{"report_id":"610f10d8-d1b8-4acd-be69-34a5bc75ff5b","version":6,"status":"done","tags":[],"date":"2026-05-08T14:12:43Z","url":{"schema":"http","addr":"m.galabet-resmigirisadresim.vip","fqdn":"m.galabet-resmigirisadresim.vip","domain":"galabet-resmigirisadresim.vip","tld":"vip"},"ip":{"addr":"172.67.183.85","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"m.galabet-resmigirisadresim.vip/","fqdn":"m.galabet-resmigirisadresim.vip","domain":"galabet-resmigirisadresim.vip","tld":"vip"},"title":"Galabet Giriş Güncel - Galabet Güncel Giriş Adresi 2026","dom":{"size":12959,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"e36f36ff68284e7b770a6787260c9dce","sha1":"749f00b9b63679f7ad42002a14bb7b304693771d","sha256":"8b7d301d328b91eda699b364700749b6104ba0d33dbe3d38416c11b8a113de4a","sha512":"4b87a3d8370f66b965832e08e13dc5269bad49b7693e8d6b7e21cb295623b3d601c316b81feb7b291c5732e5b545f58979762fe6eaf980be2b3dfd243745266c","ssdeep":"192:7jkIG3bUdMUee0H5ZcyhtwkmU3GSOkTm/p1dJ/B5ZaFaaBSHbaWLxa2nadmDitrs:8IcrIXB+4","tlshash":"9842756a2be3150f1343e19075966b2e6f244223ee17587cb5ae8c4d8fcdda9c6d320d","dom_hash":"domhash88d3f8a019be83ecd35df36b614f96f6","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"m.galabet-resmigirisadresim.vip","fqdn":"m.galabet-resmigirisadresim.vip","domain":"galabet-resmigirisadresim.vip","tld":"vip"},"ip":{"addr":"172.67.183.85","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-06-12T14:12:43Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"m.galabet-resmigirisadresim.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-08","alert":"Phishing Block","trigger":"m.galabet-resmigirisadresim.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"m.galabet-resmigirisadresim.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"m.galabet-resmigirisadresim.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null},"summary":[{"fqdn":"m.galabet-resmigirisadresim.vip","ip":{"addr":"104.21.18.203","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-05-08T14:12:43.932838Z","last_seen":"2026-05-08T14:12:43.932838Z","alert_count":8,"request_count":2,"received_data":50871,"sent_data":969,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"PHP:8.4.20","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"m.galabet-resmigirisadresim.vip/","fqdn":"m.galabet-resmigirisadresim.vip","domain":"galabet-resmigirisadresim.vip","tld":"vip"},"ip":{"addr":"104.21.18.203","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-08T14:12:18.967Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet-resmigirisadresim.vip","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 22:01:38 GMT","end":"Fri, 03 Jul 2026 22:01:37 GMT"},"fingerprint":{"sha1":"DC:C4:98:7C:79:17:75:C4:27:7F:3E:56:0C:85:53:88:BC:07:60:C5","sha256":"04:95:55:AB:87:7D:9E:B6:36:CB:CE:67:0F:59:E1:53:45:DC:DB:17:63:4E:F1:B3:FA:F3:06:7F:73:A3:29:CA"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: m.galabet-resmigirisadresim.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 08 May 2026 14:12:19 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nx-powered-by: PHP/8.4.20, PleskLin\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=OxSIKPkCXIgCqdoWDmGaVAo%2BakN%2F6o5ROuz4wChIgrZOXPuMCSQVS6Ha9B2BBnaFqIEHn8x4od1oW8THtmyibI8U7phZBFE06uy%2Fx17u6Yy2BCuH0AKUEc7H9wftAisrRc2PUGf249SySLL8EZ7CkW5G\"}]}\r\ncf-cache-status: DYNAMIC\r\nvary: accept-encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9f890f02d8f37127-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"PHP:8.4.20","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":13005,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"ab02bea68c0d226f2b853800672d1d28","sha1":"dfcd68afc58d91d400e31f80c32518be7e888b6d","sha256":"1bc6a1b3594ddba7c3cf8af51b249ec669bc17e9d8de850708fe4aaf06412d6b","sha512":"4e76fa29e8bae14a4bccf7ddb4635d37c7e3ed6d389898316fea27f920983d826fd1da1649f5b7d31916391d2df588bf514a44f6401cbc35a65c4efb8ab056b5","ssdeep":"192:3jkIG3bUdMUee0H5ZcyhtwkmU3GSOkTm/p1dJ/B5ZaFaaBSHbaWLxa2nadmDitrL:QIcrIXBFW","tlshash":"7642656a2be3150f1343e19075966b2e6f244223ee17587cb5ae8c4d8fccda9c6d320d","first_seen":"2026-05-08T14:12:47.76578Z","last_seen":"2026-05-08T15:42:22.678685Z","times_seen":3,"resource_available":true,"data":null}},"time_used":215,"timings":{"blocked":51,"dns":29,"connect":1,"send":0,"wait":113,"receive":0,"ssl":17},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"m.galabet-resmigirisadresim.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-08","alert":"Phishing Block","trigger":"m.galabet-resmigirisadresim.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"m.galabet-resmigirisadresim.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"m.galabet-resmigirisadresim.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.galabet-resmigirisadresim.vip/favicon.ico","fqdn":"m.galabet-resmigirisadresim.vip","domain":"galabet-resmigirisadresim.vip","tld":"vip"},"ip":{"addr":"104.21.18.203","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.galabet-resmigirisadresim.vip/","date":"2026-05-08T14:12:19.299Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet-resmigirisadresim.vip","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 22:01:38 GMT","end":"Fri, 03 Jul 2026 22:01:37 GMT"},"fingerprint":{"sha1":"DC:C4:98:7C:79:17:75:C4:27:7F:3E:56:0C:85:53:88:BC:07:60:C5","sha256":"04:95:55:AB:87:7D:9E:B6:36:CB:CE:67:0F:59:E1:53:45:DC:DB:17:63:4E:F1:B3:FA:F3:06:7F:73:A3:29:CA"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: m.galabet-resmigirisadresim.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.galabet-resmigirisadresim.vip/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 08 May 2026 14:12:19 GMT\r\ncontent-type: image/vnd.microsoft.icon\r\npriority: u=6,i=?0\r\nlast-modified: Sat, 04 Apr 2026 22:56:09 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-powered-by: PleskLin\r\ncontent-encoding: br\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\netag: W/\"69d19709-8e86\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=oZihDr3XwvTSMlyrqNAVCDECg%2B60cppbTkXr4QVQYOGucBIGYAgwYvTANoy7l6tx%2F3OfGYGw5MIs0Uu8qZhf9WcEMkF7F8UFES0EG%2B596VkTzH4c1PAhQUOEfUVYP%2FbApSdrnS1GHQa23rBtH2%2B%2F%2B9gP\"}]}\r\ncf-ray: 9f890f04ac560daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":36486,"size_decoded":0,"mime_type":"image/vnd.microsoft.icon","magic":"MS Windows icon resource - 6 icons, 16x16 with PNG image data, 16 x 16, 8-bit/color RGB, non-interlaced, 32 bits/pixel, 32x32 with \n- PNG image data, 32 x 32, 8-bit/color RGB, non-interlaced, 32 bits/pixel","md5":"6d13bead749c4e8cf1e4960ad5f8e9b6","sha1":"93f914987b5b47389616876cafe8bf08c7a09ab3","sha256":"311fa2aeff2a99bdfdfd4bd97bb19e7723a9ddaf14c6ed9e862739558bf968db","sha512":"f45e4ac8d4359ba90c6a65a4e8a94ff3c0f70390dd6037c9d01646faa484a9b5e94e5f0ed2f0994cad0552a01465dbf987fb7134fe31d52efdd1bda9c2abedc8","ssdeep":"768:3ybtAizQSItGUA2FfGEf45dF30KZQBVwD6/k1dJwEea+gi:GtAoYt9AofGnzFuwDV1dJyL","tlshash":"aef2f17aa6fd2f32ef1926623479ba70f3f3d1c106a781efa0194557c330ac192d9186","first_seen":"2026-05-08T14:12:47.768895Z","last_seen":"2026-05-08T15:42:22.680712Z","times_seen":3,"resource_available":false,"data":null}},"time_used":128,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":118,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"m.galabet-resmigirisadresim.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"m.galabet-resmigirisadresim.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-08","alert":"Phishing Block","trigger":"m.galabet-resmigirisadresim.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"m.galabet-resmigirisadresim.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}}]}