resource_available":false,"data":null}},"time_used":211,"timings":{"blocked":53,"dns":22,"connect":5,"send":0,"wait":84,"receive":0,"ssl":40},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/NotificationsButton-Ch9T4mRH.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:07.482Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/NotificationsButton-Ch9T4mRH.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gallabet1066.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:07 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"22e-s8wQg9JDKV3RJjbn6gB7QiQBJnk\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":558,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (557)","md5":"5fb31f00e52440a0d2c363b9e2040e4b","sha1":"b3cc1083d243295dd12636e7ea007b4224012679","sha256":"6d9ea89253e66d4d0923f3284d0541cca09b63242f1d02c4767afaeb842df94b","sha512":"2a6ba46d4496de9896989cee8ea4ff0536632bee7cd723452e89e5ccab344cc446f1b05b70712759aa0ec943b29ed46f1be5b36ef57895a30da6554a2ecdc485","ssdeep":"","tlshash":"26f0208be9a8d5f51b824a21622b9016383b6d3cee0b548004a62ca9173401ac58fb9f","first_seen":"2026-03-28T16:05:39.407956Z","last_seen":"2026-03-30T02:15:03.184898Z","times_seen":8,"resource_available":true,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/LiveChatAdviser-CdPTlBD4.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:07.488Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/LiveChatAdviser-CdPTlBD4.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gallabet1066.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:07 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"35e-reFE5QIg/I6GcyqIhRY1PIvOT5U\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":862,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (861)","md5":"72dd7751d5241be75f878b8c2b8aed80","sha1":"ade144e50220fc8e86732a888516353c8bce4f95","sha256":"ee6723aededa76aafd64e561d0a2eb63a9bebe33b909815e5a36aceaf44da3c4","sha512":"87c9153c186438336b5718602a0ab46103346b48a12fecb6b04d25b7206307cc87ad41a8b893f27fa11fa021e23b5f1b4ece55199066db3cf96fd267225a33bc","ssdeep":"","tlshash":"29112fd6b0c2a3fd6667148dd79a6043300a4fa4c22d0dba807b15a01a2ce09a34efd4","first_seen":"2026-03-28T16:05:39.554024Z","last_seen":"2026-03-30T02:15:03.185401Z","times_seen":8,"resource_available":true,"data":null}},"time_used":29,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":29,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/fonts/default/RobotoBold.woff2?v=366","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:07.962Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /fonts/default/RobotoBold.woff2?v=366 HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/assets/index.B9_sFxRT.css\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:07 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 62032\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"f250-sdZeMF6FDN01JzT3hCzd/TDwjQs\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":62032,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 62032, version 1.0","md5":"5c3f2196f147bbbc3583de1008be7538","sha1":"b1d65e305e850cdd352734f7842cddfd30f08d0b","sha256":"c6213e789895a427306e62a03b1a96ac884f58957b4f14e27f8e4361e32bf382","sha512":"a0a556d7d670c7197f1daf9cc7d84b3872cbaa92f916bd092c3831d3936362ddde3e837e4330895a5d53f0783b761ded7d00d126a0a04feaea84d01d12e62f1d","ssdeep":"1536:+07i808sgDXsqfywKCgqTwnXO09CU+O2G48I5lkEGN2iBYF5cftfplD+2U:+epsGXZfeCgZXd9hAGtI56ZiF523+2U","tlshash":"2f53023e9427274226b1dcca96ece2ee16c278fb700119ddb41075ee9f32f814c83a56","first_seen":"2023-05-07T18:24:32Z","last_seen":"2026-06-08T13:19:39.297237Z","times_seen":2663,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/InformativeWidget-BeeJfdic.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.078Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/InformativeWidget-BeeJfdic.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/assets/index-B4qfN096.js\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"43f-RnZJF+R3GScu3NHDh4txIiKpdwQ\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1087,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (1086)","md5":"cc3bb3dc26cc413e8130530cd33f1977","sha1":"46764917e47719272edcd1c3878b712222a97704","sha256":"700ac463afa61d312192241e608e724ca8b1378064d91ea45125dfefe02ce965","sha512":"19cc0aba25a81433479e695d99f206516d25750b2caa871d562b1bb00cb854b3d47bdb7519e503fd406be62321bc8d237202739db9e1e45ece7909db85698509","ssdeep":"","tlshash":"bb117986f590d6bdb0350dc44217909579312ed4cf39d4edd8b13004a87450bb6db7bc","first_seen":"2026-03-28T16:05:39.574196Z","last_seen":"2026-03-30T02:15:03.13277Z","times_seen":8,"resource_available":true,"data":null}},"time_used":32,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":32,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/__statistics-proxy/images/e/s/1/2017.png","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:14.280Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /__statistics-proxy/images/e/s/1/2017.png HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/tr/\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D; _ga_2CT6DSEQTF=GS2.1.s1774829891$o1$g1$t1774829891$j60$l0$h0; _ga=GA1.1.1980892810.1774829891; ajs_anonymous_id=8a3528ef-ecae-4d6a-918e-6b61b4f3e7d5\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:14 GMT\r\ncontent-type: image/png\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":1548,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced","md5":"4844ff7ee6b4e123809ce9790ebe1323","sha1":"2bad839b62a69344d5d623152c6d7e611e7805c0","sha256":"6b0ee49a7b0c47811df40eea96a0d3180f66af44ff25633cb6f51b4ed6f94724","sha512":"386f4bcaaf1e7f86e6a3a473569c98f6580b63abec56d22150bed70c318dffa8a508064209e9d8ad908aac2d0654a389a2b8c7feeb596912ba458863cfb58e23","ssdeep":"","tlshash":"7831e793ad7d3498c0b8f0252253b8137e7c91fa13196911da988265452b6d887afce4","first_seen":"2025-03-18T10:52:19.835212Z","last_seen":"2026-04-29T13:47:02.744626Z","times_seen":5,"resource_available":false,"data":null}},"time_used":145,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":145,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"va.tawk.to/v1/session/start","fqdn":"va.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"172.66.161.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:05.832Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 06 Mar 2026 09:33:33 GMT","end":"Thu, 04 Jun 2026 10:33:27 GMT"},"fingerprint":{"sha1":"F0:6C:DC:32:63:CD:34:E3:15:CD:7F:77:F5:A3:64:E0:9B:36:95:83","sha256":"B6:7F:6E:A3:69:3E:0D:3B:04:3E:8B:65:86:7E:1D:5F:82:84:18:16:8D:AD:72:D5:51:E3:46:BC:BD:CD:BC:38"}}},"request":{"raw":"OPTIONS /v1/session/start HTTP/1.1\r\nHost: va.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://gallabet1066.com/\r\nOrigin: https://gallabet1066.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/3 200 OK\r\nx-served-by: visitor-application-preemptive-mc49\r\naccess-control-allow-origin: https://gallabet1066.com\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 3600\r\naccess-control-allow-methods: POST,OPTIONS\r\naccess-control-allow-headers: content-type,x-tawk-token\r\ncache-control: public, s-maxage=600, max-age=600\r\ncontent-type: text/html; charset=utf-8\r\nvary: Accept-Encoding\r\ndate: Mon, 30 Mar 2026 00:18:05 GMT\r\npriority: u=4,i=?0\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\ncf-cache-status: DYNAMIC\r\nserver: cloudflare\r\ncontent-encoding: br\r\ncf-ray: 9e42ef626bf8dfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T19:34:27.179619Z","times_seen":16247994,"resource_available":true,"data":null}},"time_used":152,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":152,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/__proxy-geoapi/?type=json","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:06.387Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /__proxy-geoapi/?type=json HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nCookie: TawkConnectionTime=1774829886381; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:06 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nx-powered-by: PHP/7.3.33\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: Content-Type\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding, Accept-Encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=v0niPbQSou046zOokw9Sj6cRvPejoEIxnIqYmMnpK%2BUY%2B5yoNV1jCxPDJJKzZjwoCV11Hmy689IyPJHjS2%2Fx2J%2BnP9D69VRiGWNjxA2RcSCmVKaPNgdHabRBP6yDsPz9iZU35Ro9PbQ%2B%2BBE%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\nset-cookie: __cf_bm=X7kTAbwMx1Fp9GaxagLD3pdGBOaQPqtndkFCZTOdgF0-1774829886.4503875-1.0.1.1-62CL8TsEwa68DAGKGhk3h0.1IqZQge10kfEcFDnhDoB2BcVT3CDfHs_HEaL6kPzwzDOl.9zZ.xZTFCMPvq._8gqZV6U2m0k9rr68dEIY2yXO2wtWt84k0dUh4qUHKLTW; HttpOnly; Secure; Path=/; Domain=19btcoservice.com; Expires=Mon, 30 Mar 2026 00:48:06 GMT\r\ncf-ray: 9e42ef664feb92cc-IST\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"PHP:7.3.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":205,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"JSON text data","md5":"e7896ab748ec49fbcd3a58b1c12a1f86","sha1":"971f12df6efe748c6a5f9311e134c0735db343a4","sha256":"b90983ad317016aa94601c3bd3a17e33c4df80a026f54cf8aa7a737320029e83","sha512":"f3dc47274b1450e9b98131c77fb7fed3ae6a9a0b0f98fb737545f93aa9707533428b7079a9e3e7de9d1e2c575c54154114a2d8e74cd0cb084c550ce0b840d5e2","ssdeep":"","tlshash":"70d022cc2808fd2fae310948388fba662ab914ec42c56580424e9c6182c4ae5d38e202","first_seen":"2026-03-30T00:17:55.389156Z","last_seen":"2026-03-30T00:19:06.70861Z","times_seen":2,"resource_available":false,"data":null}},"time_used":162,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":162,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/index-DnlcLyxn.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:07.108Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/index-DnlcLyxn.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/assets/index-BW_ti3FS.js\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:07 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"26774-7Qf3Ofvizmoq97Objw6U9xD0qS0\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":157556,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"11f328f79eabc9a081454a4b6686ade3","sha1":"ed07f739fbe2ce6a2af7b39b8f0e94f710f4a92d","sha256":"3c4be5a5ce6a35ef80d0c50e62d17f7b3f8b9fd6bcad633e674d59c7171a4d8b","sha512":"edae2ca5ae3917f42f6560d574795d1a571f5eb2bb3f28e36ac5ff5fc7463295cc032749e623954d42057d936474b91a2539873922e8760294e12adae834cf6a","ssdeep":"3072:mBwaIFmmU4Hxsu9jbgkqJFHSWotoOwhWBx9/F1FV:owhFHU4HNwFH7MoOWexZFHV","tlshash":"74f34ce063b4e17db603836e97e605e0e21cb444f729c0f4b6ed87f540c3599deaa629","first_seen":"2026-03-28T16:05:39.489438Z","last_seen":"2026-03-30T02:15:03.212531Z","times_seen":8,"resource_available":true,"data":null}},"time_used":70,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":70,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1063.com/svg/X50Wheel.json","fqdn":"icons.galabet1063.com","domain":"galabet1063.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:07.344Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1063.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:15:23 GMT","end":"Sun, 24 May 2026 11:15:19 GMT"},"fingerprint":{"sha1":"C4:6E:C1:0C:2A:88:F4:C7:0A:FC:21:E6:85:92:C0:68:80:2C:FB:17","sha256":"91:A1:28:71:34:B4:38:04:7E:56:1B:F2:5E:81:57:F5:65:0C:43:12:65:B7:83:86:E2:32:BC:61:62:00:6E:8C"}}},"request":{"raw":"GET /svg/X50Wheel.json HTTP/1.1\r\nHost: icons.galabet1063.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://gallabet1066.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 30 Mar 2026 00:18:07 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nlast-modified: Mon, 30 Jun 2025 11:10:25 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=MrqqUfD3lycl7rIbxiwZo_KcNPHFQMmvtGitND3zNZA-1774829887.3741174-1.0.1.1-76JQPGooar2eLgQqWgktbcicDv5YF7kOExIo_J6Iqi4ahWPZxtSZ_jsp2m5MPAkJLAIy_Nct9COfflH7IAHGitm.Ju1yEo.GLhstZajjCxkzX8g6yEkGga3HQcFWvnrw; HttpOnly; Secure; Path=/; Domain=galabet1063.com; Expires=Mon, 30 Mar 2026 00:48:07 GMT\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=w0NZ1Czhby48RUoSKSo9%2FpSIuHUPVXSx2bsrLtChO2RnvoHsUTZGH0Q2TFKfW3NFo5Rghex1yutRaIcsAme5vxFZ6JCrK5ovbZrbxUFUYj6mY3o%2FjDQZT442Cgtcw8Cs95p0N4GPjbs%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\netag: W/\"686270a1-65a\"\r\ncontent-encoding: br\r\ncf-ray: 9e42ef6c1b56b509-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1626,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"6a4e68d64ae400253c8553f277334db0","sha1":"9f4421a8ee6dbd94b15c62098a2808e7a9df443a","sha256":"c7d0844a8e2c9ee547a4b9c4927823c95fca71407aab9cfa85bc1175c01fc1e8","sha512":"3472f7072defa5f4f70e595969443c4310d2f86be210449dbebb88defac139a9bd68503f7cefce592b93b10f0910846e815b72ea960c2809326f390e1c0566cc","ssdeep":"","tlshash":"ba3122f5fff1ceb64c9413bf3a148ea82595c02d8e618b58c83a4d98215383c9f502aa","first_seen":"2025-07-09T12:38:57.780257Z","last_seen":"2026-05-19T18:11:41.346853Z","times_seen":162,"resource_available":false,"data":null}},"time_used":111,"timings":{"blocked":29,"dns":0,"connect":0,"send":0,"wait":82,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/DataspotTracking-C_baP2Ds.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:07.531Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/DataspotTracking-C_baP2Ds.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gallabet1066.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:07 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"1fe6-OUlbe7X1+bfv8XMEyCr073G7Xjk\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":8166,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (8165)","md5":"75a1c183e0f0a28fd5c2cb66023a8eb2","sha1":"39495b7bb5f5f9b7eff17304c82af4ef71bb5e39","sha256":"b41c2e5c60e2c45827134e035c32cdc98b14af5a4d50251dc7e16d0cc811b739","sha512":"81cec4eeb68b02640a94e2d002400ed517caf7f83efbf755f6aaaad0b539a2f683aed0c1285a490307991192b1db274b7382f4cec1c8923291244e2c6eccc358","ssdeep":"192:0DwuqOQcaXEibcCOi1Kb0cHHnBxCHynNvuvXvqvxuhqVeDt8V7uS:ARqOQcaXEinAxCHyn5Q/0gh8k8xuS","tlshash":"8cf10655641e68bc7033c6ad0d5721a244387051e2329de076aacf6a9e3d9c28ff77cb","first_seen":"2026-03-28T16:05:39.491245Z","last_seen":"2026-03-30T02:15:03.149918Z","times_seen":8,"resource_available":true,"data":null}},"time_used":31,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":31,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/useJackpot-D3CfHg5h.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.088Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/useJackpot-D3CfHg5h.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gallabet1066.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"58b-gm2d5dtCf7M9ADywfOBkAG13BFU\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1419,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (1418)","md5":"2f35f1b682fcc0133730fc13d994d982","sha1":"826d9de5db427fb33d003cb07ce064006d770455","sha256":"cbf704512cfd9422e0d3971b7462ec032c8ea726f7210201147934c832ea8f69","sha512":"d25cceab0749d0952121e522d15436ec05e6947888ebe01f5f8d71ef1195156fd17a625b0691d246911efa23f05f0514e115e6cc7f9c21ea2d527d80c77f7d7b","ssdeep":"","tlshash":"9721e045c059e5f8f5cd8cb10167972a2b3c3f797440a0a0e0ba5ebd57ace45b6a0b93","first_seen":"2026-03-28T16:05:39.405107Z","last_seen":"2026-03-30T02:15:03.166974Z","times_seen":8,"resource_available":true,"data":null}},"time_used":42,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":42,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/CasinoGame-ttw0yr5X.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.100Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/CasinoGame-ttw0yr5X.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gallabet1066.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"16ee-K3ImLahwIdbHOrAoYXizPXrTm4I\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":5870,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (5595)","md5":"89bd8d536c7bd7bb8a6e3bc68e410f81","sha1":"2b72262da87021d6c73ab0286178b33d7ad39b82","sha256":"1fc3bdb84baa35b6847cdbda7954fc6b75a10840a339c14d9e50c655d105e422","sha512":"5bb883e7ddcf0609312bb04df9ce21fdc40850324eb07d3fb041e351ec9c7bbe3b9f4635109f84f387f627f2e5ea68604694aefea2f65662ca62886fc4a277fb","ssdeep":"96:j/1bqI2i+M36ZhR+hoEYxF+OZZ9LWQiN8M+xn5Z9gvWwBVlLVdNRK:zNqIF340T9eKQiN8FxnBcLVdNRK","tlshash":"fac1a549e024ebbdb83a48d9986f102574192fe1de198075f47da839313c11db227bde","first_seen":"2026-03-28T16:05:39.587003Z","last_seen":"2026-03-30T02:15:03.187727Z","times_seen":8,"resource_available":true,"data":null}},"time_used":43,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":43,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/JackpotPoolsWidgetContainer-B5MGOsjJ.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.252Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/JackpotPoolsWidgetContainer-B5MGOsjJ.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/assets/index-B4qfN096.js\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"101a-bXqCGmLQFoBE+nRnG08dIJ6HHfI\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":4122,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (4121)","md5":"e89155f8d22a4bd0cc9caf5be0c603c7","sha1":"6d7a821a62d0168044fa74671b4f1d209e871df2","sha256":"5463e0f0b2083232839cb9323193c1e3181e0ee595ae503b95cbba6852e5c8bd","sha512":"26e46c18b5a47a38a120c5b328703db33f2cdf0fce63a08eb9b4a6c232378de220dbd376cd4361a136cb453f23db36c4aceabefb44d4d4cf69f75449f253c6f7","ssdeep":"96:yq51X/vpTBeLzTGNlTh6YaZmD/+oRtPeYFaORtTzk:95FCMN654moRdrPzk","tlshash":"13819517e01ab3fce89c14a3502f911e367e0bfcd65604e8d0ad04240bbd859f25abda","first_seen":"2026-03-28T16:05:39.608329Z","last_seen":"2026-03-30T02:15:03.198062Z","times_seen":8,"resource_available":true,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/SystemBetCalculatorContainer-BXahpv9w.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:07.481Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/SystemBetCalculatorContainer-BXahpv9w.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gallabet1066.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:07 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"378-mGZSot3UMrmMUzkxsiWnifxO6+0\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":888,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (544)","md5":"929928ab8a7615f346915b4f66c5040b","sha1":"986652a2ddd432b98c533931b225a789fc4eebed","sha256":"5873d309db53f9e5c74a0dd19ee024520a969055ae6cc6b31f8d114b26069f64","sha512":"7b08a6721acd51c7d73e5867534a5f740e838ba1e62701f26f8feaa34ada76d5582f2379b9f0c82c2f373c7177cd824e4598d900eadb9af69be501caf1b4d21d","ssdeep":"","tlshash":"ee11ef275754ce74888e0ba2094664650cf507185a09f628f6b44c38e018483c3ebffb","first_seen":"2026-03-28T16:05:39.45624Z","last_seen":"2026-03-30T02:15:03.166439Z","times_seen":8,"resource_available":true,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1063.com/storage/medias/galabet10/content_751_fec0ce3fb838228909c143d4c2cd0907.webp","fqdn":"icons.galabet1063.com","domain":"galabet1063.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.505Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1063.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:15:23 GMT","end":"Sun, 24 May 2026 11:15:19 GMT"},"fingerprint":{"sha1":"C4:6E:C1:0C:2A:88:F4:C7:0A:FC:21:E6:85:92:C0:68:80:2C:FB:17","sha256":"91:A1:28:71:34:B4:38:04:7E:56:1B:F2:5E:81:57:F5:65:0C:43:12:65:B7:83:86:E2:32:BC:61:62:00:6E:8C"}}},"request":{"raw":"GET /storage/medias/galabet10/content_751_fec0ce3fb838228909c143d4c2cd0907.webp HTTP/1.1\r\nHost: icons.galabet1063.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: image/webp\r\ncontent-length: 49090\r\nserver: cloudflare\r\nlast-modified: Sat, 23 Nov 2024 09:10:12 GMT\r\npriority: u=4,i=?0\r\netag: \"67419bf4-bfc2\"\r\nexpires: Mon, 06 Apr 2026 00:16:46 GMT\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\naccept-ranges: bytes\r\nage: 82\r\ncf-cache-status: HIT\r\nset-cookie: __cf_bm=bj6ao_srO9o_A6r4ECPXQ2XXrFzS0da9N4n435d0_Go-1774829888.469899-1.0.1.1-Br5OdtneUGU7YzG7ghBD0OcrXtT.sqdUW3vzjFGkZCFeuFEpgbl1jXMIGHt2hB9IhqEKIccO1PUzTU4PWijipVcrbVH6Y6g42ebmuOeELKP4kTfXCGfkMBUIZZWPQnf_; HttpOnly; Secure; Path=/; Domain=galabet1063.com; Expires=Mon, 30 Mar 2026 00:48:08 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=F%2FKqKTQ%2BGjS5rdmTVBcqGZykI3oZ0OSLcN0%2BrI0qds4GtvDERDxEb9ncZ%2BTKuguEoBiPoWXVdX1GiEBi081A4N1a4P%2FmQ%2F0lsIkUD7nlKKUlaVCckj%2Bwy9O5gxi6NE%2FT1dy9SpPqN4Y%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e42ef72e8945687-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":49090,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1600x160, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"554a6a60b6ffca448ba10b49245ef022","sha1":"ba0918260a1d0c6637a1aacbceb9e00ae51426f4","sha256":"072b206ca7103452a85057bb9b4e7cef928ab648bca6458ac244f8ef86be5d9b","sha512":"79847851f93587d1aea114fc35dbd63b6b3882e932bb5469240f4fc2f28a01a866e883ad3440cd0ea3c641210821304a34031889973a3c0d3d75df70982baef7","ssdeep":"768:F093GeFzB7B+3nq/0hWz3f2O8euie3REnwUuaXPdTBvETOP2x1RkILzP+81dzNI1:F0NjFzeachqJleBEwUTETOux1KQ28dZ2","tlshash":"e9230233c0f23a3c236f235e6f4f4be42998a54ec7a79158a8428737631f0944f995da","first_seen":"2026-02-24T14:23:51.345694Z","last_seen":"2026-06-06T23:43:56.099179Z","times_seen":37,"resource_available":false,"data":null}},"time_used":35,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":20,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1063.com/content/images/casino/icon3/dacb4368b387653fbc8eb373984206f6_casinoGameIcon3.svg","fqdn":"icons.galabet1063.com","domain":"galabet1063.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.541Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1063.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:15:23 GMT","end":"Sun, 24 May 2026 11:15:19 GMT"},"fingerprint":{"sha1":"C4:6E:C1:0C:2A:88:F4:C7:0A:FC:21:E6:85:92:C0:68:80:2C:FB:17","sha256":"91:A1:28:71:34:B4:38:04:7E:56:1B:F2:5E:81:57:F5:65:0C:43:12:65:B7:83:86:E2:32:BC:61:62:00:6E:8C"}}},"request":{"raw":"GET /content/images/casino/icon3/dacb4368b387653fbc8eb373984206f6_casinoGameIcon3.svg HTTP/1.1\r\nHost: icons.galabet1063.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: image/svg+xml\r\nserver: cloudflare\r\nlast-modified: Mon, 14 Jul 2025 11:44:02 GMT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Mon, 06 Apr 2026 00:18:08 GMT\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\ncf-cache-status: MISS\r\nset-cookie: __cf_bm=eLAOCaPBi8niigekBNg1i7bfWm99G5bAUYl8VheeLCk-1774829888.5049362-1.0.1.1-CX1ezW18TRpQQk0sRji987Ot95V8RwQ8F_2K8RiXmCLnhxTJ6oYWhibwzhcRbkK2T2TiZLfsDZDi6nj5oWMFEpjO.W38TGTWzodmOhjUri189oDyl5qZO7AMoUw0wcum; HttpOnly; Secure; Path=/; Domain=galabet1063.com; Expires=Mon, 30 Mar 2026 00:48:08 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KX2ytIfz6GSyhJeOb4jypiOxj5lJ%2Bd1%2BBJshr7um3DVLVRpA1Oil37xXvjYmHBI5W%2BgZ7AJ1Gd6au0z1uoJ%2FaoN%2F%2F64kLKOwLr%2BMcM1IpUa4LgKZnZwi7KpOqIUBhqZs%2BWoIiprwLxM%3D\"}]}\r\netag: W/\"6874ed82-39db1\"\r\ncontent-encoding: br\r\ncf-ray: 9e42ef7328b65687-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":236977,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"d36be2eaf9e04912fdb8808c5fb5ecf5","sha1":"92e5d39b817f8ca6fc19cb510b09abb67bb1cc3d","sha256":"65729a6d7b4489ef8f4a11df39cc309c6a19cb7aea054d125e719847336d6351","sha512":"d2ea1453db444d456101f6b64da01d1599a174694e152a11d62023eed22d51029b1316890e5f6a47a04477b70b615f778f712cb7f49216ddefe86a6beaa33cf5","ssdeep":"6144:ENJ+Upg7tzKcdWp+3nAPOpoKoD81z+kkqXjQ88EwU:sdO7teWW8lRHXj3","tlshash":"fe3412f5afdbd5caa2446a0ec3d72d1c4c4f699f6350907eb31076876b30a93503292e","first_seen":"2025-08-01T02:56:52.063415Z","last_seen":"2026-05-31T21:24:04.022542Z","times_seen":93,"resource_available":false,"data":null}},"time_used":230,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":82,"receive":148,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/__proxy-cms-api/api/public/v1/tur/partners/751/components/6713/contents?use_webp=1\u0026platform=0\u0026country=TR","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.649Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /__proxy-cms-api/api/public/v1/tur/partners/751/components/6713/contents?use_webp=1\u0026platform=0\u0026country=TR HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/tr/\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 709\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS\r\naccess-control-allow-headers: X-Requested-With,Content-Type,Origin,Accept,Accept-Encoding,Accept-Response\r\ncf-ray: 9e42ef739bd3f546-AMS\r\ncontent-encoding: br\r\ncache-control: max-age=600\r\nvary: Accept-Encoding\r\ncf-cache-status: DYNAMIC\r\nset-cookie: __cf_bm=05byAWajQ18j5e33cwex4txp1PFeFqlxnxQyaqeph_w-1774829888-1.0.1.1-v.5Qm3q1yObM3OVJgrBS1YLsPvxtYwWYus4T3nli4V0tkn.Ps7M2C0d.PJ5W0n0ZGMk9UuunfJv7Qi9RweuawlI.g7w.eL_Oqw8RBHYPCmw; path=/; expires=Mon, 30-Mar-26 00:48:08 GMT; domain=.betcoapps.com; HttpOnly; Secure; SameSite=None\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2615,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"57bcadb4fc8dd230f6f3adc9cfa648b7","sha1":"321770a05730c5f865b429f3fcc694ffc9fa5ec5","sha256":"1772e571c74fcc1ca93188d5e69f84c965c726a181a7b3d561755c315ef595b4","sha512":"cb9b859208257963cc58c460d277aae9b69d53bb7bfccc6a50c8d87c4bcc9500776b35e7f5268869b4ade92c59c96b39bb491046cd4ea1fab24db640d2e02027","ssdeep":"","tlshash":"f1518b13702d9d6a5b507b40b8c7394ac8ee2447dc0a5670ec494f8d82fa63ac6d33e7","first_seen":"2026-02-24T14:18:16.975259Z","last_seen":"2026-04-23T13:40:26.06858Z","times_seen":42,"resource_available":false,"data":null}},"time_used":54,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":54,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/__proxy-cms-api/api/public/v1/tur/partners/751/components/6714/contents?use_webp=1\u0026platform=0\u0026country=TR","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.652Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /__proxy-cms-api/api/public/v1/tur/partners/751/components/6714/contents?use_webp=1\u0026platform=0\u0026country=TR HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/tr/\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 582\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS\r\naccess-control-allow-headers: X-Requested-With,Content-Type,Origin,Accept,Accept-Encoding,Accept-Response\r\ncf-ray: 9e42ef73ae3ff5e3-AMS\r\ncontent-encoding: br\r\ncache-control: max-age=600\r\nvary: Accept-Encoding\r\ncf-cache-status: DYNAMIC\r\nset-cookie: __cf_bm=SARGuWM82hRaOelnDmcWRuNzR8jX.cw3vA0El8Q2ImU-1774829888-1.0.1.1-yikcVkaxXGyb.vOaK6LcjSXwl3WrkUTsxHGMqPZL.SGQMtWlLqiLkiRI.FbMjjpsWINPryvXDYPoGlGZREd7h8hgRWg2.1cyFa4dRl4Htvo; path=/; expires=Mon, 30-Mar-26 00:48:08 GMT; domain=.betcoapps.com; HttpOnly; Secure; SameSite=None\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":2222,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"ce3902f4bd7f8f07ef19311509e56859","sha1":"4f8dac69410d4feb2f28963976a11de31833bd47","sha256":"e95f8590f1b24eb82a9bcd46e69bae80f375da5a9d273d5111fb19ec40fce0ff","sha512":"ec76ed398930c6fdeee5bf27adfa17c668ef4d344e8ceb01367f6f2251bc83502c04f7cc4d2cac53b3ffe176e1c0b850a266fc233aff454e7c5ec42b1480d1a7","ssdeep":"","tlshash":"c7415933b02c98a65b443b40b4c7394a94dd54c7dc0b8570dc899f8d86eb6298ad32d7","first_seen":"2026-02-24T14:23:51.361484Z","last_seen":"2026-05-14T23:49:57.392496Z","times_seen":49,"resource_available":false,"data":null}},"time_used":54,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":54,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"crm-lib.fasttrack-solutions.com/lib/js/fasttrack-crm-chunk-vendors.js?v=caaa61a","fqdn":"crm-lib.fasttrack-solutions.com","domain":"fasttrack-solutions.com","tld":"com"},"ip":{"addr":"104.26.5.72","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.776Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fasttrack-solutions.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 25 Mar 2026 06:34:08 GMT","end":"Tue, 23 Jun 2026 07:34:07 GMT"},"fingerprint":{"sha1":"6A:FF:CB:88:7D:2C:21:DB:DF:9C:CE:23:37:4F:33:97:B2:66:83:F9","sha256":"D6:89:30:57:7F:09:DC:DF:2F:F6:56:BD:C5:FA:DD:99:4A:6D:A6:D6:C0:95:94:F2:71:EA:ED:8B:67:DB:6D:46"}}},"request":{"raw":"GET /lib/js/fasttrack-crm-chunk-vendors.js?v=caaa61a HTTP/1.1\r\nHost: crm-lib.fasttrack-solutions.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://gallabet1066.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 30 Mar 2026 00:18:09 GMT\r\ncontent-type: text/javascript\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET\r\naccess-control-expose-headers: ETag\r\naccess-control-max-age: 3000\r\nlast-modified: Wed, 11 Feb 2026 13:55:46 GMT\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: BjgPl3QA5IK1JuZYhXx185roQriMTjA2\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ScTXZdTFuYJ8WncE%2BXiHYq8cj%2Fy8eHuKVa4p%2BAINiN%2F4e8ZvDu%2BNWttIQ0jbEqsPYai%2FfaLItvOmLVcVQcErScEy2nojBwHl2%2FPUQO0Yf62T3jZLbf8VVlfjycONvJffvsF2yaRymEoc8kMMxTp5rtU%3D\"}]}\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 b0a74a1c8b6a1560cd851a637b999ff4.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: he79N-hUzgMxtfjb9iCj_QQrapEHz1219rakOC3K98bjxnRk99VZoQ==\r\nage: 82\r\ncache-control: max-age=31536000\r\ncf-cache-status: HIT\r\netag: W/\"a2363889186e23777b4b704661794f3d\"\r\ncontent-encoding: br\r\ncf-ray: 9e42ef76cc15b505-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":1831195,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (36723)","md5":"e8b7fb0d95dbaa98cd2853df6f5a60bb","sha1":"941333f507be5bd72df00aef32af41f3c4960f18","sha256":"b41a47a8b34560417980567f5a31e8dd9f0a4d721747fd2a386201494e967ef0","sha512":"2398450ec1ae216efcf3e48ca65f2e883840d763e360d1261aa95c6299117dca87e90ea14f607062f950f2959e3c6ce4b98407dec204003351783438431b7fff","ssdeep":"12288:xF7gB5EvtEvEEvtEvud6Bg1qgn+wGycL18/aIpWzP+/kQH26difsGiP8xqIpCFaS:xGBzd6BgJn+wYzjfsGiP8AI3I5Z7yw","tlshash":"7a357388295ef3500957e0ebe03b2d08e12ec635f84ba4419f7197b35ab6357e3ade11","first_seen":"2025-10-21T05:37:22.174465Z","last_seen":"2026-04-07T10:05:04.590541Z","times_seen":23,"resource_available":false,"data":null}},"time_used":691,"timings":{"blocked":311,"dns":19,"connect":23,"send":0,"wait":62,"receive":0,"ssl":265},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dataspot-bucket.gallabet1066.com/configs/d212f7f1f16e55d50593214ba05a0f99.js","fqdn":"dataspot-bucket.gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.828Z","timestamp":0,"http_version":"","security_state":"broken","security_info":null,"request":{"raw":"GET /configs/d212f7f1f16e55d50593214ba05a0f99.js HTTP/1.1\r\nHost: dataspot-bucket.gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nCookie: twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T19:34:27.179619Z","times_seen":16247994,"resource_available":true,"data":null}},"time_used":334,"timings":{"blocked":334,"dns":0,"connect":21,"send":0,"wait":0,"receive":0,"ssl":33},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"dataspot-bucket.gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"dataspot-bucket.gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"dataspot-bucket.gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1063.com/storage/medias/galabet10/content_751_255218c8ce749fe8c9dfbc0b8e8ed1ce.webp","fqdn":"icons.galabet1063.com","domain":"galabet1063.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.981Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1063.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:15:23 GMT","end":"Sun, 24 May 2026 11:15:19 GMT"},"fingerprint":{"sha1":"C4:6E:C1:0C:2A:88:F4:C7:0A:FC:21:E6:85:92:C0:68:80:2C:FB:17","sha256":"91:A1:28:71:34:B4:38:04:7E:56:1B:F2:5E:81:57:F5:65:0C:43:12:65:B7:83:86:E2:32:BC:61:62:00:6E:8C"}}},"request":{"raw":"GET /storage/medias/galabet10/content_751_255218c8ce749fe8c9dfbc0b8e8ed1ce.webp HTTP/1.1\r\nHost: icons.galabet1063.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 30 Mar 2026 00:18:09 GMT\r\ncontent-type: image/webp\r\ncontent-length: 18246\r\nserver: cloudflare\r\nlast-modified: Tue, 01 Oct 2024 12:46:00 GMT\r\npriority: u=4,i=?0\r\netag: \"66fbef08-4746\"\r\nexpires: Mon, 06 Apr 2026 00:16:47 GMT\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\naccept-ranges: bytes\r\nage: 81\r\ncf-cache-status: HIT\r\nset-cookie: __cf_bm=_W.hkdC2qa7ZjbAPQJU9Fv5FrNcfBUMu4GNS_UiKYU8-1774829889.0879154-1.0.1.1-HAiTNReLrRDc22wwk2TKRAJ7jo5kFY8TsBh5HDluQCLyQcHCLSfjq7OLDY76gcYwzZR8HXn9rh1KhTY4IVMBPeJh0DsVYB_nsZxMTLLX3uWfUExe2.N7o.WgCt5I71Ul; HttpOnly; Secure; Path=/; Domain=galabet1063.com; Expires=Mon, 30 Mar 2026 00:48:09 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EIiWGJgeigi5nmBenv4AWX1RpmkQ8QOadqIJqXPD9ZUXNNDcshLLLJ0YMS%2B93Ie%2BG7il59FjBN%2BFf9A5pkRKfh0bP5zvRTohtFTNrUte%2By%2BYTnR3%2FEoXeTevpFGB8YlXkZ8AtHl1mJ8%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e42ef76ca465687-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":18246,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"64a87f03ae635843aa9ddf8b795ef059","sha1":"820acaed7c185030663567efd9b9b0d820c10b2e","sha256":"eb987fab4dbb8a68ec1dac3374ab8d34c1d24e192526bfa17f415a67957094e3","sha512":"881a3d458f5189ed68310367aa0b7c4e4e51df4bb58d942b9f7c3e06a66010f735b9b0161f80028adb1c92cfc2e3df3b4760e69b0df6d84850877c60c7307373","ssdeep":"384:MTMTJfN/dyUK351WMwsPAv4eN/lz2T6zfdhXeVZA4BWDYWTsVfAEsTTQ:9Tj/NTFAeN/RG6zlIVZAkWDYWwVzgU","tlshash":"c682d037039a424351b7142fccaa7d52a4d0097b8a2be67a0d5903a54a3f7398bdf67c","first_seen":"2025-12-24T22:39:16.361229Z","last_seen":"2026-06-06T23:43:56.114134Z","times_seen":55,"resource_available":false,"data":null}},"time_used":178,"timings":{"blocked":104,"dns":0,"connect":0,"send":0,"wait":29,"receive":45,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/logo.png?v=1773142319","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:07.300Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /logo.png?v=1773142319 HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:07 GMT\r\ncontent-type: image/png\r\ncontent-length: 7738\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"1e3a-oAktx4C5wV8jQh3t9nBGIljkv+o\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":7738,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 360 x 120, 8-bit/color RGBA, non-interlaced","md5":"60c432b2e1f44042e6831b308a2fcd28","sha1":"a0092dc780b9c15f23421dedf670462258e4bfea","sha256":"45f7ccf0315aa2e44a658598ba76a0993ffdb4ea7dbfbb569ddba207929a7461","sha512":"f4a8c1c80e4cb91a70a4801ca5e7efcc5e4cc742f4939f805cb65969d34a896b1bf2f82c5f2bc2869b8e6be0439157f84b1365dfc3c76584ff2cd983e97d5eba","ssdeep":"192:yLexi5CqFsyyyjU7Bmu3n/0Hw+mvTZHOpoNI2kAZKqn:yyUVmoCVFvTBhIGZKqn","tlshash":"69f19fa70753e811ad00922f841e0285bfc412e5f36bafce13b3df19862515475a96e1","first_seen":"2026-03-21T17:26:39.532964Z","last_seen":"2026-06-03T04:20:31.943261Z","times_seen":48,"resource_available":false,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1063.com/svg/Popular.json","fqdn":"icons.galabet1063.com","domain":"galabet1063.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:07.347Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1063.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:15:23 GMT","end":"Sun, 24 May 2026 11:15:19 GMT"},"fingerprint":{"sha1":"C4:6E:C1:0C:2A:88:F4:C7:0A:FC:21:E6:85:92:C0:68:80:2C:FB:17","sha256":"91:A1:28:71:34:B4:38:04:7E:56:1B:F2:5E:81:57:F5:65:0C:43:12:65:B7:83:86:E2:32:BC:61:62:00:6E:8C"}}},"request":{"raw":"GET /svg/Popular.json HTTP/1.1\r\nHost: icons.galabet1063.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://gallabet1066.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 30 Mar 2026 00:18:07 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nlast-modified: Mon, 30 Jun 2025 11:12:59 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=.DLtYp79E4cGZW6e1V34lvBqJiR9bchbYln3X.tHqyg-1774829887.3744168-1.0.1.1-ya37rgqL4gP7fYCoZvKkoNB3Xc7CQxxKULsURa0weibdRj4tlZF3SCjZkAZbOjUnO5ORFZsLhzKoyOyX3hDrDULR6HnSNa9N3FrwMvTxKCpLZPIcuKYTrdYL7obpal2.; HttpOnly; Secure; Path=/; Domain=galabet1063.com; Expires=Mon, 30 Mar 2026 00:48:07 GMT\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2Lqc1%2FAbSuog60p3xHgZVYp4zGJ4JSLzuASvX0JknETljVaINVwLO1QTFeFkLiHKr9D912GSPnye4nSZQunVhgIkpOqfYADS%2BtiPSNFTXg5D4U%2BM8MncvJVizlwen59%2BeT85g6Vnab4%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\netag: W/\"6862713b-6b3\"\r\ncontent-encoding: br\r\ncf-ray: 9e42ef6c1b57b509-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":1715,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"c5f467071e8144988f2ffda2539a7fc1","sha1":"8a2e6953f7f16e38d2c4fa1273ddc217cd623d5f","sha256":"c8979e47d3d8b0c74956b41914c9b7628b362e6013d9f040fce1ea2219e64857","sha512":"1e58d1f9a594b6d9b0e3968c137216904a37abef225ebf00b88d6764df8c8ff0226f5f6307a23e48944071bdc36ed786297968db893be66cf7ddca778015e6c3","ssdeep":"","tlshash":"463110e8da56ebf43c54a30ef7386cf13157085b78d38224052f1e8a23dd519afa8862","first_seen":"2025-10-26T18:38:27.855792Z","last_seen":"2026-05-14T23:49:57.482171Z","times_seen":63,"resource_available":false,"data":null}},"time_used":109,"timings":{"blocked":26,"dns":0,"connect":0,"send":0,"wait":83,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1063.com/storage/medias/galabet10/content_751_e2992c962b629258e32496488e343bb8.webp","fqdn":"icons.galabet1063.com","domain":"galabet1063.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.981Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1063.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:15:23 GMT","end":"Sun, 24 May 2026 11:15:19 GMT"},"fingerprint":{"sha1":"C4:6E:C1:0C:2A:88:F4:C7:0A:FC:21:E6:85:92:C0:68:80:2C:FB:17","sha256":"91:A1:28:71:34:B4:38:04:7E:56:1B:F2:5E:81:57:F5:65:0C:43:12:65:B7:83:86:E2:32:BC:61:62:00:6E:8C"}}},"request":{"raw":"GET /storage/medias/galabet10/content_751_e2992c962b629258e32496488e343bb8.webp HTTP/1.1\r\nHost: icons.galabet1063.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 30 Mar 2026 00:18:09 GMT\r\ncontent-type: image/webp\r\ncontent-length: 18922\r\nserver: cloudflare\r\nlast-modified: Sat, 31 May 2025 11:53:11 GMT\r\npriority: u=4,i=?0\r\netag: \"683aeda7-49ea\"\r\nexpires: Mon, 06 Apr 2026 00:16:47 GMT\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\naccept-ranges: bytes\r\nage: 81\r\ncf-cache-status: HIT\r\nset-cookie: __cf_bm=i5Wt0HzAV24YYx4EK5NDkKyyXqnBIvUxQ8h34PaUd8Y-1774829889.0883427-1.0.1.1-CXWOO6CyBQnVM8paIxiCDR.g55BRQX56xRVp0hvnrS.GfwSulPjTgMWNX.XsZosIoQeqThNwb0OKau1SCx9rbyNhV.AXRTB.9I0hTPM33fiQx4Pow47kS_U7dJGo5b5o; HttpOnly; Secure; Path=/; Domain=galabet1063.com; Expires=Mon, 30 Mar 2026 00:48:09 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4UyZ3zLp3Oj4sjg8pLASaO8Oo5Sc9R9GgnjnANQYylGJRuGrgLJLMC1giwtih3yvor52kD5z43jdFMybet9fEgLWBYxteLvW2sx%2BMJPDVRyACojCmfgzwNam1Vwfwf9eT4qOIMS2y%2FY%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e42ef76ca475687-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":18922,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"903c69c562a0cbbf1c19ffb312754ab9","sha1":"6b4ec5970d79a6e68c3452ed6216390060838a25","sha256":"0e4d56e0eeeba1be555347bc03ed2125cb792ae75f2ce14668b360230c341f18","sha512":"5b6ebcac994b2e1c2544a910a711bfc046d701704b371d62732b1754bafa403e5486b91eaafdae875d752b7e3122fc33e7f22a463e581b4090d2779f80ce34b8","ssdeep":"384:8Iy4zvEFK9vUhGAB466Z1W042wifdTAyYQiai1i23xB:fzvEw98Q44R1WmwifdETQiXDBB","tlshash":"2782d0a6787d1671ef46e14583b883de87210a0d9b91878d1f18a420dd3d72ecab51be","first_seen":"2025-12-24T22:39:16.347068Z","last_seen":"2026-06-06T23:43:56.135269Z","times_seen":54,"resource_available":false,"data":null}},"time_used":158,"timings":{"blocked":103,"dns":0,"connect":0,"send":0,"wait":54,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/destination?id=G-2CT6DSEQTF\u0026cx=c\u0026gtm=4e63p1","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.251.143.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:11.200Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 09 Mar 2026 08:36:15 GMT","end":"Mon, 01 Jun 2026 08:36:14 GMT"},"fingerprint":{"sha1":"58:CB:88:A1:C4:55:4E:E5:46:DC:A0:9C:B3:54:25:79:20:1E:E8:09","sha256":"0B:B5:96:A2:57:57:EC:BA:63:14:8A:AF:4C:C2:32:63:18:8B:75:80:8F:78:1D:1F:5B:00:B7:B3:7E:C9:B7:18"}}},"request":{"raw":"GET /gtag/destination?id=G-2CT6DSEQTF\u0026cx=c\u0026gtm=4e63p1 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Mon, 30 Mar 2026 00:18:11 GMT\r\nexpires: Mon, 30 Mar 2026 00:18:11 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\ncontent-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgsrsghrgc:72:0\r\ncross-origin-opener-policy-report-only: same-origin; report-to=ascgsrsghrgc:72:0\r\nreport-to: {\"group\":\"ascgsrsghrgc:72:0\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgsrsghrgc:72:0\"}],}\r\nserver: Google Tag Manager\r\ncontent-length: 154380\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":464727,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (6031)","md5":"3ee5c4888e06770b25ca0aceae0c1060","sha1":"85fd0aaaab5bd312bb029f58f75f2f2434d0d419","sha256":"0621b935ed503f3ba72241d05e8470bcb1ad3df542dcb27c3eafe50a9c7c0fd8","sha512":"637a0df2c1df964966673aee8e3a648265d94d2d3bf04c9b5ccb7fa803b76462420abdd42ce3d42878effc7704d475dbc0691dbfe4403cae987742837c74ea43","ssdeep":"6144:drORjaFCE9VJlQGXHIzs8WVP1W+rwkQdqQtYTc0HdZgQ0:DCEfJlbIY8CmOp0","tlshash":"f0a40aceb3d674625296e478903f01cba57b29e2b44cc8a5f189cce02e7465a4277f7c","first_seen":"2026-03-30T00:17:55.401543Z","last_seen":"2026-03-30T00:19:06.824022Z","times_seen":2,"resource_available":true,"data":null}},"time_used":52,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":30,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gstatic.com/recaptcha/releases/79clEdOi5xQbrrpL2L8kGmK3/recaptcha__en.js","fqdn":"www.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.67","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.recaptcha.net/recaptcha/api2/webworker.js?hl=en\u0026v=79clEdOi5xQbrrpL2L8kGmK3","date":"2026-03-30T00:18:15.221Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 09 Mar 2026 08:37:46 GMT","end":"Mon, 01 Jun 2026 08:37:45 GMT"},"fingerprint":{"sha1":"CE:A8:F5:0E:2D:25:9E:74:0C:47:4D:6C:AD:DF:7B:FC:CE:E6:41:7D","sha256":"E1:06:81:F7:22:E3:29:2F:2A:B9:4C:3F:37:46:25:24:5B:C8:B5:7F:9C:3E:54:A2:D2:DD:E0:54:C0:09:12:C1"}}},"request":{"raw":"GET /recaptcha/releases/79clEdOi5xQbrrpL2L8kGmK3/recaptcha__en.js HTTP/1.1\r\nHost: www.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.recaptcha.net/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha-scs\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"recaptcha-scs\"\r\nreport-to: {\"group\":\"recaptcha-scs\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/recaptcha-scs\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 370674\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 25 Mar 2026 00:32:39 GMT\r\nexpires: Thu, 25 Mar 2027 00:32:39 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Mon, 23 Mar 2026 04:01:54 GMT\r\ncontent-type: text/javascript\r\nvary: Accept-Encoding\r\nage: 431136\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":870412,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (703)","md5":"b55b90c630ad899c694dc42582979708","sha1":"f08949879387eb8dd6553c8b0c548c701b5f0db9","sha256":"eb297967f5005eb95dfb369ff9f780a436a67144be372260b6f86f6fe37b917f","sha512":"eb9945688c1c7a4847df769bd9072f9f3be532c697c1b11185b48345162ab6a22c7ac2b8a251c9835e81ad8a8b155d67f0885a1986908cd69b3f9370f5a030d3","ssdeep":"12288:Epo+RhFDORIh355fBjbFOsAi6dhTOLtl5dlV3EZm9eyVbI:UhFDsIZ55fBjbFwZItXB3EZAhbI","tlshash":"ea053bd879127be16372b4f510673009736da826d88c086df6a5d8f02eb194d70f6ebb","first_seen":"2026-03-26T03:15:38.916554Z","last_seen":"2026-06-05T22:00:02.856876Z","times_seen":11772,"resource_available":true,"data":null}},"time_used":55,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":29,"receive":26,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1063.com/storage/medias/galabet10/content_751_1eaaa91d4b1121424b89f7be8932dcbc.webp","fqdn":"icons.galabet1063.com","domain":"galabet1063.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:24.351Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1063.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:15:23 GMT","end":"Sun, 24 May 2026 11:15:19 GMT"},"fingerprint":{"sha1":"C4:6E:C1:0C:2A:88:F4:C7:0A:FC:21:E6:85:92:C0:68:80:2C:FB:17","sha256":"91:A1:28:71:34:B4:38:04:7E:56:1B:F2:5E:81:57:F5:65:0C:43:12:65:B7:83:86:E2:32:BC:61:62:00:6E:8C"}}},"request":{"raw":"GET /storage/medias/galabet10/content_751_1eaaa91d4b1121424b89f7be8932dcbc.webp HTTP/1.1\r\nHost: icons.galabet1063.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 30 Mar 2026 00:18:24 GMT\r\ncontent-type: image/webp\r\ncontent-length: 127328\r\nserver: cloudflare\r\nlast-modified: Sun, 08 Mar 2026 12:51:53 GMT\r\npriority: u=4,i=?0\r\netag: \"69ad70e9-1f160\"\r\nexpires: Mon, 06 Apr 2026 00:17:02 GMT\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\naccept-ranges: bytes\r\nage: 82\r\ncf-cache-status: HIT\r\nset-cookie: __cf_bm=5UAtPHuKiwmp_DzYaWBlRif1ZdIEPsIUhLotiuOgItI-1774829904.3520103-1.0.1.1-LSs5mN0jcX4z7hHN6WdoVy60TLOHTipWWo3sneZRvVeaE.ahask7Yci96vT9MFNyArJ54N058Kph7P58qEec1xsqkChvns5ByCD35ZlNM0Vk1VZeBZRM28Nm5k4L2pX5; HttpOnly; Secure; Path=/; Domain=galabet1063.com; Expires=Mon, 30 Mar 2026 00:48:24 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BAXFQ7kNNfJ9Ut8PiRZDZMwSpj2uytjeKpie6Mcct7ZLXwq0Tw%2BRpfzY7U4w2wh11uYqwH9CNAq3lL79EKMDzN21KxIRulQlJH3yZbPEp8uCsCKIyMbYgmOiK6ztb2f5IOZ0QTIzk44%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e42efd63ebe5687-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":127328,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 2600x662, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"0589c7bde85146d0b79920d7a0e7d435","sha1":"550b6622aff4566e9dd71c8839356fb264cf1c97","sha256":"1a1e29bb5b793cdfadb00d5df9bd8921f0083673845ddf8a37f063e469d2fae5","sha512":"4207e4392e8ff19fdbb77e596c2b150868cfb6773d9cf10992467d53c1d826432119ccbc32a7188508bc276294100dd081b8aa28e02271b66d6523c09fdabf37","ssdeep":"3072:Qe4b/vkQfIh2FWyn037Na8/FqVOtxbNEPk1rPlWHJf:QFbtQhQWZLNFHLNEPk9gHJf","tlshash":"05c312413c420fd3fbf206447369aaee83b98d2ca6357149f61e0d47e59d15cbabb182","first_seen":"2026-03-11T15:08:03.03074Z","last_seen":"2026-03-30T00:19:06.824584Z","times_seen":4,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":11,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69967ba6a3b/css/branding-widget.css","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"172.66.161.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:07.009Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 06 Mar 2026 09:33:33 GMT","end":"Thu, 04 Jun 2026 10:33:27 GMT"},"fingerprint":{"sha1":"F0:6C:DC:32:63:CD:34:E3:15:CD:7F:77:F5:A3:64:E0:9B:36:95:83","sha256":"B6:7F:6E:A3:69:3E:0D:3B:04:3E:8B:65:86:7E:1D:5F:82:84:18:16:8D:AD:72:D5:51:E3:46:BC:BD:CD:BC:38"}}},"request":{"raw":"GET /_s/v4/app/69967ba6a3b/css/branding-widget.css HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 30 Mar 2026 00:18:07 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 19 Feb 2026 02:56:34 GMT\r\netag: W/\"fe979c92a5ad992510e5629b84a23526\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\nage: 401522\r\nvary: accept-encoding\r\ncf-cache-status: HIT\r\npriority: u=2,i=?0\r\nx-content-type-options: nosniff\r\ncf-ray: 9e42ef69c8168be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":19329,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (19281)","md5":"fe979c92a5ad992510e5629b84a23526","sha1":"4fee6cd9de53fa82feef4042aa83202f4cd194a5","sha256":"de84306c96c98314e1a796f26df99a70f20590c535a678215d89560007b4dacf","sha512":"633913cef35247da29e85dde7c279353761606e6c508690d4d5924aa89f563354e44c51b053f785800fd3b599feb8fd2d69a2fe55162b4ccab95c84f8ed8739d","ssdeep":"192:XeI2u2acuBLZNgxYe4fbfYLFFDw25lYVRgtUramxi71NZcFRKV7:uTTacuVZNgxYe4fbgL3w23U3xi7vD1","tlshash":"af92dca3b9e310dcd557c632c0d1f67ca82f9a24c357c6e3a9037bb986827d7264198c","first_seen":"2025-05-21T12:18:34.239407Z","last_seen":"2026-06-08T19:38:41.250072Z","times_seen":34681,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1063.com/svg/Promotion2.json","fqdn":"icons.galabet1063.com","domain":"galabet1063.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:07.320Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1063.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:15:23 GMT","end":"Sun, 24 May 2026 11:15:19 GMT"},"fingerprint":{"sha1":"C4:6E:C1:0C:2A:88:F4:C7:0A:FC:21:E6:85:92:C0:68:80:2C:FB:17","sha256":"91:A1:28:71:34:B4:38:04:7E:56:1B:F2:5E:81:57:F5:65:0C:43:12:65:B7:83:86:E2:32:BC:61:62:00:6E:8C"}}},"request":{"raw":"GET /svg/Promotion2.json HTTP/1.1\r\nHost: icons.galabet1063.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://gallabet1066.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 30 Mar 2026 00:18:07 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nlast-modified: Mon, 30 Jun 2025 11:14:12 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=wc01fDkVXgw86hVesuNdIcjqWqd8_wpS1FLDHU_Q9sI-1774829887.3736532-1.0.1.1-AGvq1b_3rPW.nuet7_YRq_oM.wbcMEKlTqQaWUaMNutzdu5R37PuBUUocq4_YSLIfVaSNautB4JlH_MHMpA8w_uJVNd.wTGLXX4oQc5fx9LqQsKA_dvrK2RMnmxvtJox; HttpOnly; Secure; Path=/; Domain=galabet1063.com; Expires=Mon, 30 Mar 2026 00:48:07 GMT\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=tkOhCMtL46mjXSVfnYJo0IaCg%2FgdXa3Ria1JI8kSup5oFtmDpkiL%2FmJm1E%2B3ztl6ty563dFhePZ7vbkNvqF1mPE0vjHG3bwEFPwMh3DYw04JNxJNMWr%2BxMuK%2BYOmId2dwwzqVAtGEqU%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\netag: W/\"68627184-382\"\r\ncontent-encoding: br\r\ncf-ray: 9e42ef6c1b55b509-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":898,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"31cbecb2c7e793078b4a8e43100c2e33","sha1":"e073b0e09fcd4244f6c86b8f22206a46c4af9f3c","sha256":"a7ec0feda0f0f44aecb09628876438cf31a3d33de7393d25fc1b39d6251bf104","sha512":"6762313ddd6985ca71ea5e90b3a05664d0d1a3cebfafa6da07ebff76f62a3c9634d17ac226a4fabdc606ddc5c7c7adbb4628f3e0c8a30d5e5f96e574266d2242","ssdeep":"","tlshash":"7a11cce88739e7b438cd1f4f9a3d4dcf3614261a683de034e73eb9c4a61391c652119a","first_seen":"2025-07-08T23:44:04.701479Z","last_seen":"2026-06-04T03:51:32.489182Z","times_seen":177,"resource_available":false,"data":null}},"time_used":198,"timings":{"blocked":53,"dns":0,"connect":1,"send":0,"wait":82,"receive":0,"ssl":55},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/CasinoPromotedGamesWidget.C4EXhwOE.css","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.085Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/CasinoPromotedGamesWidget.C4EXhwOE.css HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/tr/\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"afd-CkeK2gVfA+RXSJTY/WuG7TDVMk0\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2813,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2812)","md5":"09fc6c8eb905c21c7a4d044090184cd9","sha1":"0a478ada055f03e4574894d8fd6b86ed30d5324d","sha256":"d1f596a53ce4b0c43d20611ff931c0858b5d6c4c987b2b546269e639543dc878","sha512":"6811084eefb8629224c5ae7d6806c7f2b220d131a02f0c1a0c44067d684da4c1676d4aaccf513bcca338af6608ba085696056a3b70ebd6274ca6992035c3772d","ssdeep":"","tlshash":"6451250f445b273af1134e60a2bd5ed66acb491bca3b4b7cacd86157c3096c2607397a","first_seen":"2025-12-25T01:12:57.08487Z","last_seen":"2026-05-26T00:51:05.438146Z","times_seen":291,"resource_available":false,"data":null}},"time_used":44,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":44,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/AiPromotedGamesWidget-Cb_R6mvW.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.099Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/AiPromotedGamesWidget-Cb_R6mvW.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gallabet1066.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"803-AVKH1EaY7vjmwZc8RzY1ziJbRJI\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":2051,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (2050)","md5":"35044149492f3c3abdc71d6907e863c7","sha1":"015287d44698eef8e6c1973c473635ce225b4492","sha256":"4e8f0db79c7336cafddaefda0cd64290e9aa4fb7b7ac2c430ecbd857b8d01965","sha512":"f37f242eadbb8f64af1f8123243a99234d4155fdc20530f945700bb310fd993f702c80dc739d1c5f0b6d7739c0a16df5599fe2cab89a65bd4b69f77551e2b4b5","ssdeep":"","tlshash":"9b41632b700dca7cf3ac06a49294f34165113b7dd755a0e8baee1901732809d63bdf80","first_seen":"2026-03-28T16:05:39.538557Z","last_seen":"2026-03-30T02:15:03.205962Z","times_seen":8,"resource_available":true,"data":null}},"time_used":43,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":43,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/PromotedProductsWidget-ZLuvwdOu.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.101Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/PromotedProductsWidget-ZLuvwdOu.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/assets/index-B4qfN096.js\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"84d-DcD6VTTcMtgal7JsGgQPgQ/JV0g\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2125,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text, with very long lines (2124)","md5":"2f3434ede25de2187b46f0f1315f2451","sha1":"0dc0fa5534dc32d81a97b26c1a040f810fc95748","sha256":"e4d84411e81c6fe569f5649ce9a0c60e62f314f382054a2680c206eea2a616fe","sha512":"35d16f7c6f9a36eae2a7eec4dbe7bec5f38865df0e16d184e480cf91e6555f5a2758b349471389bc769eaf68a8504fddb838fd7f370926dcacf5b5dafdf581d4","ssdeep":"","tlshash":"164164c2d834b3b9f63e1cec224510893c267d18c96549a560b77d26a13d812bb57ffc","first_seen":"2026-03-28T16:05:39.582941Z","last_seen":"2026-03-30T02:15:03.208861Z","times_seen":8,"resource_available":true,"data":null}},"time_used":43,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":43,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/userJWE-CvawXlgF.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.130Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/userJWE-CvawXlgF.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/assets/FastTrackTracking-sSvnyG2s.js\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"c1-rbQRPC/rvvmzqaqXML1fxZbueQg\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":193,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Java source, ASCII text","md5":"7a4eecb04a9e0fc7776ee56f4a05d7cc","sha1":"adb4113c2febbef9b3a9aa9730bd5fc596ee7908","sha256":"cd3736d732f8431de955d36348ab83aa520e212b54b62c7feb1471a9cb00e95d","sha512":"1555ae9fe9e71a92ead50dcdeabacc62d763744cddae2b2260db151c6c16ca8d1f5b1c3133be8c9ca72c784b22f67b4d03c2e42f4ab52e1423a1f797fdcd2a1f","ssdeep":"","tlshash":"3ec0c0db0cc411f7c5582c40100adc1392303d1463d9d341af1883fa7e5100ff20cb20","first_seen":"2026-03-28T16:05:39.46777Z","last_seen":"2026-03-30T02:15:03.141885Z","times_seen":8,"resource_available":true,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"my.rtmark.net/img.gif?f=sync\u0026partner=139a886e39fc38c92e86d82c241e5af2bdde29b6844bc7ddeb0c099f62648e4a\u0026ttl=\u0026rurl=https%3A%2F%2Fgallabet1066.com%2Ftr%2F","fqdn":"my.rtmark.net","domain":"rtmark.net","tld":"net"},"ip":{"addr":"104.18.41.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:11.834Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"my.rtmark.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 21 Feb 2026 19:28:29 GMT","end":"Fri, 22 May 2026 20:28:25 GMT"},"fingerprint":{"sha1":"36:C6:D1:CA:01:47:A4:1B:73:8E:62:DB:CB:24:79:4D:06:01:3B:B5","sha256":"11:41:34:A5:A1:10:2F:10:C6:7F:8A:F2:77:75:66:AA:39:99:F9:E7:00:8D:1E:EE:4E:30:42:B7:A3:82:28:31"}}},"request":{"raw":"GET /img.gif?f=sync\u0026partner=139a886e39fc38c92e86d82c241e5af2bdde29b6844bc7ddeb0c099f62648e4a\u0026ttl=\u0026rurl=https%3A%2F%2Fgallabet1066.com%2Ftr%2F HTTP/1.1\r\nHost: my.rtmark.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 30 Mar 2026 00:18:11 GMT\r\ncontent-type: image/gif\r\ncontent-length: 43\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token\r\naccess-control-expose-headers: Authorization\r\naccess-control-allow-credentials: true\r\nset-cookie: ID=08830964e9024907ff42579b331f2990; expires=Tue, 30 Mar 2027 00:18:11 GMT; secure; SameSite=None\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ntiming-allow-origin: *\r\ncf-cache-status: DYNAMIC\r\ncf-ray: 9e42ef87fd750883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"b4491705564909da7f9eaf749dbbfbb1","sha1":"279315d507855c6a4351e1e2c2f39dd9cd2fccd8","sha256":"4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49","sha512":"b8d82d64ec656c63570b82215564929adad167e61643fd72283b94f3e448ef8ab0ad42202f3537a0da89960bbdc69498608fc6ec89502c6c338b6226c8bf5e14","ssdeep":"","tlshash":"c5900403d140d041c351c0300d0cc740174471304514030f70fc175dfc353510c13000","first_seen":"2023-04-05T09:54:56Z","last_seen":"2026-06-08T19:10:45.094823Z","times_seen":101116,"resource_available":true,"data":null}},"time_used":40,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":40,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69967ba6a3b/js/twk-chunk-vendors.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"172.66.161.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:05.625Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 06 Mar 2026 09:33:33 GMT","end":"Thu, 04 Jun 2026 10:33:27 GMT"},"fingerprint":{"sha1":"F0:6C:DC:32:63:CD:34:E3:15:CD:7F:77:F5:A3:64:E0:9B:36:95:83","sha256":"B6:7F:6E:A3:69:3E:0D:3B:04:3E:8B:65:86:7E:1D:5F:82:84:18:16:8D:AD:72:D5:51:E3:46:BC:BD:CD:BC:38"}}},"request":{"raw":"GET /_s/v4/app/69967ba6a3b/js/twk-chunk-vendors.js HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://gallabet1066.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 30 Mar 2026 00:18:05 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Thu, 19 Feb 2026 02:56:35 GMT\r\netag: W/\"b057293b718ae7060a9acc593ff83f67\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\nage: 82\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nx-content-type-options: nosniff\r\ncf-ray: 9e42ef61297a3181-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":324696,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65465)","md5":"b057293b718ae7060a9acc593ff83f67","sha1":"991ec4ae783d59b4ae91113a0ecb5e6b21d19d45","sha256":"39d3bf235a12d663f4c2564a4d0311e4c902370219bdf1c4b81d2d1698dae888","sha512":"61865e60d018bd21ca9c737aeb975e8f52b0d0fa74128720cd03fb59f7766362efc8d84b06def39558f302b15d1bb39e44dde7cf0a840d62cdcaec6932df4f52","ssdeep":"3072:NTX1gABPVhOj6y1ekyYadM/9LJQMoZmVodXsJ5Ar6VKkOPmx/:FGABPVhO5wdKJCMo4VJ5Ar6kOx/","tlshash":"11644bc8f183b0b606e7a1a5009f5207737a151968ed8498f574dee968e8e5c633bf3c","first_seen":"2026-02-19T03:13:10.628072Z","last_seen":"2026-04-21T03:41:36.073067Z","times_seen":12668,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1063.com/svg/Casino.json","fqdn":"icons.galabet1063.com","domain":"galabet1063.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:07.335Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1063.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:15:23 GMT","end":"Sun, 24 May 2026 11:15:19 GMT"},"fingerprint":{"sha1":"C4:6E:C1:0C:2A:88:F4:C7:0A:FC:21:E6:85:92:C0:68:80:2C:FB:17","sha256":"91:A1:28:71:34:B4:38:04:7E:56:1B:F2:5E:81:57:F5:65:0C:43:12:65:B7:83:86:E2:32:BC:61:62:00:6E:8C"}}},"request":{"raw":"GET /svg/Casino.json HTTP/1.1\r\nHost: icons.galabet1063.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://gallabet1066.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 30 Mar 2026 00:18:07 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nlast-modified: Thu, 03 Jul 2025 10:12:07 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=DUX.tc1fSsEwn_dCh5OCofAFBkulLfciAz9fUm.TTTo-1774829887.390113-1.0.1.1-HcLXG57iRgvd8AXzv.FP.GIID9U7wQyyzYLW61qvbNrYqLWzKa8A5a0iVDocHFBdum4DiaLFVdJZ98mub1o1MktJMJ7Ddy_7FLH5l6hiZaLGt6ZnIoYD8Um37n6kxuq5; HttpOnly; Secure; Path=/; Domain=galabet1063.com; Expires=Mon, 30 Mar 2026 00:48:07 GMT\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=e%2BSzxv01uSSZdIEx6HJWOheCjBlvlPlo5bAdt6xhQxprX4j1XFTt6RgKT7PwlEe2Rcfx35zpe8hBBZZGKrMyjVgeJ8H4xOJCrJ%2FRXm3W2Jx0aDTPpW%2F9jBkCAMoDiVb5bhxVmYS2fN0%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\netag: W/\"68665777-50e\"\r\ncontent-encoding: br\r\ncf-ray: 9e42ef6c2b6bb509-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":1294,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"3df444684921a4a44f2dbdf6aee0972a","sha1":"f0110696848649c2c94de0765f5b22b4617ffe66","sha256":"d4f76e693c5a014a2184795ea113ff8f42a1f7196243728ee128fe81ed5b30c0","sha512":"bc7fb348d4746e017aa074bae5f3b106d6a3db9c1581876ba7db93537b1a4643a8c2695b424ae4d584d03664bfdafe1b3477134f7bc6f5bc142f8a5aa54fd4cd","ssdeep":"","tlshash":"1921dc3d470289f86e455db5e43a0934c69d817ab1c2479cf23eca2277220d8c7ce468","first_seen":"2025-08-22T01:08:50.698252Z","last_seen":"2026-05-24T21:43:33.820208Z","times_seen":93,"resource_available":false,"data":null}},"time_used":205,"timings":{"blocked":55,"dns":1,"connect":1,"send":0,"wait":76,"receive":0,"ssl":56},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/__proxy-cms-api/api/public/v1/tur/casino/partners/751/platforms/0/games?category=28\u0026limit=12","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.104Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /__proxy-cms-api/api/public/v1/tur/casino/partners/751/platforms/0/games?category=28\u0026limit=12 HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/tr/\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 1366\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS\r\naccess-control-allow-headers: X-Requested-With,Content-Type,Origin,Accept,Accept-Encoding,Accept-Response\r\ncf-ray: 9e42ef70cb23f5e3-AMS\r\ncontent-encoding: br\r\ncache-control: max-age=600\r\nvary: Accept-Encoding\r\ncf-cache-status: DYNAMIC\r\nset-cookie: __cf_bm=Xa9bEA5StBfyZT39yCZwey14kimnUmJIgcGTKPwy6o0-1774829888-1.0.1.1-ngT.4D0HXhyfcUmrwc1ByF9pKM82V9r7rHiwS_uAGY63m.gOJvXAC_tXIQS2wa.CK0GzXygF182JocL1NM1OrQpoWwQcqwd.KLYJX3SoOWM; path=/; expires=Mon, 30-Mar-26 00:48:08 GMT; domain=.betcoapps.com; HttpOnly; Secure; SameSite=None\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":6348,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"a79cfa5304401400b6538018d3c4ddba","sha1":"5c600cebefa4840c71561acef68e847e2e1f9ff2","sha256":"8352f3264900cb87516561b31533ea2ad6605e4d3a72e853bbac47bd43b453d2","sha512":"f1105c7c5c1fba7405a9fad304c84149aecdefe9659df29ed512b78879f46d56ae16e8e4e7401bcf73de62d51d3b2bf3f3dd538aa45ee85da5d4824e24247f91","ssdeep":"192:EpS4FvcY4FCOFFCp2X4FCMmMfbnWfORMX44FHFnbn+g1YOYUb4dPLFCsf4FCfL:U1ovloJ2UC5pqo6","tlshash":"5bd1df5a0924faebbb4a0d84b4463c4dd97e13c27bcc7d50cd86994fa0da0e513326eb","first_seen":"2026-03-28T16:05:39.435356Z","last_seen":"2026-03-30T02:15:03.227782Z","times_seen":8,"resource_available":false,"data":null}},"time_used":108,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":108,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/GameSuggestedEventsWidget-DCblnLbG.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.223Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/GameSuggestedEventsWidget-DCblnLbG.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/assets/DataspotTracking-C_baP2Ds.js\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"e8e-hgA524fFAY8rjWx38239jZ7aIFU\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":3726,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (3725)","md5":"af99640f3bfb5eb0aae27e266b2a56df","sha1":"860039db87c5018f2b8d6c77f36dfd8d9eda2055","sha256":"1a4514f20b327bca4a1dc3c97de218ae6aec303716e506012da8422b31ead621","sha512":"ef5405cee32413c6d7d8b3e9a7b77f3c438b9a481fb8608e848770a05dbd1004c4a0d8df59566176120f8dbf95508b6c4f0a89814b0d711b3f3f9f94cbed2089","ssdeep":"","tlshash":"2571d74ae014aa39a13741d82baf311914363278b54353c1b63fca7127e11927b5bbdf","first_seen":"2026-03-28T16:05:39.512335Z","last_seen":"2026-03-30T02:15:03.192503Z","times_seen":8,"resource_available":true,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1063.com/content/images/casino/icon3/2b7d2ec7827b69264f4ad2be960537e6_casinoGameIcon3.webp","fqdn":"icons.galabet1063.com","domain":"galabet1063.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.522Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1063.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:15:23 GMT","end":"Sun, 24 May 2026 11:15:19 GMT"},"fingerprint":{"sha1":"C4:6E:C1:0C:2A:88:F4:C7:0A:FC:21:E6:85:92:C0:68:80:2C:FB:17","sha256":"91:A1:28:71:34:B4:38:04:7E:56:1B:F2:5E:81:57:F5:65:0C:43:12:65:B7:83:86:E2:32:BC:61:62:00:6E:8C"}}},"request":{"raw":"GET /content/images/casino/icon3/2b7d2ec7827b69264f4ad2be960537e6_casinoGameIcon3.webp HTTP/1.1\r\nHost: icons.galabet1063.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: image/webp\r\ncontent-length: 40948\r\nserver: cloudflare\r\nlast-modified: Thu, 05 Feb 2026 12:56:40 GMT\r\npriority: u=4,i=?0\r\netag: \"69849388-9ff4\"\r\nexpires: Mon, 06 Apr 2026 00:18:08 GMT\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nset-cookie: __cf_bm=Uj9XrS9cRsQcW59DjP1AnWWP1JID5f.VY2tPOKJRkXg-1774829888.49643-1.0.1.1-2XUm35hTY5uKYrHWZ55r1DdKtYZAB8k_29XKACkA.3G8gNfQ_r2HTQ9JfDNtx4FcsbJxx3LPyFk7Lv_0sJK.Xv541MXN_rrWrUlyjItPv7LTH6a9Iq1ElKutC0hviu3k; HttpOnly; Secure; Path=/; Domain=galabet1063.com; Expires=Mon, 30 Mar 2026 00:48:08 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jbYiH0ojgh%2BwTkqOkXczfByWITP1AqEV9c4xi7CoRzPGFPLY60rJCSIOSxH9PfN8VwRWkuM8Rn6x6Y3cuzH4Wmx3JSXF2KZS%2FVOBI%2BeoMK9hZHOPVCgAuhdwFYyhUkoWK51iHbhTMF4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e42ef7318ad5687-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":40948,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 440x310, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"bed031ef92cc7a33f5da5668ae5165a4","sha1":"07839d1677f3749ca6bb6694da1d22e15b01d0ce","sha256":"d190b86db434a9da8dd6fb4476bf71af1633fa825c371943c57954198b02fcca","sha512":"b8fd671613862a4e1b2c275e98bf24b28040cbfd9066702dde3b9e9d81d54a6ce6bc32cafa8477802265afbb729c7aa6329e8454a8ac9a355f269e26e5fa0819","ssdeep":"768:j0pbubXV1W6yszkf6YM5Fi25E41XSPulD9pSWoKPuU599Ww743R1hdcr+:jEcXVWswf6Y0i25T1XuIHSWoKmU599WH","tlshash":"e803f1b1c0a2ab54cfd7a285821f7c5d73b267cbec24535625f8b60480a4535f2f7b29","first_seen":"2026-03-21T23:21:16.961086Z","last_seen":"2026-04-29T13:47:02.903422Z","times_seen":9,"resource_available":false,"data":null}},"time_used":116,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":82,"receive":34,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"crm-lib.fasttrack-solutions.com/lib/css/fasttrack-crm-app.css?v=caaa61a","fqdn":"crm-lib.fasttrack-solutions.com","domain":"fasttrack-solutions.com","tld":"com"},"ip":{"addr":"104.26.5.72","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.773Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fasttrack-solutions.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 25 Mar 2026 06:34:08 GMT","end":"Tue, 23 Jun 2026 07:34:07 GMT"},"fingerprint":{"sha1":"6A:FF:CB:88:7D:2C:21:DB:DF:9C:CE:23:37:4F:33:97:B2:66:83:F9","sha256":"D6:89:30:57:7F:09:DC:DF:2F:F6:56:BD:C5:FA:DD:99:4A:6D:A6:D6:C0:95:94:F2:71:EA:ED:8B:67:DB:6D:46"}}},"request":{"raw":"GET /lib/css/fasttrack-crm-app.css?v=caaa61a HTTP/1.1\r\nHost: crm-lib.fasttrack-solutions.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://gallabet1066.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 30 Mar 2026 00:18:09 GMT\r\ncontent-type: text/css\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET\r\naccess-control-expose-headers: ETag\r\naccess-control-max-age: 3000\r\nlast-modified: Wed, 11 Feb 2026 13:55:46 GMT\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: zbjvR4XmwNBIJlxjEvxcm_sn.IUZfztx\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zfHGbEzuJf3FmUo37Oq%2B%2BuTV4k4AYaLpCP%2FN0uA8%2Bo6Xl7LCH7xwVNvDTOtf6B7dXH7uqbOrNbOF0P2t2U4iu%2FKTDOAyVvN3DusZBO7jQjloC7OpvnWiUz%2Fj1aw0kVzDlv%2BErgjCZSSq%2BzwLDxlH128%3D\"}]}\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method\r\nx-cache: RefreshHit from cloudfront\r\nvia: 1.1 652549e0dcae9775148cb207792b2a40.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: arbVPuBpLVYzBwOtI1GR4x-NpYnyySbiQzKJ3JKVdTdndnQ4P0Wcqg==\r\nage: 82\r\ncache-control: max-age=31536000\r\ncf-cache-status: HIT\r\netag: W/\"7906aada543698dba1005a917ffae2a7\"\r\ncontent-encoding: br\r\ncf-ray: 9e42ef76bc11b505-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":27953,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (27953), with no line terminators","md5":"7906aada543698dba1005a917ffae2a7","sha1":"7f00d6655894909587fe280ebf09bf57f66b4100","sha256":"5e2a69854668603fcd556f0b8a3da306e3de6d5ad4dee7a9e9a57ca998269d76","sha512":"262f19709cde3e7abb7bb6d9724437b042fe626636083b80376e35a91d1ea9b39aec82463626711cb60a8c516a1b909d53aac644f056e77929e736fed6d1706b","ssdeep":"384:cFukqharVUf5rKbHWkAB1MG4TmpcHyH3XHZw/XNPalHfI:ckkqharVUf5rKbHWkAB1MG4Tmpc+J6aO","tlshash":"78c2442302c02288ac2b892b73d50599d93ec836651b6dedd7433955c7cb77e3a6b34e","first_seen":"2025-10-24T22:03:16.572036Z","last_seen":"2026-06-06T23:43:56.076642Z","times_seen":141,"resource_available":false,"data":null}},"time_used":654,"timings":{"blocked":307,"dns":20,"connect":23,"send":0,"wait":35,"receive":0,"ssl":256},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.recaptcha.net/recaptcha/api2/anchor?ar=1\u0026k=6LcKXcgUAAAAABnErUWDwYMpRiWUfgDhsWTkyPIJ\u0026co=aHR0cHM6Ly9nYWxsYWJldDEwNjYuY29tOjQ0Mw..\u0026hl=en\u0026v=79clEdOi5xQbrrpL2L8kGmK3\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=30000\u0026cb=d0lzo1o10o6f","fqdn":"www.recaptcha.net","domain":"recaptcha.net","tld":"net"},"ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:14.450Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"misc.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 09 Mar 2026 08:36:54 GMT","end":"Mon, 01 Jun 2026 08:36:53 GMT"},"fingerprint":{"sha1":"5C:63:31:39:A7:BF:00:B2:81:36:9A:4F:63:5D:AC:4E:FF:2B:F2:1E","sha256":"56:0A:B3:57:A9:15:3D:4B:A1:0A:00:8E:9C:83:79:4F:39:31:72:70:02:A3:EF:08:4C:94:7D:30:6F:B3:3E:01"}}},"request":{"raw":"GET /recaptcha/api2/anchor?ar=1\u0026k=6LcKXcgUAAAAABnErUWDwYMpRiWUfgDhsWTkyPIJ\u0026co=aHR0cHM6Ly9nYWxsYWJldDEwNjYuY29tOjQ0Mw..\u0026hl=en\u0026v=79clEdOi5xQbrrpL2L8kGmK3\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=30000\u0026cb=d0lzo1o10o6f HTTP/1.1\r\nHost: www.recaptcha.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/html; charset=utf-8\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-embedder-policy: require-corp\r\nreport-to: {\"group\":\"recaptcha\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/recaptcha\"}]}, {\"group\":\"coop_38fac9d5b82543fc4729580d18ff2d3d\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d\"}]}\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: Mon, 01 Jan 1990 00:00:00 GMT\r\ndate: Mon, 30 Mar 2026 00:18:14 GMT\r\ncontent-security-policy: script-src 'nonce-Ff_WYm-0CeESvoPRUnNTvQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"coop_38fac9d5b82543fc4729580d18ff2d3d\"\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":95551,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (47145)","md5":"ba8005438ade9327452e17b1a671145b","sha1":"95ea5e50034c9e02f5062f7dee90a0fb28e91611","sha256":"49f0444be16308ee23840dd7b1dd1b9986c3e1e9937dd627be28cf2a48e53de5","sha512":"d197fa4919340809dd34446f73199499afec644d7acedcb01a80b1dbbb90f18d0c676af5f4ebd7dcd33f21404007e97db06e6377dcc78aac7ab1e159f5bbdbef","ssdeep":"1536:y+kpltTrQ1UcwvTI9HmLiUjFZcGFjMA5BWUBiYR35P0EDRJpEoLgvjmfo8qfLqhy:y+kpBJsHKZJZc+kUhp5P0SRz0n8qzqhy","tlshash":"3e93af2146036046dfe78ed123da7fb4e32e9101255301f967fe16976eaae96923c3cc","first_seen":"2026-03-30T00:19:06.830862Z","last_seen":"2026-03-30T00:19:06.830862Z","times_seen":1,"resource_available":false,"data":null}},"time_used":96,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":60,"receive":36,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-30T00:18:04.650Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:04 GMT\r\ncontent-type: text/html; charset=utf-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\netag: W/\"2f57-tAAxiTXrCNCQz6949NJcxejlGqk\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":12119,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (371)","md5":"354096259800fd6468fd167d389dab8b","sha1":"8d30079547f3beeaec0bac2f8e77816f351f5dd6","sha256":"7e2ab76a694fddd968541d27844244d6df2d13131f8ab91db88b156d93953ef4","sha512":"32e24de642e665de344abd4eafa541ed13d62a32ad829ef9d1b2bc6f7bfae0d0464c4ed01427fec9430ff1e4d12f05433d066eaf60dca9d3a5a7ff4295368149","ssdeep":"192:ZAwaDGTFx46K0ChiQxBIRws5JLyVZprJepO2ZKqmx0OPSg0g1QECNzieRpB:ZQyTFx470IIRx5UrYZdxY1QxB","tlshash":"7142a44ba5a2b4351313607a6bd7f0083b22a1079944fc947c9e47d81fc539992b7efb","first_seen":"2026-03-30T00:17:55.397278Z","last_seen":"2026-03-30T00:19:06.831698Z","times_seen":2,"resource_available":false,"data":null}},"time_used":141,"timings":{"blocked":58,"dns":1,"connect":22,"send":0,"wait":24,"receive":0,"ssl":32},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1063.com/svg/eSportsLogoSportbook.json","fqdn":"icons.galabet1063.com","domain":"galabet1063.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:07.351Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1063.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:15:23 GMT","end":"Sun, 24 May 2026 11:15:19 GMT"},"fingerprint":{"sha1":"C4:6E:C1:0C:2A:88:F4:C7:0A:FC:21:E6:85:92:C0:68:80:2C:FB:17","sha256":"91:A1:28:71:34:B4:38:04:7E:56:1B:F2:5E:81:57:F5:65:0C:43:12:65:B7:83:86:E2:32:BC:61:62:00:6E:8C"}}},"request":{"raw":"GET /svg/eSportsLogoSportbook.json HTTP/1.1\r\nHost: icons.galabet1063.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://gallabet1066.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 30 Mar 2026 00:18:07 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nlast-modified: Mon, 30 Jun 2025 11:09:07 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: __cf_bm=MaTworU04Nx46vuTEWC6lzC0_j.RwmpeS63bZXszKHc-1774829887.3750303-1.0.1.1-7QeHbMr.P09_IJ42K3x.88vdyaZ1AW8bFDyTyTxxsS_Hb_p8L8ZVDhdDfsEFk3pfPdKqXXFl8dOz2E12JGeLaDgKMVhKXl49Jpiides58VB7FP2pg2g_djd2xYAQ_2Rg; HttpOnly; Secure; Path=/; Domain=galabet1063.com; Expires=Mon, 30 Mar 2026 00:48:07 GMT\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6WNkNuvJDcGaYF0OI3Q0ODZsIdXf20%2F%2BfZjmySh89hX%2ByG6kl4tHa9eLXhOkvElJ1FtQw3NiKDxNrGdkOEEiubErrq3CZpOuFR1xnkqAVAPja1fjJBYL6LZaDfRn2Zx2NZkxWfAcXgM%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\netag: W/\"68627053-43a\"\r\ncontent-encoding: br\r\ncf-ray: 9e42ef6c1b59b509-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1082,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"7947853d1ed29dd8dcd4f9f507e49866","sha1":"cb30cb5a0f55083522666ec3424780ddf247b264","sha256":"676e17bd005b7d157e248a40b8b8d0e1009615e5b426510dd0f5d8a158fedf9b","sha512":"0c46971a79be56e827f5df0f1f3bfa7583bf8a9b273075894c07378b3dd0ecf6800426cc7a9d5833626655d9f0958aa57eaf50ec7bcdd726fd78f3176efd9290","ssdeep":"","tlshash":"7c11d82cd3d8847cec39e3bc51356ca4704a48daedf6d275e25b89b05713758065cde1","first_seen":"2025-07-08T19:55:59.718474Z","last_seen":"2026-06-03T05:40:43.846079Z","times_seen":335,"resource_available":false,"data":null}},"time_used":107,"timings":{"blocked":22,"dns":0,"connect":0,"send":0,"wait":85,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1063.com/svg/player-info.json","fqdn":"icons.galabet1063.com","domain":"galabet1063.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:14.334Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1063.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:15:23 GMT","end":"Sun, 24 May 2026 11:15:19 GMT"},"fingerprint":{"sha1":"C4:6E:C1:0C:2A:88:F4:C7:0A:FC:21:E6:85:92:C0:68:80:2C:FB:17","sha256":"91:A1:28:71:34:B4:38:04:7E:56:1B:F2:5E:81:57:F5:65:0C:43:12:65:B7:83:86:E2:32:BC:61:62:00:6E:8C"}}},"request":{"raw":"GET /svg/player-info.json HTTP/1.1\r\nHost: icons.galabet1063.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://gallabet1066.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 30 Mar 2026 00:18:14 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nlast-modified: Mon, 30 Jun 2025 11:11:30 GMT\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\ncf-cache-status: DYNAMIC\r\nset-cookie: __cf_bm=YOsl2TDSGlC9LzDnYGQYlur2USHbI4YChwZCRb5pelI-1774829894.3127587-1.0.1.1-J6h36OwxbosxcGFlEs_ehhJ1Nkp5k7AGj7ob1ojbcN8uUX.IJAk5rt4M_V1T4PYaQbKl681fqgP3UmBE7_66Lo1kALqMgmlVZvQrczAqwrBQHw2mYeTbl8qC9L2sFSgS; HttpOnly; Secure; Path=/; Domain=galabet1063.com; Expires=Mon, 30 Mar 2026 00:48:14 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=eOy3nnYez%2FtJGYp8ZHVLTcb%2BS24ulWjlAYpFjg1LkEKQtHIE98UdNRrdYULT65hOFnbR%2BC%2BFyaRgB5MHzZqlWU1h1pBeMwdPlQ92TcpTmyWlXipOmQn4LLGpuC6Sy0exrJtF4GDsOjo%3D\"}]}\r\netag: W/\"686270e2-fc\"\r\ncontent-encoding: br\r\ncf-ray: 9e42ef977d915687-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":252,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"00c69a837dbf2437f1615a82b60d316f","sha1":"1b4bd1e192f12ce5981e7d205064a206bb9483fa","sha256":"8e094d84efd592ef377cf45fffc17cf592725e3df6ed2063350c8cfb71815011","sha512":"a066e0d2c2d7be38f57fcdb8f0124105119891282197a1a28fa5f4fff1f9a75398096b323afd25502ca0e603132b3c38e21ff84b18871674f5d4a1dd1f80578f","ssdeep":"","tlshash":"0bd05e29a070382c1eae186c853885f2910509ba06b00b35f54dab8e8b4b2282154c5c","first_seen":"2025-12-04T10:26:29.969581Z","last_seen":"2026-06-08T11:36:24.28411Z","times_seen":199,"resource_available":false,"data":null}},"time_used":41,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":41,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69967ba6a3b/css/message-preview.css","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"172.66.161.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:07.004Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 06 Mar 2026 09:33:33 GMT","end":"Thu, 04 Jun 2026 10:33:27 GMT"},"fingerprint":{"sha1":"F0:6C:DC:32:63:CD:34:E3:15:CD:7F:77:F5:A3:64:E0:9B:36:95:83","sha256":"B6:7F:6E:A3:69:3E:0D:3B:04:3E:8B:65:86:7E:1D:5F:82:84:18:16:8D:AD:72:D5:51:E3:46:BC:BD:CD:BC:38"}}},"request":{"raw":"GET /_s/v4/app/69967ba6a3b/css/message-preview.css HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 30 Mar 2026 00:18:07 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 19 Feb 2026 02:56:34 GMT\r\netag: W/\"39f38fff97bceb6dd38d255228384ab9\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\nage: 402864\r\nvary: accept-encoding\r\ncf-cache-status: HIT\r\npriority: u=2,i=?0\r\nx-content-type-options: nosniff\r\ncf-ray: 9e42ef69c8158be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":54016,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (53968)","md5":"39f38fff97bceb6dd38d255228384ab9","sha1":"4f9d5ac34f834ec7f160fe555097691b45d47d39","sha256":"d9b57cfbaea5a38c3d279ba0a64a2fa0ccb499f94dfac8dc8845ac1c0f22f829","sha512":"cf1a36ed2530d962ee9a8013cfa3585dad4e85857e225c6a5670c92a574769d771b6a0f1ff2ae31c176ca078e7f747b704746996fe7dcbf826d906754e5545ed","ssdeep":"1536:fGUifm7kUdwddCriQiLc0Lg261F2BBCsEZf:J1V","tlshash":"cc3322b2f56710ccb363c22292d1f6bc202ae770d746ce96f427766c4ad12a63551fac","first_seen":"2026-01-16T00:46:03.995467Z","last_seen":"2026-06-08T19:38:41.230187Z","times_seen":28517,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/BetConstruct-Icons.KekjT-tC.woff2?k29rft","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:07.849Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/BetConstruct-Icons.KekjT-tC.woff2?k29rft HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/assets/index.B9_sFxRT.css\r\nCookie: TawkConnectionTime=0; twk_idm_key=ZQHueEbqZ3R9x6w8tRgBs; _immortal|user-hash=DVs5bYCF51giBh_cOuyxYwrFEb81PBccp4Zw; twk_uuid_69c8f7f605c7ed1c37642349=%7B%22uuid%22%3A%221.2BjK8Ol25LtQkXXig15I0Wvly6XFVDoHBUEfDnvBIUee5tycgidNhqcYRuhV2YF4Cuq1zRMrBzLqU16vj08zQSr1DaFjZYzAGl3qpbhtWD1AznFdYpmJDRfDBVK%22%2C%22version%22%3A3%2C%22domain%22%3A%22gallabet1066.com%22%2C%22ts%22%3A1774829886886%7D\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:07 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 419568\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"666f0-fdQ8zBVrPhmcJkw0mI4o0HyG8iQ\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":419568,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 419568, version 1.0","md5":"2205f7618d9b5945c33c7fdb4ddf2d69","sha1":"7dd43ccc156b3e199c264c34988e28d07c86f224","sha256":"e59aecf6eaecef81a9ad60b647565a30baf6721b53ad716fcdebc23c7164e74b","sha512":"c2207be24f5b3d6fd1c41d3a5522ad3200249d02ab216849497d3dd6966b6b73629ce6155226df02273a13ff52411228e2a35c4876bf9eb2eab52cd9b8e47871","ssdeep":"12288:vZDZOtSROANJqc0AHJNHFh7Xo6RYBQeivQuS18v:vqtSkKqc0AHTHFh7Y6RHRPv","tlshash":"51942356d25a72e58f4af1beb66ec01524b7d513b9ccc1784c790185c828ca4afef82f","first_seen":"2026-03-28T16:05:39.403038Z","last_seen":"2026-05-26T00:51:05.494076Z","times_seen":21,"resource_available":false,"data":null}},"time_used":67,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":47,"receive":20,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1063.com/storage/medias/galabet10/content_751_ce21d61aecbdde7a2793374d23ba2279.webp","fqdn":"icons.galabet1063.com","domain":"galabet1063.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.264Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1063.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:15:23 GMT","end":"Sun, 24 May 2026 11:15:19 GMT"},"fingerprint":{"sha1":"C4:6E:C1:0C:2A:88:F4:C7:0A:FC:21:E6:85:92:C0:68:80:2C:FB:17","sha256":"91:A1:28:71:34:B4:38:04:7E:56:1B:F2:5E:81:57:F5:65:0C:43:12:65:B7:83:86:E2:32:BC:61:62:00:6E:8C"}}},"request":{"raw":"GET /storage/medias/galabet10/content_751_ce21d61aecbdde7a2793374d23ba2279.webp HTTP/1.1\r\nHost: icons.galabet1063.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: image/webp\r\ncontent-length: 39580\r\nserver: cloudflare\r\nlast-modified: Sat, 21 Mar 2026 08:27:49 GMT\r\npriority: u=4,i=?0\r\netag: \"69be5685-9a9c\"\r\nexpires: Mon, 06 Apr 2026 00:16:46 GMT\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\naccept-ranges: bytes\r\nage: 82\r\ncf-cache-status: HIT\r\nset-cookie: __cf_bm=LGAMvapQ1_fLS8b4u2oTJR7cEWJwO.wBAx6jRCzU2zo-1774829888.264355-1.0.1.1-0ZtVXM4SQoBt4wI666rFjqNItXvl_JQkiEpLeBkCb3Y58vQ1VYflEvHOIpX862gXxh75A.LcvHO4iOuhyHNV1itAdM1BYG4u4Bk.NYog5aBQ5.m2F70s1eSURFG3E.Yp; HttpOnly; Secure; Path=/; Domain=galabet1063.com; Expires=Mon, 30 Mar 2026 00:48:08 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=b%2FgxDQhzTvNjn5RtVIVg%2FNhXG5PF8ccLf%2FkvsSuvU%2FFsZCRdEeSo1tQmpvEreZ7byTbrs7nLS%2B56drZHBsemrVpqcWtrvC3FxZrZHRb43IJJSrkq2uLnX4ga0lnMsPgRjACVEjEbJOk%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e42ef71a8355687-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":39580,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1600x160, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"07e6802410c00e36a91fd6c2c6098a54","sha1":"a05d8f1775b62763fa1fe66087ef33e1502e7ecd","sha256":"9359cf01f04e5beb9f3da92598952e0c9ea789c4a8c6eb2672f204612f9a6f00","sha512":"6f7247bb2a4f43195818690e972e562fae483bbe34ab1f29dd9c095f9edf158e147682a9c65f8713039e20f1fc5f0294c9eefd4ed9a148246c2eca239b770d72","ssdeep":"768:XANciDPtKdffShNyjiSisPI2+zeTA83AmbcLKsp:SVMdnu2ig5lk83AarU","tlshash":"cf0302d5d08dd8aa2f1e333395d8f8c25be6c4528394558a6fee28071537416efc9437","first_seen":"2026-03-21T23:21:16.87342Z","last_seen":"2026-03-30T02:15:03.266276Z","times_seen":11,"resource_available":false,"data":null}},"time_used":18,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":7,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"explorer-api.walletconnect.com/w3m/v1/getWalletImage/77c1d3dd-0213-400a-f9cc-bfd524c47f00?projectId=45f4062f4f6427f9e6eab952d2452b3c\u0026sdkType=w3m\u0026sdkVersion=js-2.7.1","fqdn":"explorer-api.walletconnect.com","domain":"walletconnect.com","tld":"com"},"ip":{"addr":"104.20.35.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.762Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"walletconnect.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 05 Feb 2026 12:00:46 GMT","end":"Wed, 06 May 2026 13:00:31 GMT"},"fingerprint":{"sha1":"0B:75:F6:C4:1F:5C:D6:FA:A0:CD:3E:89:69:B2:43:70:98:34:EB:71","sha256":"A7:6F:DB:DB:DF:40:40:BC:E0:FA:21:6A:0A:3B:17:05:37:B7:17:6E:6E:BC:B2:89:3D:F4:E2:7C:EB:48:E6:5E"}}},"request":{"raw":"GET /w3m/v1/getWalletImage/77c1d3dd-0213-400a-f9cc-bfd524c47f00?projectId=45f4062f4f6427f9e6eab952d2452b3c\u0026sdkType=w3m\u0026sdkVersion=js-2.7.1 HTTP/1.1\r\nHost: explorer-api.walletconnect.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://gallabet1066.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 30 Mar 2026 00:18:08 GMT\r\ncontent-type: image/webp\r\ncontent-length: 1404\r\ncf-ray: 9e42ef74bb855ebd-OSL\r\ncf-cache-status: HIT\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 81\r\ncache-control: public, max-age=31536000, s-maxage=86400\r\netag: \"cfvWH7-l2WGZEJvxD_-cbyo5fufmDcyauXnchu_YTSDQ\"\r\nserver: cloudflare\r\nvary: Accept\r\nx-wc-r2-status: HIT\r\ncf-images: internal=ok/- q=0 n=722+3 c=0+3 v=2024.10.6 l=1404 f=false\r\ncontent-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'\r\nx-content-type-options: nosniff\r\nx-robots-tag: noindex\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1404,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 120x120, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"434c7550a1a937d1e7e8bb8416691d9b","sha1":"d837654b42d1474560a5698cfac3514209cde2c2","sha256":"5f0f065528ec2543e34a03df1cd588b4c4ce7764d1ff62e67cec0677f638c549","sha512":"eefe6cf29ea82af55070456f2bf2cf1ab3c3328938ea092695f0a25370e6cef7ed1da43633a4548b22b46d7d7a87253ef01b2c01847ea84725cd4acc7be813fb","ssdeep":"","tlshash":"9f21e6a32c3914ddefa65f1485a00d8dff03c1a5983ee3d896e83548e5788da6ca00c2","first_seen":"2024-12-05T15:42:26.602777Z","last_seen":"2026-06-08T13:06:58.369135Z","times_seen":2569,"resource_available":false,"data":null}},"time_used":34,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"icons.galabet1063.com/storage/medias/galabet10/content_751_aff4011d6c5525eac140c93daa9b705e.webp","fqdn":"icons.galabet1063.com","domain":"galabet1063.com","tld":"com"},"ip":{"addr":"185.162.229.2","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Armenia","country_code":"AM"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:08.980Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1063.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:15:23 GMT","end":"Sun, 24 May 2026 11:15:19 GMT"},"fingerprint":{"sha1":"C4:6E:C1:0C:2A:88:F4:C7:0A:FC:21:E6:85:92:C0:68:80:2C:FB:17","sha256":"91:A1:28:71:34:B4:38:04:7E:56:1B:F2:5E:81:57:F5:65:0C:43:12:65:B7:83:86:E2:32:BC:61:62:00:6E:8C"}}},"request":{"raw":"GET /storage/medias/galabet10/content_751_aff4011d6c5525eac140c93daa9b705e.webp HTTP/1.1\r\nHost: icons.galabet1063.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 30 Mar 2026 00:18:09 GMT\r\ncontent-type: image/webp\r\ncontent-length: 19502\r\nserver: cloudflare\r\nlast-modified: Tue, 01 Oct 2024 12:45:45 GMT\r\npriority: u=4,i=?0\r\netag: \"66fbeef9-4c2e\"\r\nexpires: Mon, 06 Apr 2026 00:16:47 GMT\r\ncache-control: public, max-age=604800, immutable\r\npragma: cache\r\naccept-ranges: bytes\r\nage: 81\r\ncf-cache-status: HIT\r\nset-cookie: __cf_bm=bL9LVk3HryEmr44Dm7KfkEY2PFr7UtGnG1XXy0QC2Tg-1774829889.0875278-1.0.1.1-wgpzPiHYsTquSjX3X.V3OGTpnHC8AwlSh7uV4Yu7P1MrbL8c6..PCbONXxHj2NbohraQ7CilXb1qTP1k9XFM033RcmM21J.VazR8wv4OWb_WCKObeDJva8dMpVmPtpYm; HttpOnly; Secure; Path=/; Domain=galabet1063.com; Expires=Mon, 30 Mar 2026 00:48:09 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=h%2Fvj%2BJQIno46DWHgnUmE7cwIO5Ptq4ErQYVmTum5YpuAJdtufIn46L2sQpaszc8ZdH8pdCgri7%2Fo7z0R1L83pWSoLQY1dXu6DraxeYkIg9Zpk3q0icEYgLq4UkHjNHo1wtvPfHglwMw%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e42ef76ca455687-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":19502,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"fb8a2fce829b77a41898f77b8044a7d7","sha1":"ec930f3ad570b2b82de7435f403294373b9e08c8","sha256":"eff975d202b8198412f6fc60d2a9d0debe36d1ea2a413caba2b3ff0fa2146327","sha512":"b4021d2ee5657abe95d0115e5695c124cd500d20ab1d331c64ac4a416de874bf3cf83e9d79c50d133c843df31a1c2dd39a2188256f920ec027bde67a051a05ca","ssdeep":"384:jTMW+QrwvaBEDdPExxNOAZA2MSjnzJAkp+4avBq59InjItQua/ctq:sW+QrwvaBYPE3WNszJt8TBznfB0tq","tlshash":"d492d0f2949f7a4a5b93ef328c38c2011faf335d0b64448461c1f69544b495a4e6f9eb","first_seen":"2025-12-24T22:39:16.161133Z","last_seen":"2026-06-06T23:43:56.133354Z","times_seen":54,"resource_available":false,"data":null}},"time_used":158,"timings":{"blocked":104,"dns":0,"connect":0,"send":0,"wait":53,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.livechatinc.com/v3.6/customer/action/get_dynamic_configuration?x-region=us-south1\u0026license_id=19330347\u0026client_id=c5e4f61e1a6c3b1521b541bc5c5a2ac5\u0026url=https%3A%2F%2Fgallabet1066.com%2Ftr%2F\u0026group_id=0\u0026channel_type=code\u0026jsonp=__a91tp2l43a","fqdn":"api.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"2.22.225.83","port":443,"asn":20940,"as":"Akamai International B.V.","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:09.444Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"livechat.com","organization":"LIVECHAT, INC."},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 11 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"66:A3:6F:A0:92:9E:A2:01:91:16:68:AA:27:A9:41:28:FC:25:27:68","sha256":"03:FC:5A:F6:F7:06:15:5B:0F:31:DB:6C:4E:D7:E4:1B:69:80:1F:C3:5A:E3:85:5A:FF:8D:22:81:92:ED:25:2F"}}},"request":{"raw":"GET /v3.6/customer/action/get_dynamic_configuration?x-region=us-south1\u0026license_id=19330347\u0026client_id=c5e4f61e1a6c3b1521b541bc5c5a2ac5\u0026url=https%3A%2F%2Fgallabet1066.com%2Ftr%2F\u0026group_id=0\u0026channel_type=code\u0026jsonp=__a91tp2l43a HTTP/1.1\r\nHost: api.livechatinc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gallabet1066.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-security-policy: frame-ancestors https://gallabet1066.com/;\r\ncontent-type: application/javascript; charset=UTF-8\r\ncross-origin-resource-policy: cross-origin\r\nvary: Accept-Encoding\r\nx-frame-options: allow-from https://gallabet1066.com/\r\ncontent-length: 390\r\ndate: Mon, 30 Mar 2026 00:18:09 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":390,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (390), with no line terminators","md5":"e48e8c20b26fc6d2c37cb114d795e23a","sha1":"3d13f71d9d8f6addf4c0c0e1c34593d73f1e25b8","sha256":"3f55eaef950218f72fff0d17c33b055f4e4442cc1f77f0a70954b2987ce318a5","sha512":"b6db654f7d9995dd36ec63235c6a103874999550a88aaae8cfe2c40a50daec933e4e0cf118fba4314a5d9f1c2a14177634c801fbbd100c176bec91d76fe893a0","ssdeep":"","tlshash":"ebe0f16361142674d6c8e3bd8400674278700a97410495bcb56e0240131b7ceb314507","first_seen":"2026-03-30T00:19:06.834829Z","last_seen":"2026-03-30T00:19:06.834829Z","times_seen":1,"resource_available":true,"data":null}},"time_used":397,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":397,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/index-BW_ti3FS.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:06.824Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/index-BW_ti3FS.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gallabet1066.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:06 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"466b-S8d6sjkGo0aWBM+MuGyP8oVlgY0\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":18027,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (17806)","md5":"2dd75fcad69ad5f5c2f546ad21dbd00a","sha1":"4bc77ab23906a3469604cf8cb86c8ff28565818d","sha256":"51469018a1994e685c695564b1b189995059786ac932f9d3babf2fb06cc400df","sha512":"45c33a2ff69129346d028e14bc3e2bfdb757445cf03e60e3048501a6b007a4ee55aab58bb82c45bff5c5c17271afab127e4134abf856dfa8cbfda861f98a7298","ssdeep":"384:hkMci40qXFFnJImIjE3QEuAOY2E0/JqNPR3OUFxmZ1d33PdEkBcxJG:hkMci408FFnJrIjE3D/OY2E0xqpc1NK4","tlshash":"55820ad0e2b4f7a602e85adc80392074f2248c28343dd0f1b6b6edea74664cac56dd37","first_seen":"2026-03-28T16:05:39.578625Z","last_seen":"2026-03-30T02:15:03.22647Z","times_seen":8,"resource_available":true,"data":null}},"time_used":47,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":47,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gallabet1066.com/assets/AppSettingsButton-CfXkhn6v.js","fqdn":"gallabet1066.com","domain":"gallabet1066.com","tld":"com"},"ip":{"addr":"185.192.125.135","port":443,"asn":200514,"as":"KnownSRV Ltd.","country":"Croatia","country_code":"HR"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gallabet1066.com/","date":"2026-03-30T00:18:07.487Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gallabet1066.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 09:52:47 GMT","end":"Sat, 27 Jun 2026 09:52:46 GMT"},"fingerprint":{"sha1":"D6:8C:D7:F0:81:DE:BF:B1:12:05:DA:D9:09:D5:02:A7:7D:2C:2D:65","sha256":"73:1F:27:98:51:CA:3E:4A:0E:25:2D:00:F3:68:B0:A0:8C:6B:47:82:0C:11:AE:37:0D:05:44:0D:97:53:4E:C1"}}},"request":{"raw":"GET /assets/AppSettingsButton-CfXkhn6v.js HTTP/1.1\r\nHost: gallabet1066.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gallabet1066.com/tr/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0 (Ubuntu)\r\ndate: Mon, 30 Mar 2026 00:18:07 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\nx-cache: HIT\r\ncache-control: public, max-age=3600\r\netag: W/\"181-5+a+rG2X9tdjIGO0m8cCOFCdsEw\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":385,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (384)","md5":"653a6c78a5c695035a2fa54b981e56ec","sha1":"e7e6beac6d97f6d7632063b49bc70238509db04c","sha256":"236c29c32028da8a9e87ecd43072b572d2ea5aeafa32f4e008589050bc36234e","sha512":"5bffa0e360b9609096c590a377a40479341d6eb039c8910fb5ac184474300aa5611cda1722fcfe3907d47acb3298301fee34846d60710184601296f0d23e7034","ssdeep":"","tlshash":"4ae068cb5092d2fa07911ad2c10b820639566c78c345951180b865b13bb8586828e77b","first_seen":"2026-03-28T16:05:39.457303Z","last_seen":"2026-03-30T02:15:03.318917Z","times_seen":8,"resource_available":true,"data":null}},"time_used":29,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":29,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"gallabet1066.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"gallabet1066.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}}]}